Violation ("any") Dev Soki

.env

@@ -0,0 +1,4 @@
+# should be added to .gitignore
+TOTP_SECRET = IFTXE3SPOEYVURT2MRYGI52TKJ4HC3KH
+
+TEST_JWT_TOKEN = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

.github/workflows/ci.yml

@@ -0,0 +1,25 @@
+name: ci
+
+on: push
+
+jobs:
+  ci:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v2
+
+      - name: Setup nodejs
+        uses: actions/setup-node@v2
+        with:
+          node-version: 20
+
+      - name: Download dependencies
+        run: npm install
+
+      - name: Cypress run
+        uses: cypress-io/github-action@v6
+        with:
+          start: npm start
+          wait-on: 'http://localhost:3000' 
+

cypress.config.ts

@@ -14,10 +14,10 @@ export default defineConfig({
     downloadsFolder: 'test/cypress/downloads',
     fixturesFolder: false,
     supportFile: 'test/cypress/support/e2e.ts',
-    setupNodeEvents (on: any) {
-      on('before:browser:launch', (browser: any = {}, launchOptions: any) => { // TODO Remove after upgrade to Cypress >=12.5.0 <or> Chrome 119 become available on GitHub Workflows, see https://github.com/cypress-io/cypress-documentation/issues/5479
+    setupNodeEvents (on: Cypress.PluginEvents) {
+      on('before:browser:launch', (browser: Cypress.Browser, launchOptions:  Cypress.BeforeBrowserLaunchOptions) => { // TODO Remove after upgrade to Cypress >=12.5.0 <or> Chrome 119 become available on GitHub Workflows, see https://github.com/cypress-io/cypress-documentation/issues/5479
         if (browser.name === 'chrome' && browser.isHeadless) {
-          launchOptions.args = launchOptions.args.map((arg: any) => {
+          launchOptions.args = launchOptions.args.map((arg: string) => {
             if (arg === '--headless') {
               return '--headless=new'
             }
@@ -33,7 +33,8 @@ export default defineConfig({
           return security.generateCoupon(discount)
         },
         GetBlueprint () {
-          for (const product of config.get<ProductConfig[]>('products')) {
+          const products = config.get<ProductConfig[]>('products');
+          for (const product of products) {
             if (product.fileForRetrieveBlueprintChallenge) {
               const blueprint = product.fileForRetrieveBlueprintChallenge
               return blueprint
@@ -45,17 +46,18 @@ export default defineConfig({
             (product) => product.useForChristmasSpecialChallenge
           )[0]
         },
-        GetCouponIntent () {
-          const trainingData = require(`data/chatbot/${utils.extractFilename(
-            config.get('application.chatBot.trainingData')
-          )}`)
+        async GetCouponIntent () {
+          const trainingData = await import(
+            `data/chatbot/${utils.extractFilename(config.get('application.chatBot.trainingData'))}`
+          );
           const couponIntent = trainingData.data.filter(
             (data: { intent: string }) => data.intent === 'queries.couponCode'
           )[0]
           return couponIntent
         },
-        GetFromMemories (property: string) {
-          for (const memory of config.get<MemoryConfig[]>('memories') as any) {
+        GetFromMemories (property: keyof MemoryConfig) {
+          const memories = config.get<MemoryConfig[]>('memories');
+          for (const memory of memories) {
             if (memory[property]) {
               return memory[property]
             }

data/static/users.yml

@@ -147,7 +147,7 @@
   email: wurstbrot
   username: wurstbrot
   password: 'EinBelegtesBrotMitSchinkenSCHINKEN!'
-  totpSecret: IFTXE3SPOEYVURT2MRYGI52TKJ4HC3KH
+  totpSecret: ${TOTP_SECRET}
   key: timo
   role: 'admin'
   securityQuestion:

data/staticData.ts

@@ -3,11 +3,16 @@ import { readFile } from 'fs/promises'
 import { safeLoad } from 'js-yaml'
 import logger from '../lib/logger'
 
