REQ.IO is a simple native desktop HTTP client created with Electron, Vite, and React for testing APIs locally and experimenting with different HTTP requests.
To start REQ.IO locally, clone the repository:
git clone https://github.com/kannananil/req.io.git
cd req.ioInstall dependencies:
yarn install --devOnce the dependencies are installed, you can start REQ.IO by running the following command:
yarn devThis will start the REQ.IO application in a new window.
To build REQ.IO for production, run the following command:
yarn buildThis will create a new directory called dist which contains the built REQ.IO application.
To preview the built version of the application and debug in browser by running the following command:
yarn previewOnce the preview server started press o to open the preview
Note: This only works after the build command
To run the unit tests for the application, run the following command:
yarn test
This project uses Trivy integrated into the Github Actions pipeline to ensure dependency and container security.
- The Github Actions pipeline automatically runs a Trivy vulnerability scan on each commit.
- The scan fails the CI build if High or Critical vulnerabilities are detected.
- Scan results are visible directly in the CI job logs and stored as artifacts (
trivy-report.json). - Trivy Ignore (.trivyignore) support:
- Certain vulnerabilities that are acknowledged but not relevant can be ignored using a .trivyignore file at the project root.
- Example: add the CVE IDs you want to ignore, one per line:
- CVE-2023-1234
- CVE-2023-5678
You can also run Trivy locally before committing:
# Install Trivy
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sudo sh
# Run a local filesystem scan
trivy fs --severity HIGH,CRITICAL .Please see our Contribution Guide on how you can get started. Thank you for your valuable time and interest to contribute to this project.