juice-shop/juice-shop

View on GitHub

Showing 99 of 134 total issues

Function changePassword has 34 lines of code (exceeds 30 allowed). Consider refactoring.
Open

module.exports = function changePassword () {
  return ({ query, headers, connection }: Request, res: Response, next: NextFunction) => {
    const currentPassword = query.current
    const newPassword = query.new
    const newPasswordInString = newPassword?.toString()
Severity: Minor
Found in routes/changePassword.ts - About 1 hr to fix

    Function respond has 34 lines of code (exceeds 30 allowed). Consider refactoring.
    Open

    module.exports.process = function respond () {
      return async (req: Request, res: Response, next: NextFunction) => {
        if (!bot) {
          res.status(200).json({
            action: 'response',
    Severity: Minor
    Found in routes/chatbot.ts - About 1 hr to fix

      Function servePublicFiles has 33 lines of code (exceeds 30 allowed). Consider refactoring.
      Open

      module.exports = function servePublicFiles () {
        return ({ params, query }: Request, res: Response, next: NextFunction) => {
          const file = params.file
      
          if (!file.includes('/')) {
      Severity: Minor
      Found in routes/fileServer.ts - About 1 hr to fix

        Function b2bOrder has a Cognitive Complexity of 12 (exceeds 7 allowed). Consider refactoring.
        Open

        module.exports = function b2bOrder () {
          return ({ body }: Request, res: Response, next: NextFunction) => {
            if (!utils.disableOnContainerEnv()) {
              const orderLinesData = body.orderLinesData || ''
              try {
        Severity: Minor
        Found in routes/b2bOrder.ts - About 1 hr to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Function fileSniff has a Cognitive Complexity of 12 (exceeds 7 allowed). Consider refactoring.
        Open

        export const fileSniff = async (paths: readonly string[], match: RegExp): Promise<Match[]> => {
          const matches = []
          for (const currPath of paths) {
            if (fs.lstatSync(currPath).isDirectory()) {
              const files = fs.readdirSync(currPath)
        Severity: Minor
        Found in routes/vulnCodeSnippet.ts - About 1 hr to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Function addBasketItem has 32 lines of code (exceeds 30 allowed). Consider refactoring.
        Open

        module.exports.addBasketItem = function addBasketItem () {
          return (req: RequestWithRawBody, res: Response, next: NextFunction) => {
            const result = utils.parseJsonCustom(req.rawBody)
            const productIds = []
            const basketIds = []
        Severity: Minor
        Found in routes/basketItems.ts - About 1 hr to fix

          Function ngOnInit has 32 lines of code (exceeds 30 allowed). Consider refactoring.
          Open

            ngOnInit () {
              this.activatedRoute.paramMap.subscribe((paramMap: ParamMap) => {
                this.orderId = paramMap.get('id')
                this.trackOrderService.find(this.orderId).subscribe((results) => {
                  this.promotionalDiscount = results.data[0].promotionalAmount ? parseFloat(results.data[0].promotionalAmount) : 0
          Severity: Minor
          Found in frontend/src/app/order-completion/order-completion.component.ts - About 1 hr to fix

            Function login has 31 lines of code (exceeds 30 allowed). Consider refactoring.
            Open

              login () {
                this.user = {}
                this.user.email = this.emailControl.value
                this.user.password = this.passwordControl.value
                this.userService.login(this.user).subscribe((authentication: any) => {
            Severity: Minor
            Found in frontend/src/app/login/login.component.ts - About 1 hr to fix

              Function setup has 31 lines of code (exceeds 30 allowed). Consider refactoring.
              Open

              async function setup (req: Request, res: Response) {
                try {
                  const data = security.authenticatedUsers.from(req)
                  if (!data) {
                    throw new Error('Need to login before setting up 2FA')
              Severity: Minor
              Found in routes/2fa.ts - About 1 hr to fix

                Function restore has 31 lines of code (exceeds 30 allowed). Consider refactoring.
                Open

                  restore (backupFile: File) {
                    return from(backupFile.text().then((backupData) => {
                      const backup: Backup = JSON.parse(backupData)
                
                      if (backup.version === this.VERSION) {
                Severity: Minor
                Found in frontend/src/app/Services/local-backup.service.ts - About 1 hr to fix

