Skip to content
This repository was archived by the owner on Feb 17, 2025. It is now read-only.

[Snyk] Security upgrade express-jwt from 0.1.3 to 6.0.0 #38

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
+1 −1
Open

[Snyk] Security upgrade express-jwt from 0.1.3 to 6.0.0 #38

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
@@ -130,7 +130,7 @@
"exif": "^0.6.0",
"express": "^4.17.1",
"express-ipfilter": "^1.2.0",
"express-jwt": "0.1.3",
"express-jwt": "6.0.0",
"express-rate-limit": "^5.3.0",
"express-robots-txt": "^0.4.1",
"express-security.txt": "^2.0.0",

Unchanged files with check annotations Beta

View file
cypress.config.ts
import { defineConfig } from 'cypress'

Check failure on line 1 in cypress.config.ts

GitHub Actions / smoke-test 

Cannot find module 'cypress' or its corresponding type declarations.

Check failure on line 1 in cypress.config.ts

GitHub Actions / smoke-test 

Cannot find module 'cypress' or its corresponding type declarations.
import * as security from './lib/insecurity'
import config from 'config'

Check failure on line 3 in cypress.config.ts

GitHub Actions / smoke-test 

Could not find a declaration file for module 'config'. '/home/runner/work/juice-shop/juice-shop/node_modules/config/lib/config.js' implicitly has an 'any' type.

Check failure on line 3 in cypress.config.ts

GitHub Actions / smoke-test 

Could not find a declaration file for module 'config'. '/home/runner/work/juice-shop/juice-shop/node_modules/config/lib/config.js' implicitly has an 'any' type.
import type { Memory as MemoryConfig, Product as ProductConfig } from './lib/config.types'
import * as utils from './lib/utils'
import * as otplib from 'otplib'
},
GetChristmasProduct () {
return config.get<ProductConfig[]>('products').filter(
(product) => product.useForChristmasSpecialChallenge

Check failure on line 45 in cypress.config.ts

GitHub Actions / smoke-test 

Parameter 'product' implicitly has an 'any' type.

Check failure on line 45 in cypress.config.ts

GitHub Actions / smoke-test 

Parameter 'product' implicitly has an 'any' type.
)[0]
},
GetCouponIntent () {
},
GetPastebinLeakProduct () {
return config.get<ProductConfig[]>('products').filter(
(product) => product.keywordsForPastebinDataLeakChallenge

Check failure on line 72 in cypress.config.ts

GitHub Actions / smoke-test 

Parameter 'product' implicitly has an 'any' type.

Check failure on line 72 in cypress.config.ts

GitHub Actions / smoke-test 

Parameter 'product' implicitly has an 'any' type.
)[0]
},
GetTamperingProductId () {
View file
data/datacreator.ts
import { type Product } from './types'
import logger from '../lib/logger'
import type { Memory as MemoryConfig, Product as ProductConfig } from '../lib/config.types'
import config from 'config'

Check failure on line 26 in data/datacreator.ts

GitHub Actions / smoke-test 

Could not find a declaration file for module 'config'. '/home/runner/work/juice-shop/juice-shop/node_modules/config/lib/config.js' implicitly has an 'any' type.

Check failure on line 26 in data/datacreator.ts

GitHub Actions / smoke-test 

Could not find a declaration file for module 'config'. '/home/runner/work/juice-shop/juice-shop/node_modules/config/lib/config.js' implicitly has an 'any' type.
import * as utils from '../lib/utils'
import type { StaticUser, StaticUserAddress, StaticUserCard } from './staticData'
import { loadStaticChallengeData, loadStaticDeliveryData, loadStaticUserData, loadStaticSecurityQuestionsData } from './staticData'
async function createQuantity () {
return await Promise.all(
config.get<ProductConfig[]>('products').map(async (product, index) => {

Check failure on line 236 in data/datacreator.ts

GitHub Actions / smoke-test 

Parameter 'product' implicitly has an 'any' type.

Check failure on line 236 in data/datacreator.ts

GitHub Actions / smoke-test 

Parameter 'index' implicitly has an 'any' type.

Check failure on line 236 in data/datacreator.ts

GitHub Actions / smoke-test 

Parameter 'product' implicitly has an 'any' type.

Check failure on line 236 in data/datacreator.ts

GitHub Actions / smoke-test 

Parameter 'index' implicitly has an 'any' type.
return await QuantityModel.create({
ProductId: index + 1,
quantity: product.quantity ?? Math.floor(Math.random() * 70 + 30),
}).catch((err: unknown) => {
logger.error(`Could not create memory: ${utils.getErrorMessage(err)}`)
}),
...structuredClone(config.get<MemoryConfig[]>('memories')).map(async (memory) => {

Check failure on line 257 in data/datacreator.ts

GitHub Actions / smoke-test 

Parameter 'memory' implicitly has an 'any' type.

Check failure on line 257 in data/datacreator.ts

GitHub Actions / smoke-test 

Parameter 'memory' implicitly has an 'any' type.
let tmpImageFileName = memory.image
if (utils.isUrl(memory.image)) {
const imageUrl = memory.image
}
async function createProducts () {
const products = structuredClone(config.get<ProductConfig[]>('products')).map((product) => {

Check failure on line 296 in data/datacreator.ts

GitHub Actions / smoke-test 

Parameter 'product' implicitly has an 'any' type.

Check failure on line 296 in data/datacreator.ts

GitHub Actions / smoke-test 

Parameter 'product' implicitly has an 'any' type.
product.price = product.price ?? Math.floor(Math.random() * 9 + 1)
product.deluxePrice = product.deluxePrice ?? product.price
product.description = product.description || 'Lorem ipsum dolor sit amet, consectetuer adipiscing elit.'
})
// add Challenge specific information
const christmasChallengeProduct = products.find(({ useForChristmasSpecialChallenge }) => useForChristmasSpecialChallenge)

Check failure on line 312 in data/datacreator.ts

GitHub Actions / smoke-test 

Binding element 'useForChristmasSpecialChallenge' implicitly has an 'any' type.

Check failure on line 312 in data/datacreator.ts

GitHub Actions / smoke-test 

Binding element 'useForChristmasSpecialChallenge' implicitly has an 'any' type.
const pastebinLeakChallengeProduct = products.find(({ keywordsForPastebinDataLeakChallenge }) => keywordsForPastebinDataLeakChallenge)
const tamperingChallengeProduct = products.find(({ urlForProductTamperingChallenge }) => urlForProductTamperingChallenge)
const blueprintRetrievalChallengeProduct = products.find(({ fileForRetrieveBlueprintChallenge }) => fileForRetrieveBlueprintChallenge)