Merge branch 'release-v8' into gsoc-challenges

jurbz2019 · Oct 2, 2018 · edf1c5c · edf1c5c
2 parents e46a3c7 + ceda5e2
commit edf1c5c
Show file tree

Hide file tree

Showing 485 changed files with 3,981 additions and 83,122 deletions.
diff --git a/.appveyor.yml b/.appveyor.yml
@@ -21,7 +21,7 @@ install:
   - 'node --version && npm --version'
   - 'if exist node_modules rd /Q /S node_modules'
   - 'npm install --production'
-  - 'node_modules\.bin\grunt package'
+  - 'npm run package'
 build: off
 test: off
 matrix:

diff --git a/.gitignore b/.gitignore
@@ -28,66 +28,16 @@ node_modules/
 npm-debug.log.*
 package-lock.json
 
+# SASS
+.sass-cache/
+
 # App
 dist/
 order_*.pdf
-app/index.html
-app/private/threejs-demo.html
-
-# Favicons downloaded during customizazion
-app/public/*.*
-!app/public/favicon_ctf.ico
-!app/public/favicon_v2.ico
-
-# Logos downloaded during customizazion
-app/public/images/*.*
-!app/public/images/JuiceShop*.*
-!app/public/images/ribbons/forkme_right_orange.png
 
-# Product images downloaded during customizazion
-app/public/images/products/*.*
-!app/public/images/products/apple_juice.jpg
-!app/public/images/products/artwork.jpg
-!app/public/images/products/apple_pressings.jpg
-!app/public/images/products/banana_juice.jpg
-!app/public/images/products/eggfruit_juice.jpg
-!app/public/images/products/fan_girlie.jpg
-!app/public/images/products/fan_hoodie.jpg
-!app/public/images/products/fan_mug.jpg
-!app/public/images/products/fan_shirt.jpg
-!app/public/images/products/fruit_press.jpg
-!app/public/images/products/green_smoothie.jpg
-!app/public/images/products/lemon_juice.jpg
-!app/public/images/products/orange_juice.jpg
-!app/public/images/products/owasp_osaft.jpg
-!app/public/images/products/owasplogo.png
-!app/public/images/products/quince.jpg
-!app/public/images/products/raspberry_juice.jpg
-!app/public/images/products/sticker.png
-!app/public/images/products/undefined.png
-!app/public/images/products/white_raffards.jpg
-!app/public/images/products/woodruff_syrup.jpg
-!app/public/images/products/carrot_juice.jpeg
-!app/public/images/products/strawberry_juice.jpeg
-!app/public/images/products/melon_bike.jpeg
-!app/public/images/products/3d_keychain.jpg
-!app/public/images/products/waspy.png
-!app/public/images/products/jawa_script.jpg
-!app/public/images/products/thingie1.jpg
-!app/public/images/products/Wooden-crutch.jpg
-!app/public/images/products/JuiceShop.stl
-!app/public/images/products/squareBox1-40x40x40.stl
-!app/public/images/products/crutch.123dx
-!app/public/images/products/stickersheet_se.png
-!app/public/images/products/cover_small.jpg
-!app/public/images/products/iron-on.jpg
-!app/public/images/products/magnets.jpg
-!app/public/images/products/sticker_page.jpg
-!app/public/images/products/sticker_single.jpg
-!app/public/images/products/tattoo.jpg
-!app/public/images/products/velcro-patch.jpg
-
-!app/public/country-mapping.json
+# GitHub-Pages Branch
+assets/
+!frontend/src/assets/
 
