juice-shop/juice-shop

View on GitHub

Showing 134 of 134 total issues

Function getDeliveryMethods has a Cognitive Complexity of 10 (exceeds 7 allowed). Consider refactoring.
Open

module.exports.getDeliveryMethods = function getDeliveryMethods () {
  return async (req: Request, res: Response, next: NextFunction) => {
    const methods = await DeliveryModel.findAll()
    if (methods) {
      const sendMethods = []
Severity: Minor
Found in routes/delivery.ts - About 45 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function UserModelInit has a Cognitive Complexity of 10 (exceeds 7 allowed). Consider refactoring.
Open

const UserModelInit = (sequelize: Sequelize) => {
  User.init(
    {
      id: {
        type: DataTypes.INTEGER,
Severity: Minor
Found in models/user.ts - About 45 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Avoid deeply nested control flow statements.
Open

                  if (!solved) {
                    break
                  }
Severity: Major
Found in routes/search.ts - About 45 mins to fix

    Function saveLoginIp has a Cognitive Complexity of 10 (exceeds 7 allowed). Consider refactoring.
    Open

    module.exports = function saveLoginIp () {
      return (req: Request, res: Response, next: NextFunction) => {
        const loggedInUser = security.authenticatedUsers.from(req)
        if (loggedInUser !== undefined) {
          let lastLoginIp = req.headers['true-client-ip']
    Severity: Minor
    Found in routes/saveLoginIp.ts - About 45 mins to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Function quantityCheck has 5 arguments (exceeds 4 allowed). Consider refactoring.
    Open

    async function quantityCheck (req: Request, res: Response, next: NextFunction, id: number, quantity: number) {
    Severity: Minor
    Found in routes/basketItems.ts - About 35 mins to fix

      Function quantityCheck has a Cognitive Complexity of 9 (exceeds 7 allowed). Consider refactoring.
      Open

      async function quantityCheck (req: Request, res: Response, next: NextFunction, id: number, quantity: number) {
        const product = await QuantityModel.findOne({ where: { ProductId: id } })
        if (!product) {
          throw new Error('No such product found!')
        }
      Severity: Minor
      Found in routes/basketItems.ts - About 35 mins to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Function profileImageUrlUpload has a Cognitive Complexity of 9 (exceeds 7 allowed). Consider refactoring.
      Open

      module.exports = function profileImageUrlUpload () {
        return (req: Request, res: Response, next: NextFunction) => {
          if (req.body.imageUrl !== undefined) {
            const url = req.body.imageUrl
            if (url.match(/(.)*solve\/challenges\/server-side(.)*/) !== null) req.app.locals.abused_ssrf_bug = true
      Severity: Minor
      Found in routes/profileImageUrlUpload.ts - About 35 mins to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Function checkIfPortIsAvailable has a Cognitive Complexity of 9 (exceeds 7 allowed). Consider refactoring.
      Open

      const checkIfPortIsAvailable = async (port: number) => {
        return await new Promise((resolve, reject) => {
          portscanner.checkPortStatus(port, function (error: unknown, status: string) {
            if (error) {
              reject(error)
      Severity: Minor
      Found in lib/startup/validatePreconditions.ts - About 35 mins to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Function addWalletBalance has a Cognitive Complexity of 9 (exceeds 7 allowed). Consider refactoring.
      Open

      module.exports.addWalletBalance = function addWalletBalance () {
        return async (req: Request, res: Response, next: NextFunction) => {
          const cardId = req.body.paymentId
          const card = cardId ? await CardModel.findOne({ where: { id: cardId, UserId: req.body.UserId } }) : null
          if (card) {
      Severity: Minor
      Found in routes/wallet.ts - About 35 mins to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Function servePublicFiles has a Cognitive Complexity of 9 (exceeds 7 allowed). Consider refactoring.
      Open

      module.exports = function servePublicFiles () {
        return ({ params, query }: Request, res: Response, next: NextFunction) => {
          const file = params.file
      
          if (!file.includes('/')) {
      Severity: Minor
      Found in routes/fileServer.ts - About 35 mins to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Function choosePayment has a Cognitive Complexity of 9 (exceeds 7 allowed). Consider refactoring.
      Open

