juice-shop/juice-shop

View on GitHub

Showing 134 of 134 total issues

Function addToBasket has 43 lines of code (exceeds 30 allowed). Consider refactoring.
Open

  addToBasket (id?: number) {
    this.basketService.find(Number(sessionStorage.getItem('bid'))).subscribe((basket) => {
      const productsInBasket: any = basket.Products
      let found = false
      for (let i = 0; i < productsInBasket.length; i++) {
Severity: Minor
Found in frontend/src/app/search-result/search-result.component.ts - About 1 hr to fix

    Function ngOnInit has 42 lines of code (exceeds 30 allowed). Consider refactoring.
    Open

      ngOnInit () {
        this.getLanguages()
        this.basketService.getItemTotal().subscribe(x => (this.itemTotal = x))
        this.administrationService.getApplicationVersion().subscribe((version: any) => {
          if (version) {
    Severity: Minor
    Found in frontend/src/app/navbar/navbar.component.ts - About 1 hr to fix

      Function AddressModelInit has 42 lines of code (exceeds 30 allowed). Consider refactoring.
      Open

      const AddressModelInit = (sequelize: Sequelize) => {
        Address.init(
          {
            UserId: {
              type: DataTypes.INTEGER
      Severity: Minor
      Found in models/address.ts - About 1 hr to fix

        Function checkVulnLines has 41 lines of code (exceeds 30 allowed). Consider refactoring.
        Open

        exports.checkVulnLines = () => async (req: Request<{}, {}, VerdictRequestBody>, res: Response, next: NextFunction) => {
          const key = req.body.key
          let snippetData
          try {
            snippetData = await retrieveCodeSnippet(key)
        Severity: Minor
        Found in routes/vulnCodeSnippet.ts - About 1 hr to fix

          Function CardModelInit has 41 lines of code (exceeds 30 allowed). Consider refactoring.
          Open

          const CardModelInit = (sequelize: Sequelize) => {
            Card.init(
              {
                UserId: {
                  type: DataTypes.INTEGER
          Severity: Minor
          Found in models/card.ts - About 1 hr to fix

            Function respond has a Cognitive Complexity of 14 (exceeds 7 allowed). Consider refactoring.
            Open

            module.exports.process = function respond () {
              return async (req: Request, res: Response, next: NextFunction) => {
                if (!bot) {
                  res.status(200).json({
                    action: 'response',
            Severity: Minor
            Found in routes/chatbot.ts - About 1 hr to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Function checkCorrectFix has a Cognitive Complexity of 14 (exceeds 7 allowed). Consider refactoring.
            Open

            export const checkCorrectFix = () => async (req: Request<{}, {}, VerdictRequestBody>, res: Response, next: NextFunction) => {
              const key = req.body.key
              const selectedFix = req.body.selectedFix
              const fixData = readFixes(key)
              if (fixData.fixes.length === 0) {
            Severity: Minor
            Found in routes/vulnCodeFixes.ts - About 1 hr to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Function observeMetrics has a Cognitive Complexity of 14 (exceeds 7 allowed). Consider refactoring.
            Open

            exports.observeMetrics = function observeMetrics () {
              const app = config.get('application.customMetricsPrefix')
              const intervalCollector = Prometheus.collectDefaultMetrics({ timeout: 5000 })
              register.setDefaultLabels({ app })
            
            
            Severity: Minor
            Found in routes/metrics.ts - About 1 hr to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Function save has 40 lines of code (exceeds 30 allowed). Consider refactoring.
            Open

              save () {
                this.address.country = this.countryControl.value
                this.address.fullName = this.nameControl.value
                this.address.mobileNum = this.numberControl.value
                this.address.zipCode = this.pinControl.value
            Severity: Minor
            Found in frontend/src/app/address-create/address-create.component.ts - About 1 hr to fix

              Function mimeType has 40 lines of code (exceeds 30 allowed). Consider refactoring.
              Open

              export const mimeType = (
                control: AbstractControl
              ): Promise<{ [key: string]: any }> | Observable<{ [key: string]: any }> => {
                if (typeof (control.value) === 'string') {
                  return of(null)
              Severity: Minor
              Found in frontend/src/app/photo-wall/mime-type.validator.ts - About 1 hr to fix

                Function retrieveCodeSnippet has 39 lines of code (exceeds 30 allowed). Consider refactoring.
                Open

                export const retrieveCodeSnippet = async (key: string, pass: boolean = false) => {
                  let challenge = challenges[key]
                  if (pass) challenge = { key }
                  if (challenge) {
                    if (!cache[challenge.key]) {
                Severity: Minor
                Found in routes/vulnCodeSnippet.ts - About 1 hr to fix