 # Custom configuration files
 config/*.yml
@@ -101,15 +51,3 @@ config/*.yml
 !config/test.yml
 !config/7ms.yml
 !config/mozilla.yml
-
-# Custom easter egg planetary texture files
-app/private/*.jpg
-app/private/*.jpeg
-app/private/*.png
-app/private/*.gif
-!app/private/earth_normalmap_flat4k.jpg
-!app/private/earthspec4k.jpg
-!app/private/fair_clouds_4k.png
-!app/private/orangemap2k.jpg
-!app/private/starry_background.jpg
-!app/private/under-construction.gif
diff --git a/.travis.yml b/.travis.yml
@@ -5,61 +5,60 @@ node_js:
   - 8
 branches:
   except:
-    - gh-pages
-    - l10n_develop
+  - gh-pages
+  - l10n_develop
 addons:
   apt:
     packages:
-      - xvfb
+    - xvfb
   chrome: stable
   code_climate:
     repo_token:
       secure: NC3ew4c92DO4SAdbJvaZkaRnEZaZcAr9NcxOeraqAKHRXY3COnerWGR8+kIE9KiadcRdatmu0sSjWldDcAZfmMwOraMI9CDkqdPSjtjciCVEFdGi+OPOvMY/gOJU6XeM7lsO5MvYD7mqChl2gR6s7IO/klPahf53c97PPDo3C90=
 env:
   global:
-    - 'DISPLAY=:99'
+  - DISPLAY=:99
 before_install:
-  - 'rm -rf node_modules'
+- rm -rf node_modules
 before_script:
-  - 'npm i -g grunt-cli'
-  - 'sh -e /etc/init.d/xvfb start'
-  - 'sleep 3'
+- sh -e /etc/init.d/xvfb start
+- sleep 3
 script:
-  - 'npm test'
-  - 'npm run frisby'
-  - 'NODE_ENV=ctf npm run protractor'
+- npm test
+- npm run frisby
+- NODE_ENV=ctf npm run protractor
 after_success:
-  - './node_modules/.bin/lcov-result-merger ''build/reports/coverage/*/lcov.info'' ''build/reports/coverage/lcov_merged.info'''
-  - './node_modules/.bin/codeclimate-test-reporter < ./build/reports/coverage/lcov_merged.info'
+- "./node_modules/.bin/lcov-result-merger 'build/reports/coverage/**/lcov.info' 'build/reports/coverage/lcov_merged.info'"
+- "./node_modules/.bin/codeclimate-test-reporter < ./build/reports/coverage/lcov_merged.info"
 notifications:
   email:
-    - secure: ADLqaNm7lR8sgCkSz7eWtWdm8zZ9OsbkcQAi2nm7hQPWAkTWPfr9qeOBh39Z3PZvkgDdlUpNZc/uPlcEGEILznJRF3HlQjWrWksNNtY3xaRc01B4uXlDbODjttb6v9mOqkwUqRfQLeerOqNynNSkT129+mz4FANn0+oucZ3EuQc=
-    - secure: HhhSoqY87yd8Hkt+cfXk9XXDJeWViYQoPq8f7SJofkwSWtxfOS9GNbOUehZJDqjBMARoGi3SJBImRbisnwfMcEhKpSZs2S4Osdwk2Ayy0h8V/O+qHhiEuJq1mPbAWrYNGQerz16Ec4SbX6hPnAEle2SUwjbPUnfRRCROsJqfm0o=
+  - secure: ADLqaNm7lR8sgCkSz7eWtWdm8zZ9OsbkcQAi2nm7hQPWAkTWPfr9qeOBh39Z3PZvkgDdlUpNZc/uPlcEGEILznJRF3HlQjWrWksNNtY3xaRc01B4uXlDbODjttb6v9mOqkwUqRfQLeerOqNynNSkT129+mz4FANn0+oucZ3EuQc=
+  - secure: HhhSoqY87yd8Hkt+cfXk9XXDJeWViYQoPq8f7SJofkwSWtxfOS9GNbOUehZJDqjBMARoGi3SJBImRbisnwfMcEhKpSZs2S4Osdwk2Ayy0h8V/O+qHhiEuJq1mPbAWrYNGQerz16Ec4SbX6hPnAEle2SUwjbPUnfRRCROsJqfm0o=
   webhooks:
     urls:
-      - secure: QZ3/2h7hThg527PX1z7kTTRGL5jEbTTHRbetYHt8Gzgdhvtruq4cjxMQZdUcmxKlncAhoB976iFl/Ja9EpExgrXnt/Tj0Aft6JDc7g8y0kuD/SiQpFT7d46R7vOTJeFHyMzfQN9M/h81DXrG+VO5OPGR/QYNa39kMzkTc86tt1E=
+    - secure: QZ3/2h7hThg527PX1z7kTTRGL5jEbTTHRbetYHt8Gzgdhvtruq4cjxMQZdUcmxKlncAhoB976iFl/Ja9EpExgrXnt/Tj0Aft6JDc7g8y0kuD/SiQpFT7d46R7vOTJeFHyMzfQN9M/h81DXrG+VO5OPGR/QYNa39kMzkTc86tt1E=
     on_success: always
     on_failure: always
     on_start: never
   slack:
     rooms:
-      secure: bQlLJ6OvyWUWO51eYjPlEwuGApdYEsqBa8He4gKcTFdjTE6lLxrdu0QE6y1iIroN5+QOk4QpwIYaeWxhgrtVqTNrq9iWnhRR8agcXMPBh1cHnh8EZO6yuC3JE1dd2syKe5Vds67w6KbJedX5GNRg2SVLrL2mHq2syvWAD17BcoI=
+      secure: jis/Fcasy+4QCqg6SZnf1XxXTNFrQENutYCN4QuMUQbfiD6QsLxTQS5o0MZ8e9EYTdptUXmjjgkaEulxO5fIUtmDcOrKcPxToDMjyCZEglfEf9CzRVRap7LnZwoCZ5yet/0E68qt4QhfTgfwYc9QIfSZo45rdyNS6BXI2vomGqE=
     on_success: change
     on_failure: change
     on_start: never
     on_pull_requests: false
 before_deploy:
-  - 'rm -rf node_modules'
-  - 'npm install --production'
-  - 'grunt package'
+- rm -rf node_modules
+- npm install --production
+- npm run package
 deploy:
 - provider: heroku
   api_key:
     secure: faVT3Ne/O7lVo0+pTm6RcXss0ivvSoODaxMkiVwdpk/51/EsRd4+/Gjmp3RGPmW5H5luOephsI8uFMMhgKiu5i3NV58ZSx29Z0aby+bfIhesZGZqJQvxeW8B0J8vlQFnEHP6xc6SAlXSdNjNpDeBaV7WSFSGKGp4Nh5QyO2ySLI=
   app:
     master: juice-shop
     develop: juice-shop-staging
-    gsoc-integration: juice-shop-gsoc
+    release-v8: juice-shop-v8
   on:
     repo: bkimminich/juice-shop
     node: 10
@@ -71,7 +70,7 @@ deploy:
   skip_cleanup: true
   file_glob: true
   draft: true
-  tag_name: $TRAVIS_TAG
+  tag_name: "$TRAVIS_TAG"
   on:
     repo: bkimminich/juice-shop
     tags: true
diff --git a/Gruntfile.js b/Gruntfile.js
@@ -8,56 +8,6 @@ module.exports = function (grunt) {
   grunt.initConfig({
     pkg: grunt.file.readJSON('package.json'),
 