        choosePayment () {
          sessionStorage.removeItem('itemTotal')
          if (this.mode === 'wallet') {
            this.walletService.put({ balance: this.totalPrice, paymentId: this.paymentId }).subscribe(() => {
              sessionStorage.removeItem('walletTotal')
      Severity: Minor
      Found in frontend/src/app/payment/payment.component.ts - About 35 mins to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Function captchaBypassChallenge has a Cognitive Complexity of 9 (exceeds 7 allowed). Consider refactoring.
      Open

      exports.captchaBypassChallenge = () => (req: Request, res: Response, next: NextFunction) => {
        if (challengeUtils.notSolved(challenges.captchaBypassChallenge)) {
          if (req.app.locals.captchaReqId >= 10) {
            if ((new Date().getTime() - req.app.locals.captchaBypassReqTimes[req.app.locals.captchaReqId - 10]) <= 20000) {
              challengeUtils.solve(challenges.captchaBypassChallenge)
      Severity: Minor
      Found in routes/verify.ts - About 35 mins to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Avoid too many return statements within this function.
      Open

            return !(this.showOnlyTutorialChallenges && !challenge.hasTutorial)
      Severity: Major
      Found in frontend/src/app/score-board/score-board.component.ts - About 30 mins to fix

        Avoid too many return statements within this function.
        Open

          return null
        Severity: Major
        Found in lib/utils.ts - About 30 mins to fix

          Function makeKeyNonUpdatable has a Cognitive Complexity of 8 (exceeds 7 allowed). Consider refactoring.
          Open

          export const makeKeyNonUpdatable = (model: Model, column: string) => {
            model.addHook('beforeValidate', (instance: ExtendedModel, options: ExtendedValidationOptions) => {
              if (!options.validate) return
          
              if (instance.isNewRecord) return
          Severity: Minor
          Found in lib/noUpdate.ts - About 25 mins to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          Function customizeApplication has a Cognitive Complexity of 8 (exceeds 7 allowed). Consider refactoring.
          Open

          const customizeApplication = () => {
            if (config.get('application.name')) {
              customizeTitle()
            }
            if (config.get('application.logo')) {
          Severity: Minor
          Found in lib/startup/customizeApplication.ts - About 25 mins to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          Function seePatch has a Cognitive Complexity of 8 (exceeds 7 allowed). Consider refactoring.
          Open

          async function seePatch (file: string) {
            const fileData = fs.readFileSync(fixesPath + '/' + file).toString()
            const snippet = await retrieveCodeSnippet(file.split('_')[0], true)
            const patch = Diff.structuredPatch(file, file, filterString(snippet.snippet), filterString(fileData))
            console.log(colors.bold(file + '\n'))
          Severity: Minor
          Found in rsn/rsnUtil.ts - About 25 mins to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          Function setup has a Cognitive Complexity of 8 (exceeds 7 allowed). Consider refactoring.
          Open

          async function setup (req: Request, res: Response) {
            try {
              const data = security.authenticatedUsers.from(req)
              if (!data) {
                throw new Error('Need to login before setting up 2FA')
          Severity: Minor
          Found in routes/2fa.ts - About 25 mins to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          Function serverSideChallenges has a Cognitive Complexity of 8 (exceeds 7 allowed). Consider refactoring.
          Open

          exports.serverSideChallenges = () => (req: Request, res: Response, next: NextFunction) => {
            if (req.query.key === 'tRy_H4rd3r_n0thIng_iS_Imp0ssibl3') {
              if (challengeUtils.notSolved(challenges.sstiChallenge) && req.app.locals.abused_ssti_bug === true) {
                challengeUtils.solve(challenges.sstiChallenge)
                res.status(204).send()
          Severity: Minor
          Found in routes/verify.ts - About 25 mins to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          FIXME found
          Open

            rules: { // FIXME Remaining linting errors since migrating from StandardJS-style TSLint. Significant refactoring expected in order to turn on!
          Severity: Minor
          Found in frontend/.eslintrc.js by fixme
          Severity
          Category
          Status
          Source
          Language