forked from juice-shop/juice-shop
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'juice-shop:master' into master
- Loading branch information
Showing
1,089 changed files
with
82,952 additions
and
12,999 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,26 +1,28 @@ | ||
engines: | ||
eslint: | ||
enabled: true | ||
csslint: | ||
enabled: true | ||
version: "2" | ||
plugins: | ||
fixme: | ||
enabled: true | ||
ratings: | ||
paths: | ||
- '**.ts' | ||
- '**.js' | ||
- '**.css' | ||
- '**.scss' | ||
duplication: | ||
enabled: true | ||
checks: | ||
file-lines: | ||
config: | ||
threshold: 300 | ||
method-lines: | ||
config: | ||
threshold: 30 | ||
method-complexity: | ||
config: | ||
threshold: 7 | ||
similar-code: | ||
enabled: false | ||
identical-code: | ||
enabled: false | ||
exclude_paths: | ||
- 'data/datacreator.js' | ||
- 'frontend/src/assets/private/**/*' | ||
- 'Gruntfile.js' | ||
exclude_patterns: | ||
- '**/*conf.js' | ||
- 'Gruntfile.js' | ||
- 'data/datacreator.ts' | ||
- 'frontend/src/hacking-instructor/**/*.ts' | ||
- 'frontend/src/assets/private/*.js' | ||
- 'lib/logger.ts' | ||
- 'data/static/codefixes/**' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
version: 1 | ||
update_configs: | ||
- package_manager: "javascript" | ||
directory: "/" | ||
update_schedule: "live" | ||
target_branch: "develop" | ||
default_reviewers: | ||
- "bkimminich" | ||
default_labels: | ||
- "dependencies" | ||
ignored_updates: | ||
- match: | ||
dependency_name: "express-jwt" | ||
version_requirement: "0.1.3" | ||
- match: | ||
dependency_name: "sanitize-html" | ||
version_requirement: "1.4.2" | ||
- match: | ||
dependency_name: "unzipper" | ||
version_requirement: "0.9.15" | ||
- match: | ||
dependency_name: "jsonwebtoken" | ||
version_requirement: "0.4.0" | ||
- package_manager: "javascript" | ||
directory: "/frontend" | ||
update_schedule: "live" | ||
target_branch: "develop" | ||
default_reviewers: | ||
- "bkimminich" | ||
default_labels: | ||
- "dependencies" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
{ | ||
"extensions": [ | ||
"eg2.vscode-npm-script", | ||
"angular.ng-template", | ||
"dbaeumer.vscode-eslint", | ||
"stylelint.vscode-stylelint" | ||
], | ||
"settings": { | ||
"eslint.workingDirectories": [ | ||
{ "mode": "auto" } | ||
] | ||
}, | ||
"postCreateCommand": "export NG_CLI_ANALYTICS=ci && npm i -g @angular/cli && npm install" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,9 +1,15 @@ | ||
.git/ | ||
monitoring/ | ||
node_modules/ | ||
screenshots/ | ||
test/ | ||
build/ | ||
build/reports/ | ||
dist/ | ||
vagrant/ | ||
logs/ | ||
Dockerfile | ||
.npmrc | ||
|
||
# Pattern is *not covered* by node_modules/ above no matter what IntelliJ says! | ||
frontend/node_modules/ | ||
Dockerfile | ||
frontend/dist/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
/* | ||
* Copyright (c) 2014-2022 Bjoern Kimminich & the OWASP Juice Shop contributors. | ||
* SPDX-License-Identifier: MIT | ||
*/ | ||
|
||
module.exports = { | ||
extends: 'standard-with-typescript', | ||
env: { | ||
browser: true, | ||
node: true, | ||
jasmine: true, | ||
mocha: true, | ||
jest: true | ||
}, | ||
globals: { | ||
Atomics: 'readonly', | ||
SharedArrayBuffer: 'readonly' | ||
}, | ||
parserOptions: { | ||
ecmaVersion: 2018, | ||
project: './tsconfig.json' | ||
}, | ||
ignorePatterns: [ | ||
'app/private/**', | ||
'vagrant/**', | ||
'frontend/**', | ||
'data/static/codefixes/**', | ||
'dist/**' | ||
], | ||
overrides: [ | ||
{ | ||
files: ['**/*.ts'], | ||
parser: '@typescript-eslint/parser', | ||
rules: { | ||
'no-void': 'off', // conflicting with recommendation from @typescript-eslint/no-floating-promises | ||
// FIXME warnings below this line need to be checked and fixed. Line end comments below are number of findings per rule on 02.05.2022 | ||
'@typescript-eslint/no-misused-promises': 'off', // 1 | ||
'@typescript-eslint/explicit-function-return-type': 'off', // 197 | ||
'@typescript-eslint/restrict-plus-operands': 'off', // 250 | ||
'@typescript-eslint/strict-boolean-expressions': 'off', // 337 | ||
'@typescript-eslint/restrict-template-expressions': 'off', // 395 | ||
'@typescript-eslint/no-var-requires': 'off' // 509 | ||
} | ||
} | ||
] | ||
} |
Validating CODEOWNERS rules …
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
/vagrant/ @wurstbrot |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
custom: https://sponsor.owasp-juice.shop | ||
github: OWASP |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,63 @@ | ||
--- | ||
name: "\U0001F41BBug report" | ||
about: Report a bug in OWASP Juice Shop | ||
title: '[🐛] ' | ||
labels: bug | ||
assignees: '' | ||
|
||
--- | ||
|
||
<!--🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅 | ||
To expedite issue processing please search open and closed issues before submitting a new one. | ||
Existing issues often contain information about workarounds, resolution, or progress updates. | ||
Please also make sure to check the official [Troubleshooting guide](https://pwning.owasp-juice.shop/appendix/troubleshooting.html) before opening a bug report. | ||
🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅--> | ||
|
||
# :bug: Bug report | ||
|