                  Function upgradeToDeluxe has 37 lines of code (exceeds 30 allowed). Consider refactoring.
                  Open

                  module.exports.upgradeToDeluxe = function upgradeToDeluxe () {
                    return async (req: Request, res: Response, next: NextFunction) => {
                      try {
                        const user = await UserModel.findOne({ where: { id: req.body.UserId, role: security.roles.customer } })
                        if (!user) {
                  Severity: Minor
                  Found in routes/deluxe.ts - About 1 hr to fix

                    Function resetPassword has 37 lines of code (exceeds 30 allowed). Consider refactoring.
                    Open

                    module.exports = function resetPassword () {
                      return ({ body, connection }: Request, res: Response, next: NextFunction) => {
                        const email = body.email
                        const answer = body.answer
                        const newPassword = body.new
                    Severity: Minor
                    Found in routes/resetPassword.ts - About 1 hr to fix

                      Function queryResultToJson has a Cognitive Complexity of 13 (exceeds 7 allowed). Consider refactoring.
                      Open

                      export const queryResultToJson = (data: any, status: string = 'success') => {
                        let wrappedData: any = {}
                        if (data) {
                          if (!data.length && data.dataValues) {
                            wrappedData = data.dataValues
                      Severity: Minor
                      Found in lib/utils.ts - About 1 hr to fix

                      Cognitive Complexity

                      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                      A method's cognitive complexity is based on a few simple rules:

                      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                      • Code is considered more complex for each "break in the linear flow of the code"
                      • Code is considered more complex when "flow breaking structures are nested"

                      Further reading

                      Function processQuery has a Cognitive Complexity of 13 (exceeds 7 allowed). Consider refactoring.
                      Open

                      async function processQuery (user: User, req: Request, res: Response) {
                        const username = user.username
                        if (!username) {
                          res.status(200).json({
                            action: 'namequery',
                      Severity: Minor
                      Found in routes/chatbot.ts - About 1 hr to fix

                      Cognitive Complexity

                      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                      A method's cognitive complexity is based on a few simple rules:

                      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                      • Code is considered more complex for each "break in the linear flow of the code"
                      • Code is considered more complex when "flow breaking structures are nested"

                      Further reading

                      Function calculateCheatScore has a Cognitive Complexity of 13 (exceeds 7 allowed). Consider refactoring.
                      Open

                      exports.calculateCheatScore = (challenge: Challenge) => {
                        const timestamp = new Date()
                        let cheatScore = 0
                        let timeFactor = 2
                        timeFactor *= (config.get('challenges.showHints') ? 1 : 1.5)
                      Severity: Minor
                      Found in lib/antiCheat.ts - About 1 hr to fix

                      Cognitive Complexity

                      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                      A method's cognitive complexity is based on a few simple rules:

                      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                      • Code is considered more complex for each "break in the linear flow of the code"
                      • Code is considered more complex when "flow breaking structures are nested"

                      Further reading

                      Function ngOnInit has 36 lines of code (exceeds 30 allowed). Consider refactoring.
                      Open

                        ngOnInit () {
                          this.ngZone.runOutsideAngular(() => {
                            this.io.socket().on('server started', () => {
                              const continueCode = this.cookieService.get('continueCode')
                              const continueCodeFindIt = this.cookieService.get('continueCodeFindIt')

                        Function fileUpload has 36 lines of code (exceeds 30 allowed). Consider refactoring.
                        Open

                        module.exports = function fileUpload () {
                          return async (req: Request, res: Response, next: NextFunction) => {
                            const file = req.file
                            const buffer = file?.buffer
                            const uploadedFileType = await fileType.fromBuffer(buffer)
                        Severity: Minor
                        Found in routes/profileImageFileUpload.ts - About 1 hr to fix

                          Function ngOnInit has 35 lines of code (exceeds 30 allowed). Consider refactoring.
                          Open

                            ngOnInit () {
                              this.ngZone.runOutsideAngular(() => {
                                this.io.socket().on('challenge solved', (data: ChallengeSolvedMessage) => {
                                  if (data?.challenge) {
                                    if (!data.hidden) {

                            Function respond has 34 lines of code (exceeds 30 allowed). Consider refactoring.
                            Open

                            module.exports.process = function respond () {
                              return async (req: Request, res: Response, next: NextFunction) => {
                                if (!bot) {
                                  res.status(200).json({
                                    action: 'response',
                            Severity: Minor
                            Found in routes/chatbot.ts - About 1 hr to fix
                              Severity
                              Category
                              Status
                              Source
                              Language