juice-shop/juice-shop

View on GitHub

Showing 134 of 134 total issues

Function ProductModelInit has 34 lines of code (exceeds 30 allowed). Consider refactoring.
Open

const ProductModelInit = (sequelize: Sequelize) => {
  Product.init(
    {
      id: {
        type: DataTypes.INTEGER,
Severity: Minor
Found in models/product.ts - About 1 hr to fix

    Function respond has 34 lines of code (exceeds 30 allowed). Consider refactoring.
    Open

    module.exports.process = function respond () {
      return async (req: Request, res: Response, next: NextFunction) => {
        if (!bot) {
          res.status(200).json({
            action: 'response',
    Severity: Minor
    Found in routes/chatbot.ts - About 1 hr to fix

      Function servePublicFiles has 33 lines of code (exceeds 30 allowed). Consider refactoring.
      Open

      module.exports = function servePublicFiles () {
        return ({ params, query }: Request, res: Response, next: NextFunction) => {
          const file = params.file
      
          if (!file.includes('/')) {
      Severity: Minor
      Found in routes/fileServer.ts - About 1 hr to fix

        Function b2bOrder has a Cognitive Complexity of 12 (exceeds 7 allowed). Consider refactoring.
        Open

        module.exports = function b2bOrder () {
          return ({ body }: Request, res: Response, next: NextFunction) => {
            if (!utils.disableOnContainerEnv()) {
              const orderLinesData = body.orderLinesData || ''
              try {
        Severity: Minor
        Found in routes/b2bOrder.ts - About 1 hr to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Function fileSniff has a Cognitive Complexity of 12 (exceeds 7 allowed). Consider refactoring.
        Open

        export const fileSniff = async (paths: readonly string[], match: RegExp): Promise<Match[]> => {
          const matches = []
          for (const currPath of paths) {
            if (fs.lstatSync(currPath).isDirectory()) {
              const files = fs.readdirSync(currPath)
        Severity: Minor
        Found in routes/vulnCodeSnippet.ts - About 1 hr to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Function ngOnInit has 32 lines of code (exceeds 30 allowed). Consider refactoring.
        Open

          ngOnInit () {
            this.activatedRoute.paramMap.subscribe((paramMap: ParamMap) => {
              this.orderId = paramMap.get('id')
              this.trackOrderService.find(this.orderId).subscribe((results) => {
                this.promotionalDiscount = results.data[0].promotionalAmount ? parseFloat(results.data[0].promotionalAmount) : 0
        Severity: Minor
        Found in frontend/src/app/order-completion/order-completion.component.ts - About 1 hr to fix

          Function addBasketItem has 32 lines of code (exceeds 30 allowed). Consider refactoring.
          Open

          module.exports.addBasketItem = function addBasketItem () {
            return (req: RequestWithRawBody, res: Response, next: NextFunction) => {
              const result = utils.parseJsonCustom(req.rawBody)
              const productIds = []
              const basketIds = []
          Severity: Minor
          Found in routes/basketItems.ts - About 1 hr to fix

            Function setup has 31 lines of code (exceeds 30 allowed). Consider refactoring.
            Open

            async function setup (req: Request, res: Response) {
              try {
                const data = security.authenticatedUsers.from(req)
                if (!data) {
                  throw new Error('Need to login before setting up 2FA')
            Severity: Minor
            Found in routes/2fa.ts - About 1 hr to fix

              Function login has 31 lines of code (exceeds 30 allowed). Consider refactoring.
              Open

                login () {
                  this.user = {}
                  this.user.email = this.emailControl.value
                  this.user.password = this.passwordControl.value
                  this.userService.login(this.user).subscribe((authentication: any) => {
              Severity: Minor
              Found in frontend/src/app/login/login.component.ts - About 1 hr to fix

                Function restore has 31 lines of code (exceeds 30 allowed). Consider refactoring.
                Open

                  restore (backupFile: File) {
                    return from(backupFile.text().then((backupData) => {
                      const backup: Backup = JSON.parse(backupData)
                
                      if (backup.version === this.VERSION) {
                Severity: Minor
                Found in frontend/src/app/Services/local-backup.service.ts - About 1 hr to fix

