diff --git a/.codeclimate.yml b/.codeclimate.yml index 789490203ba..411b9d5e31f 100644 --- a/.codeclimate.yml +++ b/.codeclimate.yml @@ -19,10 +19,11 @@ checks: identical-code: enabled: false exclude_patterns: - - '**/*conf.js' - 'Gruntfile.js' + - '**/*conf.js' - 'data/datacreator.ts' + - 'data/static/codefixes/**' - 'frontend/src/hacking-instructor/**/*.ts' - 'frontend/src/assets/private/*.js' - 'lib/logger.ts' - - 'data/static/codefixes/**' + - 'lib/config.types.ts' diff --git a/.mailmap b/.mailmap index a76aace3d3d..4a25e7141ad 100644 --- a/.mailmap +++ b/.mailmap @@ -4,18 +4,19 @@ Björn Kimminich Bjoern Kimminich Bjoern Kimminich Björn Kimminich Björn Kimminich Björn Kimminich Björn Kimminich -Björn Kimminich bjoern.kimminich Björn Kimminich Björn Kimminich +Björn Kimminich bjoern.kimminich CaptainFreak CaptainFreak +JamesCullum <5477111+JamesCullum@users.noreply.github.com> JamesCullum Jannik Hollenbach J12934 <13718901+J12934@users.noreply.github.com> Jannik Hollenbach Jannik Hollenbach <13718901+J12934@users.noreply.github.com> +Jannik Hollenbach Jannik Hollenbach Jannik Hollenbach Jannik Hollenbach Jannik Hollenbach Jannik Hollenbach -Jannik Hollenbach Jannik Hollenbach -JamesCullum <5477111+JamesCullum@users.noreply.github.com> JamesCullum MarcRler Marc Rüttler MarcRler MarcRler Nat McHugh Nathaniel McHugh +Scar26 Mohit Sharma <41830515+Scar26@users.noreply.github.com> Simon Basset Simon Basset Supratik Das Supratik Das <30755453+supra08@users.noreply.github.com> Timo Pagel Timo Pagel @@ -27,4 +28,3 @@ aaryan10 Aaryan Budhiraja <31697449+aaryan01@users. agrawalarpit14 Arpit Agrawal <35000671+agrawalarpit14@users.noreply.github.com> greenkeeper[bot] greenkeeper[bot] <23040076+greenkeeper[bot]@users.noreply.github.com> omerlh Omer Levi Hevroni -Scar26 Mohit Sharma <41830515+Scar26@users.noreply.github.com> diff --git a/HALL_OF_FAME.md b/HALL_OF_FAME.md index c90a23d7047..09f830b2797 100644 --- a/HALL_OF_FAME.md +++ b/HALL_OF_FAME.md @@ -1,18 +1,9 @@ # Hall of Fame -## Core Team - -- [Björn Kimminich](https://github.com/bkimminich) aka `bkimminich` - ([Project Leader](https://www.owasp.org/index.php/Projects/Project_Leader_Responsibilities)) - [![Keybase PGP](https://img.shields.io/keybase/pgp/bkimminich)](https://keybase.io/bkimminich) -- [Jannik Hollenbach](https://github.com/J12934) aka `J12934` -- [Timo Pagel](https://github.com/wurstbrot) aka `wurstbrot` -- [Shubham Palriwala](https://github.com/ShubhamPalriwala) aka `ShubhamPalriwala` - ## GitHub Contributors -As reported by [`git-stats -a -s '2014'`](https://www.npmjs.com/package/git-stats) analysis of `master` as of Wed, 07 Aug -2024 after deduplication with `.mailmap`. +As reported by [`git-stats -a -s '2014'`](https://www.npmjs.com/package/git-stats) analysis of `master` as of Thu, 30 Jan +2025 after deduplication with `.mailmap`. ![Top git contributors](screenshots/git-stats.png) diff --git a/README.md b/README.md index 5edb59bb98f..5428f8b6556 100644 --- a/README.md +++ b/README.md @@ -225,14 +225,10 @@ about donations and how they are used here: ## Contributors -The OWASP Juice Shop core project team are: +The OWASP Juice Shop Project Leaders are: -- [Björn Kimminich](https://github.com/bkimminich) aka `bkimminich` - ([Project Leader](https://www.owasp.org/index.php/Projects/Project_Leader_Responsibilities)) - [![Keybase PGP](https://img.shields.io/keybase/pgp/bkimminich)](https://keybase.io/bkimminich) +- [Björn Kimminich](https://github.com/bkimminich) aka `bkimminich` [![Keybase PGP](https://img.shields.io/keybase/pgp/bkimminich)](https://keybase.io/bkimminich) - [Jannik Hollenbach](https://github.com/J12934) aka `J12934` -- [Timo Pagel](https://github.com/wurstbrot) aka `wurstbrot` -- [Shubham Palriwala](https://github.com/ShubhamPalriwala) aka `ShubhamPalriwala` For a list of all contributors to the OWASP Juice Shop please visit our [HALL_OF_FAME.md](HALL_OF_FAME.md). diff --git a/REFERENCES.md b/REFERENCES.md index e6e561ca49b..b2a6be70b19 100644 --- a/REFERENCES.md +++ b/REFERENCES.md @@ -320,7 +320,7 @@ mentioned or used! * :date: [OWASP Juice Shop 10th anniversary: Is it still fresh?](https://god.owasp.de/2024/program-detail.html?talk=talkOne) by Björn Kimminich, [German OWASP Day 2024](https://god.owasp.de/2024), 13.11.2024 * [OWASP Juice Shop 10th anniversary: Is it still fresh?](https://opensecurityconference.org/conference/keynotes) keynote by Björn Kimminich, [Open Security Conference](https://opensecurityconference.org/), 04.10.2024 * [DSOMM & Juice Shop User Day](https://owasp2024globalappsecsanfra.sched.com/event/1gk01/juice-shop-dsomm-user-day-2024) before [OWASP 2024 Global AppSec San Francisco](https://sf.globalappsec.org/) with Timo Pagel, Jannik Hollenbach & Björn Kimminich, 25.09.2024 -* [OWASP Juice Shop](https://owasp2024globalappsecsanfra.sched.com/event/1ivEu/owasp-juiceshop) talk in Project Track of [OWASP 2024 Global AppSec San Francisco](https://sf.globalappsec.org/) by Björn Kimminich, 27.09.2024 +* [OWASP Juice Shop](https://owasp2024globalappsecsanfra.sched.com/event/1ivEu/owasp-juiceshop) talk in Project Track of [OWASP 2024 Global AppSec San Francisco](https://sf.globalappsec.org/) by Björn Kimminich, 27.09.2024 ([YouTube](https://www.youtube.com/watch?v=1-2e-OpvV-Y)) * [Brick your Juice Shop in 319 easy steps](https://www.meetup.com/owasp-hamburg-stammtisch/events/302138351/) by Jannik Hollenbach & Björn Kimminich, [69. OWASP Stammtisch Hamburg](https://owasp.org/www-chapter-germany/stammtische/hamburg/), 23.07.2024 * [OWASP Juice Shop - An Open