-    uglify: {
-      js: {
-        files: {
-          'app/tmp/juice-shop.min.js': [ 'app/tmp/juice-shop.js' ]
-        },
-        options: {
-          mangle: true
-        }
-      },
-      dist: {
-        files: {
-          'app/dist/juice-shop.min.js': [ 'app/tmp/juice-shop.min.js' ]
-        }
-      }
-    },
-
-    ngtemplates: {
-      juiceShop: {
-        cwd: 'app',
-        src: [ 'views/*.html' ],
-        dest: 'app/tmp/views.js'
-      }
-    },
-
-    clean: {
-      temp: {
-        src: [ 'app/tmp' ]
-      },
-      dist: {
-        src: [ 'app/dist' ]
-      },
-      pckg: {
-        src: [ 'dist' ]
-      }
-    },
-
-    concat: {
-      options: {
-        separator: ';'
-      },
-      js: {
-        src: [ 'app/js/**/*.js' ],
-        dest: 'app/tmp/juice-shop.js'
-      },
-      dist: {
-        src: [ 'app/tmp/juice-shop.min.js', 'app/tmp/*.js' ],
-        dest: 'app/tmp/juice-shop.min.js'
-      }
-    },
-
     compress: {
       pckg: {
         options: {
@@ -73,14 +23,7 @@ module.exports = function (grunt) {
               'package.json',
               'ctf.key',
               'swagger.yml',
-              'app/index.template.html',
-              'app/node_modules/**',
-              'app/css/*.css',
-              'app/css/geo-bootstrap/**',
-              'app/dist/juice-shop.min.js',
-              'app/i18n/*.json',
-              'app/private/**',
-              'app/public/**',
+              'frontend/dist/frontend/**',
               'config/*.yml',
               'data/*.js',
               'data/static/*.yml',
@@ -98,12 +41,6 @@ module.exports = function (grunt) {
     }
   })
 
