Installation¶
This chapter explains how to install dependencies, configure optional API keys, and run CVE Intelligence Panel in development or production. A successful install ends with the web UI on port 5173 (dev) or 3001 (production static).
Prerequisites¶
You need Node.js 18+ and npm. For building the documentation site separately, Python 3.10+ is required in extended-docs/. The application itself does not require a database; state is held in the browser and in-memory server caches.
- Git clone of the repository
- Outbound HTTPS to NVD, OSV, GitHub, CISA, and RSS hosts
- Optional:
NVD_API_KEY,GITHUB_TOKENfor higher rate limits
Quick start (development)¶
From the repository root:
make setup # npm install + .env from .env.example
make dev # Vite :5173 + Express :3001
Open http://localhost:5173. Vite proxies /api to the API server.
First launch (v1.1.0+)¶
New installations see a legal disclaimer, then the setup wizard (stack, alerts/watch settings, data sources). When you finish, the app opens the dashboard. You may optionally run an initial full scan from the last wizard step.
Existing users who already have a stack in localStorage are migrated automatically (setupComplete is set without re-running the wizard). Cached scan results load from the previous session when the stack matches.
Production¶
make build
make start # NODE_ENV=production — serves dist/ + API on PORT (default 3001)
Set PORT in .env if 3001 is occupied. Place the app behind HTTPS reverse proxy in real deployments; do not expose translation or scan endpoints to the public internet without authentication.
Documentation site¶
Extended documentation (this site):
cd extended-docs && make install && make serve
Legacy shorter docs: make docs-serve from repo root (docs/mkdocs.yml).
Verify health¶
curl -s http://localhost:3001/api/health | jq .
Expect "ok": true and a sources array listing configured feed ids.
Next: User interface