-export async function loadStaticData (file: string) {
-  const filePath = path.resolve('./data/static/' + file + '.yml')
-  return await readFile(filePath, 'utf8')
-    .then(safeLoad)
-    .catch(() => logger.error('Could not open file: "' + filePath + '"'))
+export async function loadStaticData(file: string) {
+  const sanitizedFileName = path.basename(file);
+  const filePath = path.resolve('./data/static/' + sanitizedFileName + '.yml');
+
+  try {
+    const data = await readFile(filePath, 'utf8');
+    return safeLoad(data);
+  } catch (error) {
+    logger.error('Could not open file: "' + filePath + '"');
+  }
 }
 
 export interface StaticUser {

frontend/src/app/Models/challenge.model.ts

@@ -6,6 +6,7 @@
 import { type SafeHtml } from '@angular/platform-browser'
 
 export interface Challenge {
+  id: string;  // Add the `id` field here
   name: string
   key: string
   category: string

frontend/src/app/Services/administration.service.spec.ts

@@ -8,6 +8,10 @@ import { fakeAsync, inject, TestBed, tick } from '@angular/core/testing'
 
 import { AdministrationService } from './administration.service'
 
+interface ApplicationVersionResponse {
+  version: string;
+}
+
 describe('AdministrationService', () => {
   beforeEach(() => {
     TestBed.configureTestingModule({
@@ -22,14 +26,14 @@ describe('AdministrationService', () => {
 
   it('should get application version directly from the rest api', inject([AdministrationService, HttpTestingController],
     fakeAsync((service: AdministrationService, httpMock: HttpTestingController) => {
-      let res: any
-      service.getApplicationVersion().subscribe((data) => (res = data))
+      let res: ApplicationVersionResponse | undefined
+      service.getApplicationVersion().subscribe((data: ApplicationVersionResponse) => (res = data))
       const req = httpMock.expectOne('http://localhost:3000/rest/admin/application-version')
       req.flush({ version: 'apiResponse' })
       tick()
 
       expect(req.request.method).toBe('GET')
-      expect(res).toBe('apiResponse')
+      expect(res?.version).toBe('apiResponse')
       httpMock.verify()
     })
   ))

frontend/src/app/Services/administration.service.ts

@@ -8,6 +8,10 @@ import { HttpClient } from '@angular/common/http'
 import { Injectable } from '@angular/core'
 import { catchError, map } from 'rxjs/operators'
 
+interface ApplicationVersionResponse {
+  version: string;
+}
+
 @Injectable({
   providedIn: 'root'
 })
@@ -19,7 +23,7 @@ export class AdministrationService {
 
   getApplicationVersion () {
     return this.http.get(this.host + '/application-version').pipe(
-      map((response: any) => response.version),
+      map((response: ApplicationVersionResponse) => response.version),
       catchError((error: Error) => { throw error })
     )
   }

frontend/src/app/Services/captcha.service.spec.ts

@@ -8,6 +8,10 @@ import { fakeAsync, inject, TestBed, tick } from '@angular/core/testing'
 
 import { CaptchaService } from './captcha.service'
 
+interface ApplicationVersionResponse {
+  version: string;
+}
+
 describe('CaptchaService', () => {
   beforeEach(() => {
     TestBed.configureTestingModule({
@@ -22,14 +26,14 @@ describe('CaptchaService', () => {
 
   it('should get captcha directly from the rest api', inject([CaptchaService, HttpTestingController],
     fakeAsync((service: CaptchaService, httpMock: HttpTestingController) => {
-      let res: any
-      service.getCaptcha().subscribe((data) => (res = data))
+      let res: ApplicationVersionResponse | undefined
+      service.getCaptcha().subscribe((data: ApplicationVersionResponse) => (res = data))
       const req = httpMock.expectOne('http://localhost:3000/rest/captcha/')
       req.flush('apiResponse')
 
       tick()
       expect(req.request.method).toBe('GET')
-      expect(res).toBe('apiResponse')
+      expect(res?.version).toBe('apiResponse')
       httpMock.verify()
     })
   ))