||
## Description | ||
|
||
<!-- ✍️--> | ||
A clear and concise description of the problem... | ||
|
||
|
||
### Is this a regression? | ||
|
||
<!-- Did this behavior use to work in the previous version? --> | ||
<!-- ✍️--> | ||
Yes, the previous version in which this bug was not present was: `x.y.z` | ||
|
||
|
||
## :microscope: Minimal Reproduction | ||
|
||
<!-- ✍️Simple steps to reproduce this bug. | ||
Issues that don't have enough info and can't be reproduced will be labeled with "missing information" and closed shortly afterwards. | ||
--> | ||
|
||
|
||
## :fire: Exception or Error | ||
|
||
<pre><code> | ||
<!-- If the issue is accompanied by an exception or an error, please share your log below: --> | ||
<!-- ✍️--> | ||
|
||
</code></pre> | ||
|
||
|
||
## :deciduous_tree: Your Environment | ||
|
||
<pre><code> | ||
<!-- run `node -v && npm -v` and paste output below --> | ||
<!-- ✍️--> | ||
|
||
</code></pre> | ||
|
||
|
||
### Additional Information | ||
|
||
<!-- ✍️Is this a browser specific issue? If so, please specify the browser and version. --> | ||
<!-- ✍️Do any of these matter: operating system, Docker environment, cloud environment, ...? If so, please mention it below. --> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
--- | ||
name: "⭐Challenge idea" | ||
about: Idea for a new hacking challenge in OWASP Juice Shop | ||
title: '[⭐] ' | ||
labels: challenge | ||
assignees: '' | ||
|
||
--- | ||
|
||
<!--🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅 | ||
To expedite issue processing please search open and closed issues before submitting a new one. | ||
Existing issues often contain information about workarounds, resolution, or progress updates. | ||
🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅--> | ||
|
||
# :star: Challenge idea | ||
|
||
### Description | ||
|
||
<!-- ✍️--> A clear and concise description of the new hacking challenge and why the Juice Shop needs it... | ||
|
||
### Underlying vulnerability/ies | ||
|
||
<!-- ✍️--> Security vulnerabilities or design flaws this challenge will be based on. Optimally include CWE, OWASP or similar references. | ||
|
||
### Expected difficulty | ||
|
||
<!-- Do you already have an idea about the expected difficulty of the challenge? --> | ||
<!-- ✍️ --> | ||
|
||
| :heavy_check_mark: / :x: | Difficulty | | ||
|:------------------------:|:-------------------------------------| | ||
| :grey_question: | :star: | | ||
| :grey_question: | :star::star: | | ||
| :grey_question: | :star::star::star: | | ||
| :grey_question: | :star::star::star::star: | | ||
| :grey_question: | :star::star::star::star::star: | | ||
| :grey_question: | :star::star::star::star::star::star: | | ||
|
||
### Possible attack flow | ||
|
||
<!-- ✍️--> Have you considered how the challenge could be exploited by the attacker? |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
contact_links: | ||
- name: ❓Support request | ||
url: https://gitter.im/bkimminich/juice-shop | ||
about: Questions and requests for support |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
--- | ||
name: "\U0001F680Feature request" | ||
about: Suggest a feature for OWASP Juice Shop | ||
title: '[🚀] ' | ||
labels: feature | ||
assignees: '' | ||
|
||
--- | ||
|
||
<!--🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅 | ||
To expedite issue processing please search open and closed issues before submitting a new one. | ||
Existing issues often contain information about workarounds, resolution, or progress updates. | ||
🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅--> | ||
|
||
# :rocket: Feature request | ||
|
||
### Description | ||
|
||
<!-- ✍️--> A clear and concise description of the problem or missing capability... | ||
|
||
|
||
### Solution ideas | ||
|
||
<!-- ✍️--> If you have a solution in mind, please describe it. | ||
|
||
|
||
### Possible alternatives | ||
|
||
<!-- ✍️--> Have you considered any alternative solutions or workarounds? |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
<!--🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅 | ||
You can expedite processing of your PR by using this template to provide context | ||
and additional information. Before actually opening a PR please make sure that it | ||
does NOT fall into any of the following categories | ||
🚫 Spam PRs (accidental or intentional) - see https://pwning.owasp-juice.shop/part3/contribution.html#handling-of-spam-prs for more information | ||
🚫 Lazy typo fixing PRs - if you fix a typo in a file, your PR will only be merged | ||
if all other typos in the same file are also fixed with the same PR | ||
🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅🔅--> | ||
|
||
### Description | ||
|
||
<!-- ✍️--> | ||
A clear and concise summary of the change and which issue (if any) it fixes. Should also include relevant motivation and context. | ||
|
||
Resolved or fixed issue: <!-- ✍️ Add GitHub issue number in format `#0000` or `none` --> | ||
|
||
### Affirmation | ||
|
||
- [ ] My code follows the [CONTRIBUTING.md](https://github.com/juice-shop/juice-shop/blob/master/CONTRIBUTING.md) guidelines |
This file was deleted.
Oops, something went wrong.
Oops, something went wrong.