                  Consider simplifying this complex logical expression.
                  Open

                      if (user && basketIds[0] && basketIds[0] !== 'undefined' && Number(user.bid) != Number(basketIds[0])) { // eslint-disable-line eqeqeq
                        res.status(401).send('{\'error\' : \'Invalid BasketId\'}')
                      } else {
                        const basketItem = {
                          ProductId: productIds[productIds.length - 1],
                  Severity: Major
                  Found in routes/basketItems.ts - About 1 hr to fix

                    Function mimeType has a Cognitive Complexity of 11 (exceeds 7 allowed). Consider refactoring.
                    Open

                    export const mimeType = (
                      control: AbstractControl
                    ): Promise<{ [key: string]: any }> | Observable<{ [key: string]: any }> => {
                      if (typeof (control.value) === 'string') {
                        return of(null)
                    Severity: Minor
                    Found in frontend/src/app/photo-wall/mime-type.validator.ts - About 55 mins to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Function onResize has a Cognitive Complexity of 11 (exceeds 7 allowed). Consider refactoring.
                    Open

                      onResize (event: any) {
                        if (event.target.innerWidth < 2600) {
                          this.breakpoint = 4
                          if (event.target.innerWidth < 1740) {
                            this.breakpoint = 3
                    Severity: Minor
                    Found in frontend/src/app/search-result/search-result.component.ts - About 55 mins to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Function save has a Cognitive Complexity of 11 (exceeds 7 allowed). Consider refactoring.
                    Open

                      save (fileName: string = 'owasp_juice_shop') {
                        const backup: Backup = { version: this.VERSION }
                    
                        backup.scoreBoard = {
                          displayedDifficulties: localStorage.getItem('displayedDifficulties') ? JSON.parse(String(localStorage.getItem('displayedDifficulties'))) : undefined,
                    Severity: Minor
                    Found in frontend/src/app/Services/local-backup.service.ts - About 55 mins to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Function checkData has a Cognitive Complexity of 11 (exceeds 7 allowed). Consider refactoring.
                    Open

                    function checkData (data: CacheData, fileData: CacheData) {
                      const filesWithDiff = []
                      for (const key in data) {
                        const fileDataValueAdded = fileData[key].added.sort((a, b) => a - b)
                        const dataValueAdded = data[key].added.sort((a, b) => a - b)
                    Severity: Minor
                    Found in rsn/rsnUtil.ts - About 55 mins to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Function calculateTutorialTier has a Cognitive Complexity of 11 (exceeds 7 allowed). Consider refactoring.
                    Open

                      calculateTutorialTier (challenges: Challenge[]) {
                        this.allTutorialsCompleted = true
                        this.isLastTutorialsTier = true
                        this.tutorialsTier = 1
                    
                    
                    Severity: Minor
                    Found in frontend/src/app/score-board/score-board.component.ts - About 55 mins to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Function addBasketItem has a Cognitive Complexity of 11 (exceeds 7 allowed). Consider refactoring.
                    Open

                    module.exports.addBasketItem = function addBasketItem () {
                      return (req: RequestWithRawBody, res: Response, next: NextFunction) => {
                        const result = utils.parseJsonCustom(req.rawBody)
                        const productIds = []
                        const basketIds = []
                    Severity: Minor
                    Found in routes/basketItems.ts - About 55 mins to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Avoid deeply nested control flow statements.
                    Open

                              if (lines.length === 1) lines = snippet.split('\n')
                    Severity: Major
                    Found in routes/vulnCodeSnippet.ts - About 45 mins to fix

                      Avoid deeply nested control flow statements.
                      Open

                                if (lines.length === 1) lines = snippet.split('\r')
                      Severity: Major
                      Found in routes/vulnCodeSnippet.ts - About 45 mins to fix

                        Avoid deeply nested control flow statements.
                        Open

                                  for (let i = 0; i < lines.length; i++) {
                                    if (new RegExp(`vuln-code-snippet vuln-line.*${challenge.key}`).exec(lines[i]) != null) {
                                      vulnLines.push(i + 1)
                                    } else if (new RegExp(`vuln-code-snippet neutral-line.*${challenge.key}`).exec(lines[i]) != null) {
                                      neutralLines.push(i + 1)
                        Severity: Major
                        Found in routes/vulnCodeSnippet.ts - About 45 mins to fix
                          Severity
                          Category
                          Status
                          Source
                          Language