Source Software and security Fairytale](https://ndc-security.com/agenda/owasp-juice-shop-an-open-source-software-and-security-fairytale-09mg/09ko186cud8) by Björn Kimminich, [NDC Security 2024](https://ndc-security.com/), 11.01.2024 @@ -328,14 +328,14 @@ mentioned or used! #### 2023 * [Juice Shop Training: Train the Trainer Edition](http://www.owaspbenelux.eu/program/training#Bj%C3%B6rn-Kimminich) with Björn Kimminich, [OWASP BeNeLux Days 2023](http://www.owaspbenelux.eu/). 24.11.2023 -* [OWASP Juice Shop - An Open Source Software (and security) Fairytale](http://www.owaspbenelux.eu/program/talks#Bj%C3%B6rn-Kimminich) by Björn Kimminich, [OWASP BeNeLux Days 2023](http://www.owaspbenelux.eu/). 23.11.2023 [YouTube](https://youtu.be/54caQ4g72oI) +* [OWASP Juice Shop - An Open Source Software (and security) Fairytale](http://www.owaspbenelux.eu/program/talks#Bj%C3%B6rn-Kimminich) by Björn Kimminich, [OWASP BeNeLux Days 2023](http://www.owaspbenelux.eu/). 23.11.2023 ([YouTube](https://youtu.be/54caQ4g72oI)) * [How Vulnerable is Juice Shop? A Secure Code Review of Insecure Code](https://www.nationalcybersummit.com/Program/2023-Agenda) by Joshua Beck, [National Cyber Summit 2023](https://www.nationalcybersummit.com/Home). 20.09.2023 * [Track keynote: OWASP Juice Shop](https://sikkerhetsfestivalen.no/program-2023) by Björn Kimminich, [Sikkerhetsfestivalen 2023](https://sikkerhetsfestivalen.no/). 29.08.2023 -* [Juice Shop Update³](https://god.owasp.de/2023/schedule/index.html) by Björn Kimminich, [German OWASP Day 2023](https://god.owasp.de/2023). 31.05.2023 [YouTube](https://youtu.be/87DuRYwXtxk) +* [Juice Shop Update³](https://god.owasp.de/2023/schedule/index.html) by Björn Kimminich, [German OWASP Day 2023](https://god.owasp.de/2023). 31.05.2023 ([YouTube](https://youtu.be/87DuRYwXtxk)) * [Juice Shop Training: Train the Trainer Edition](https://god.owasp.de/2023/schedule/index.html) with Björn Kimminich, [German OWASP Day 2023](https://god.owasp.de/2023). 30.05.2023 * [OWASP Juice Shop](https://www.meetup.com/owasp-chapter-netherlands-meetup/events/292323208) - by Björn Kimminich, [April 2023 OWASP Chapter Netherlands Meetup](https://www.meetup.com/owasp-chapter-netherlands-meetup/), 20.04.2023 [YouTube](https://www.youtube.com/live/Bhp3LpgtNZ4?feature=share&t=3856) -* [Squeezing the last drop out of OWASP Juice Shop](https://owasp2023globalappsecdublin.sched.com/event/1FWfq/squeezing-the-last-drop-out-of-owasp-juice-shop) by Björn Kimminich, [OWASP 2023 Global AppSec Dublin](https://dublin.globalappsec.org/), 15.02.2023 [YouTube](https://youtu.be/m1f2fPC8hLU) + by Björn Kimminich, [April 2023 OWASP Chapter Netherlands Meetup](https://www.meetup.com/owasp-chapter-netherlands-meetup/), 20.04.2023 ([YouTube](https://www.youtube.com/live/Bhp3LpgtNZ4?feature=share&t=3856)) +* [Squeezing the last drop out of OWASP Juice Shop](https://owasp2023globalappsecdublin.sched.com/event/1FWfq/squeezing-the-last-drop-out-of-owasp-juice-shop) by Björn Kimminich, [OWASP 2023 Global AppSec Dublin](https://dublin.globalappsec.org/), 15.02.2023 ([YouTube](https://youtu.be/m1f2fPC8hLU)) #### 2022 diff --git a/frontend/src/assets/i18n/zh_TW.json b/frontend/src/assets/i18n/zh_TW.json index 3cd2ce574b0..3a3b551e66f 100644 --- a/frontend/src/assets/i18n/zh_TW.json +++ b/frontend/src/assets/i18n/zh_TW.json @@ -113,10 +113,10 @@ "LABEL_STATUS": "狀態", "STATUS_UNSOLVED": "尚未解決", "STATUS_SOLVED": "已解決", - "STATUS_PARTIALLY_SOLVED": "partially solved", + "STATUS_PARTIALLY_SOLVED": "部分解決", "STATUS_UNAVAILABLE": "無法使用", - "STATUS_ALL": "all", - "CALL_FOR_CONTRIBUTIONS": "Got an idea for a new challenge? Found a vulnerability that is not tracked here? Let us know via Gitter.im community chat or by opening a GitHub issue!", + "STATUS_ALL": "全部", + "CALL_FOR_CONTRIBUTIONS": "有新挑戰的想法嗎? 發現此處未跟踪的漏洞? 讓我們知道通過 Gitter.im 社群聊天或者通過打開GitHub 問題!", "CALL_FOR_FEEDBACK": "請回答問卷,改善{{appname}}並為您提供更好的服務", "CHALLENGE_SOLVED": "您成功地解決一個挑戰:{{challenge}}", "INVALID_CONTINUE_CODE": "無效的延續代碼", @@ -194,9 +194,9 @@ "ADD_BASKET": "加入購物車", "BTN_SHOW_ALL": "顯示全部", "BTN_SHOW_UNAVAILABLE": "顯示為不可用", - "INFO_DISABLED_CHALLENGES": "{{num}} challenges are unavailable on {{env}} due to security concerns or technical incompatibility!", + "INFO_DISABLED_CHALLENGES": "挑戰無法在{{env}}使用因為或者", "SHOW_DISABLED_CHALLENGES": "Show them anyways", - "HIDE_DISABLED_CHALLENGES": "Hide disabled challenges", + "HIDE_DISABLED_CHALLENGES": "隱瞞(disabled = 取消/有缺陷)的挑戰", "BTN_HIDE_ALL": "隱藏全部", "TYPE_THESE_LETTERS": "輸入這{{length}}個字", "BTN_REQUEST": "請求", @@ -319,7 +319,7 @@ "IMAGE_UPLOAD_SUCCESS": "你的檔案已成功上傳。", "EMPTY_MEMORY_LIST": "尚未分享任何的回憶。", "LABEL_DELUXE_MEMBERSHIP": "豪華會員", - "DESCRIPTION_DELUXE_MEMBERSHIP": "Enjoy amazing benefits as a deluxe customer of {{appname}}. Check out what is included with your membership.", + "DESCRIPTION_DELUXE_MEMBERSHIP": "作為豪華消費者享受 {{appname}} 驚人的利益。查看您的會員資格包含哪些內容。", "LABEL_BECOME_MEMBER": "成為會員", "LABEL_DEALS_OFFERS": "優惠與報價", "DESCRIPTION_DEALS_OFFERS": "作為豪華會員,你可以享受獨家優惠和不可抗拒的優惠。", @@ -345,7 +345,7 @@ "CONFIRM_RECYCLING_BOX": "感謝你使用我們的環境友善自助回收服務。我們將盡快向您發送果渣回收箱。", "CONFIRM_RECYCLING_PICKUP": "感謝您使用我們方便的回收服務,我們將在{{pickupdate}}收取您的廢棄物", "CHALLENGE_UNAVAILABLE": "這個挑戰在{{env}}中無法使用", - "CHALLENGE_UNAVAILABLE_SAFETYMODE": "This challenge is unavailable because the application is running in safety mode!", + "CHALLENGE_UNAVAILABLE_SAFETYMODE": "此挑戰不可用,因為軟件正在安全模式下運行!", "CLICK_FOR_MORE_HINTS": "點擊以開啟更多提示", "CLICK_TO_OPEN_HINTS": "點擊以開啟提示", "BONUS_POINTS_EARNED": "獲得的獎勵積分:{{bonus}}", @@ -358,7 +358,7 @@ "INFO_NEXT_TUTORIAL_TIER": "完成{{tier}}課程挑戰來顯示下一個更困難的層級", "SHOW_COMMENT": "顯示註解", "INFO_VULNERABILITY_MITIGATION_LINK": "點擊學習如何避免或減少類似漏洞", - "BACKUP_HEADLINE": "File Based Backups", + "BACKUP_HEADLINE": "基於檔案的備份", "BTN_SAVE_BACKUP": "儲存備份", "SAVE_BACKUP_TOOLTIP": "儲存挑戰進度及環境設定至檔案", "BTN_RESTORE_BACKUP": "還原備份", @@ -370,7 +370,7 @@ "TAG_PREREQUISITE": "先決條件", "TAG_PREREQUISITE_DESCRIPTION": "標示有需完成前置要求(挑戰)的挑戰", "TAG_OSINT": "OSINT", - "TAG_OSINT_DESCRIPTION": "Marks challenges which require some Internet research or \"social stalking\" activity outside the application.", + "TAG_OSINT_DESCRIPTION": "標記需要進行網絡研究或在軟件之外進行“社交調查”的挑戰", "TAG_CONTRAPTION": "奇怪的東西", "TAG_CONTRAPTION_DESCRIPTION": "表示這些挑戰並非完全為現實情況中的一部分,但可能會透過直接或精心設計方式而產生。", "TAG_SHENANIGANS": "惡作劇", @@ -384,9 +384,9 @@ "TAG_CODE_ANALYSIS": "程式碼分析", "TAG_CODE_ANALYSIS_DESCRIPTION": "標註出一些挑戰,這些挑戰幫你通過某些應用程序或第三方原始碼。", "TAG_WEB3": "Web3", - "TAG_WEB3_DESCRIPTION": "Marks challenges which incorporate Web3 concepts or technology such as Blockchain, Crypto Currency, Smart Contracts, or NFT.", - "TAG_INTERNET_TRAFFIC": "Internet Traffic", - "TAG_INTERNET_TRAFFIC_DESCRIPTION": "Marks challenges strictly depending on the server being able to connect with the Internet via e.g. WebSocket or JSON-RPC.", + "TAG_WEB3_DESCRIPTION": "標記包含 Web3 概念或技術的挑戰,例如Blockchain, Crypto Currency, Smart Contracts, or NFT", + "TAG_INTERNET_TRAFFIC": "互聯網流量", + "TAG_INTERNET_TRAFFIC_DESCRIPTION": "標記嚴格依賴能夠通過例如 WebSocket 或 JSON-RPC 與互聯網連接的服務器之挑戰。", "CATEGORY_BROKEN_ACCESS_CONTROL": "不適當的存取控制", "CATEGORY_BROKEN_ANTI_AUTOMATION": "不適當的反自動化", "CATEGORY_BROKEN_AUTHENTICATION": "不適當的驗證機制", @@ -426,43 +426,43 @@ "TAB_FIND_IT": "找出來", "TAB_FIX_IT": "修復它", "TITLE_CODING_SCORE": "編碼分數", - "TITLE_CODING_CHALLENGES": "Coding Challenges", - "TITLE_HACKING_CHALLENGES": "Hacking Challenges", - "TITLE_CHALLENGES_SOLVED": "Challenges Solved", + "TITLE_CODING_CHALLENGES": "編程挑戰", + "TITLE_HACKING_CHALLENGES": "黑客挑戰", + "TITLE_CHALLENGES_SOLVED": "挑戰已解決", "LABEL_FEEDBACK": "回饋 ", - "LABEL_RESET_ALL_FILTERS": "Reset All Filters", - "NO_CHALLENGES_FOUND": "No challenges found matching your filters!", - "SCOREBOARD_ADDITIONAL_SETTINGS": "Additional Score Board Settings", - "LINK_TRY_OUT_NEW_CRYPTO_WALLET": "Try out our new Crypto Wallet", - "TITLE_CRYPTO_WALLET": "Crypto Wallet", - "BTN_CONNECT_METAMASK": "Connect your MetaMask", - "BTN_DEPOSIT": "Deposit", - "BTN_WITHDRAW": "Withdraw", - "ENTER_ETHER_AMOUNT": "Enter ether amount to deposit/withdraw", - "PLEASE_INSTALL_WEB3_WALLET": "Please install a Web3 wallet like MetaMask to proceed.", - "PLEASE_CONNECT_TO_SEPOLIA_NETWORK": "Please connect to the Sepolia Network.", - "PLEASE_CONNECT_WEB3_WALLET": "Please connect your Web3 wallet first.", - "TITLE_CONTRACT_EDITOR": "Contract Editor", - "TITLE_WEB3_SANDBOX": "Web3 