-  grunt.loadNpmTasks('grunt-angular-templates')
-  grunt.loadNpmTasks('grunt-contrib-clean')
-  grunt.loadNpmTasks('grunt-contrib-concat')
-  grunt.loadNpmTasks('grunt-contrib-uglify')
   grunt.loadNpmTasks('grunt-contrib-compress')
-
-  grunt.registerTask('minify', [ 'clean:dist', 'concat:js', 'uglify:js', 'ngtemplates:juiceShop', 'concat:dist', 'uglify:dist', 'clean:temp' ])
-  grunt.registerTask('package', [ 'clean:pckg', 'minify', 'compress:pckg' ])
+  grunt.registerTask('package', [ 'compress:pckg' ])
 }
diff --git a/HALL_OF_FAME.md b/HALL_OF_FAME.md
@@ -54,7 +54,7 @@ translations and commits to `app/i18n`. Grouped by language as of Fri,
 - :finland: Nico Ådahl
 - :fr: Kylian Runembert, vientspam, Simon Basset
 - :de: Björn Kimminich
-- :hongkong: r0n1am
+- :hong_kong: r0n1am
 - :hungary: OliverkeHU
 - :india: Shivam Luthra
 - :indonesia: adeyosemanputra, bahrunghozali, kahfiehudson, Mohammad

diff --git a/README.md b/README.md
@@ -1,4 +1,4 @@
-# ![Juice Shop Logo](https://raw.githubusercontent.com/bkimminich/juice-shop/master/app/public/images/JuiceShop_Logo_100px.png) OWASP Juice Shop [![OWASP Labs](https://img.shields.io/badge/owasp-lab%20project-f7b73c.svg)](https://www.owasp.org/index.php/OWASP_Project_Inventory#tab=Labs_Projects) [![GitHub release](https://img.shields.io/github/release/bkimminich/juice-shop.svg)](https://github.com/bkimminich/juice-shop/releases/latest) [![Twitter Follow](https://img.shields.io/twitter/follow/owasp_juiceshop.svg?style=social&label=Follow)](https://twitter.com/owasp_juiceshop)
+# ![Juice Shop Logo](https://raw.githubusercontent.com/bkimminich/juice-shop/master/app/public/images/JuiceShop_Logo_100px.png) OWASP Juice Shop [![OWASP Flagship](https://img.shields.io/badge/owasp-flagship%20project-48A646.svg)](https://www.owasp.org/index.php/OWASP_Project_Inventory#tab=Flagship_Projects) [![GitHub release](https://img.shields.io/github/release/bkimminich/juice-shop.svg)](https://github.com/bkimminich/juice-shop/releases/latest) [![Twitter Follow](https://img.shields.io/twitter/follow/owasp_juiceshop.svg?style=social&label=Follow)](https://twitter.com/owasp_juiceshop)
 
 [![Build Status](https://travis-ci.org/bkimminich/juice-shop.svg?branch=master)](https://travis-ci.org/bkimminich/juice-shop)
 [![Build status](https://ci.appveyor.com/api/projects/status/903c6mnns4t7p6fa/branch/master?svg=true)](https://ci.appveyor.com/project/bkimminich/juice-shop/branch/master)
@@ -91,15 +91,6 @@ overview please visit the official project page:
 3. Click on the _Open_ icon next to _Web Preview_ to browse to OWASP
    Juice Shop
 
-#### Deploy to Docker Cloud (:microscope:)
-
-1. Click the button below and follow the instructions
-
-[![Deploy to Docker Cloud](https://files.cloud.docker.com/images/deploy-to-dockercloud.svg)](https://cloud.docker.com/stack/deploy/)
-
-> This (:microscope:) is an experimental deployment option! Your
-> feedback is appreciated at <https://gitter.im/bkimminich/juice-shop>.
-
 ### Vagrant
 
 1. Install [Vagrant](https://www.vagrantup.com/downloads.html) and
@@ -255,7 +246,7 @@ If you need help with the application setup please check the
 or question in the
 [official Gitter Chat](https://gitter.im/bkimminich/juice-shop).
 