                  Consider simplifying this complex logical expression.
                  Open

                      if (user && basketIds[0] && basketIds[0] !== 'undefined' && Number(user.bid) != Number(basketIds[0])) { // eslint-disable-line eqeqeq
                        res.status(401).send('{\'error\' : \'Invalid BasketId\'}')
                      } else {
                        const basketItem = {
                          ProductId: productIds[productIds.length - 1],
                  Severity: Major
                  Found in routes/basketItems.ts - About 1 hr to fix

                    Function mimeType has a Cognitive Complexity of 11 (exceeds 7 allowed). Consider refactoring.
                    Open

                    export const mimeType = (
                      control: AbstractControl
                    ): Promise<{ [key: string]: any }> | Observable<{ [key: string]: any }> => {
                      if (typeof (control.value) === 'string') {
                        return of(null)
                    Severity: Minor
                    Found in frontend/src/app/photo-wall/mime-type.validator.ts - About 55 mins to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Function calculateTutorialTier has a Cognitive Complexity of 11 (exceeds 7 allowed). Consider refactoring.
                    Open

                    Severity: Minor
                    Found in frontend/src/app/score-board/score-board.component.ts - About 55 mins to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Function save has a Cognitive Complexity of 11 (exceeds 7 allowed). Consider refactoring.
                    Open

                      save (fileName: string = 'owasp_juice_shop') {
                        const backup: Backup = { version: this.VERSION }
                    
                        backup.scoreBoard = {
                          displayedDifficulties: localStorage.getItem('displayedDifficulties') ? JSON.parse(String(localStorage.getItem('displayedDifficulties'))) : undefined,
                    Severity: Minor
                    Found in frontend/src/app/Services/local-backup.service.ts - About 55 mins to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Function checkData has a Cognitive Complexity of 11 (exceeds 7 allowed). Consider refactoring.
                    Open

                    function checkData (data: CacheData, fileData: CacheData) {
                      const filesWithDiff = []
                      for (const key in data) {
                        const fileDataValueAdded = fileData[key].added.sort((a, b) => a - b)
                        const dataValueAdded = data[key].added.sort((a, b) => a - b)
                    Severity: Minor
                    Found in rsn/rsnUtil.ts - About 55 mins to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Function addBasketItem has a Cognitive Complexity of 11 (exceeds 7 allowed). Consider refactoring.
                    Open

                    module.exports.addBasketItem = function addBasketItem () {
                      return (req: RequestWithRawBody, res: Response, next: NextFunction) => {
                        const result = utils.parseJsonCustom(req.rawBody)
                        const productIds = []
                        const basketIds = []
                    Severity: Minor
                    Found in routes/basketItems.ts - About 55 mins to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Function onResize has a Cognitive Complexity of 11 (exceeds 7 allowed). Consider refactoring.
                    Open

                      onResize (event: any) {
                        if (event.target.innerWidth < 2600) {
                          this.breakpoint = 4
                          if (event.target.innerWidth < 1740) {
                            this.breakpoint = 3
                    Severity: Minor
                    Found in frontend/src/app/search-result/search-result.component.ts - About 55 mins to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Function UserModelInit has a Cognitive Complexity of 10 (exceeds 7 allowed). Consider refactoring.
                    Open

                    const UserModelInit = (sequelize: Sequelize) => {
                      User.init(
                        {
                          id: {
                            type: DataTypes.INTEGER,
                    Severity: Minor
                    Found in models/user.ts - About 45 mins to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Function saveLoginIp has a Cognitive Complexity of 10 (exceeds 7 allowed). Consider refactoring.
                    Open

                    module.exports = function saveLoginIp () {
                      return (req: Request, res: Response, next: NextFunction) => {
                        const loggedInUser = security.authenticatedUsers.from(req)
                        if (loggedInUser !== undefined) {
                          let lastLoginIp = req.headers['true-client-ip']
                    Severity: Minor
                    Found in routes/saveLoginIp.ts - About 45 mins to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Avoid deeply nested control flow statements.
                    Open

                                      if (!solved) {
                                        break
                                      }
                    Severity: Major
                    Found in routes/search.ts - About 45 mins to fix
                      Severity
                      Category
                      Status
                      Source
                      Language