Code Sandbox", - "EXPLANATION_SMART_CONTRACT_DEPLOYMENT": "Easily compile/deploy and invoke smart contracts from below", - "EXPLANATION_GWEI_VALUE_POST_COMPILATION": "You can pass ETH to the contract both while invoking/deploying by entering the GWEI Value post compilation", - "LABEL_SELECT_COMPILER_VERSION": "Select compiler version", - "BTN_COMPILE_CONTRACT": "Compile Contract", - "TITLE_CONTRACT_DEPLOYMENT": "Contract to deploy", - "LABEL_COMPILED_CONTRACTS": "Compiled Contracts", - "GWEI_VALUE_FOR_SENDING_ETH": "GWEI value for sending ETH", - "BTN_DEPLOY_SELECTED_CONTRACT": "Deploy selected Contract", - "LABEL_CONTRACT_ADDRESS": "Contract Address", - "TITLE_INTERACT_WITH_CONTRACT": "Interact with Contract", - "BTN_INVOKE": "Invoke", - "LABEL_OUTPUT_FOR": "Output for", + "LABEL_RESET_ALL_FILTERS": "重置所有篩選條件/過濾器", + "NO_CHALLENGES_FOUND": "未找到符合篩選條件的挑戰!", + "SCOREBOARD_ADDITIONAL_SETTINGS": "額外的積分榜設置", + "LINK_TRY_OUT_NEW_CRYPTO_WALLET": "試用我們的新Crypto錢包", + "TITLE_CRYPTO_WALLET": "Crypto錢包", + "BTN_CONNECT_METAMASK": "與MetaMask連接", + "BTN_DEPOSIT": "押金", + "BTN_WITHDRAW": "取款", + "ENTER_ETHER_AMOUNT": "輸入提款/存入的金額", + "PLEASE_INSTALL_WEB3_WALLET": "請安裝像 MetaMask 這樣的 Web3 錢包以繼續", + "PLEASE_CONNECT_TO_SEPOLIA_NETWORK": "請連接到 Sepolia 網絡。", + "PLEASE_CONNECT_WEB3_WALLET": "請先連接您的 Web3 錢包。", + "TITLE_CONTRACT_EDITOR": "合約編輯器", + "TITLE_WEB3_SANDBOX": "Web3程式碼沙箱", + "EXPLANATION_SMART_CONTRACT_DEPLOYMENT": "從下麵輕鬆編輯/部署及調用智慧合約", + "EXPLANATION_GWEI_VALUE_POST_COMPILATION": "您可以在調用/部署時通過輸入GWEI價值編輯後將ETH傳遞給合同", + "LABEL_SELECT_COMPILER_VERSION": "選擇編輯器的版本", + "BTN_COMPILE_CONTRACT": "編輯合同", + "TITLE_CONTRACT_DEPLOYMENT": "要部署的合同", + "LABEL_COMPILED_CONTRACTS": "編輯合同", + "GWEI_VALUE_FOR_SENDING_ETH": "發送ETH的GWEI價值", + "BTN_DEPLOY_SELECTED_CONTRACT": "部署所選的合同", + "LABEL_CONTRACT_ADDRESS": "契约地址", + "TITLE_INTERACT_WITH_CONTRACT": "與契约互動", + "BTN_INVOKE": "調用", + "LABEL_OUTPUT_FOR": "輸出給", "LABEL_OUTPUT": "輸出", "TITLE_SBT": "Juicy Chatbot SBT", - "BTN_SBT_NOTE": "Note: Never reveal your personal private keys and seed phrase to anyone", - "LABEL_PRIVATE_KEY": "Enter Private Key", - "BTN_AUTHENTICATE": "Authenticate", - "LABEL_ACCOUNT_ADDRESS": "Account Address", - "OWNED_BY": "Owned by", + "BTN_SBT_NOTE": "注意:切勿將您的私人密鑰和種子短語透露給任何人", + "LABEL_PRIVATE_KEY": "輸入私鑰", + "BTN_AUTHENTICATE": "身份驗證", + "LABEL_ACCOUNT_ADDRESS": "帳戶地址", + "OWNED_BY": "被(who)擁有", "NFT_SBT_BOX_TEXT": "Hurray! Find the Juice Shop SBT on {{link}}. This is a non-transferable token and is here to stay forever.", "FAUCET_BALANCE": "Faucet Balance", "BEE_BALANCE": "Your BEE Balance", diff --git a/screenshots/git-stats.png b/screenshots/git-stats.png index f85680caed1..92b1d1dfd0d 100644 Binary files a/screenshots/git-stats.png and b/screenshots/git-stats.png differ