-## Contributing [![GitHub contributors](https://img.shields.io/github/contributors/bkimminich/juice-shop.svg)](https://github.com/bkimminich/juice-shop/graphs/contributors) [![Stories in Ready](https://badge.waffle.io/bkimminich/juice-shop.svg?label=ready&title=Ready)](http://waffle.io/bkimminich/juice-shop) [![JavaScript Style Guide](https://img.shields.io/badge/code%20style-standard-brightgreen.svg)](http://standardjs.com/) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/owasp-juice-shop/localized.svg)](https://crowdin.com/project/owasp-juice-shop) [![Bountysource Activity](https://img.shields.io/bountysource/team/juice-shop/activity.svg)](https://www.bountysource.com/teams/juice-shop)
+## Contributing [![GitHub contributors](https://img.shields.io/github/contributors/bkimminich/juice-shop.svg)](https://github.com/bkimminich/juice-shop/graphs/contributors) [![Waffle.io - Columns and their card count](https://badge.waffle.io/bkimminich/juice-shop.svg?columns=all)](https://waffle.io/bkimminich/juice-shop) [![JavaScript Style Guide](https://img.shields.io/badge/code%20style-standard-brightgreen.svg)](http://standardjs.com/) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/owasp-juice-shop/localized.svg)](https://crowdin.com/project/owasp-juice-shop) [![Bountysource Activity](https://img.shields.io/bountysource/team/juice-shop/activity.svg)](https://www.bountysource.com/teams/juice-shop)
 
 We are always happy to get new contributors on board! Please check the
 following table for possible ways to do so:

diff --git a/REFERENCES.md b/REFERENCES.md
@@ -20,6 +20,8 @@ where this project was mentioned or used!
 
 ## Web Links
 
+* Blog post on [Security Boulevard](https://securityboulevard.com):
+  [From Dev to InfoSec Part 1 – The Journey Begins](https://securityboulevard.com/2018/08/from-dev-to-infosec-part-1-the-journey-begins/)
 * Blog post on
   [Null Byte :: WonderHowTo](https://null-byte.wonderhowto.com):
   [Beginner's Guide to OWASP Juice Shop, Your Practice Hacking Grounds for the 10 Most Common Web App Vulnerabilities](https://null-byte.wonderhowto.com/how-to/beginners-guide-owasp-juice-shop-your-practice-hacking-grounds-for-10-most-common-web-app-vulnerabilities-0185103/)
@@ -112,6 +114,7 @@ where this project was mentioned or used!
 
 ## Lectures and Trainings
 
+* [University lecture on "IT Security"](https://github.com/bkimminich/it-security-lecture) as Open Educational Resources material by Björn Kimminich
 * [Descargar aqui el taller OWASP Top 10 Hands On basado en OWASP Top 10 y Juice Shop](https://drive.google.com/drive/folders/0B6zv033D1iK9eTJId2RhZkJFTlk?usp=sharing)
   (:es:) by Mateo Martinez, Gerardo Canedo and Maxiimiliano Alonzo,
   [OWASP Uruguay Chapter](https://www.owasp.org/index.php/Uruguay)

diff --git a/app/css/app.css b/app/css/app.css
diff --git a/app/css/geo-bootstrap/img/flames.gif b/app/css/geo-bootstrap/img/flames.gif
diff --git a/app/css/geo-bootstrap/img/glyphicons-halflings-white.png b/app/css/geo-bootstrap/img/glyphicons-halflings-white.png
diff --git a/app/css/geo-bootstrap/img/glyphicons-halflings.png b/app/css/geo-bootstrap/img/glyphicons-halflings.png
diff --git a/app/css/geo-bootstrap/img/hot.gif b/app/css/geo-bootstrap/img/hot.gif
diff --git a/app/css/geo-bootstrap/img/progress.gif b/app/css/geo-bootstrap/img/progress.gif
diff --git a/app/css/geo-bootstrap/img/rainbow.gif b/app/css/geo-bootstrap/img/rainbow.gif
diff --git a/app/css/geo-bootstrap/img/stars.gif b/app/css/geo-bootstrap/img/stars.gif