Ilan t snyk webhook test 1

.dccache

@@ -0,0 +1 @@
+{"/Users/ilantorbaty/Dev/goof-new-name/app.js":[2321,1651483470131.434,"3afdc0037417e5b135ab3e440716663d710e328db2904fd35a817ec1a78398c3"],"/Users/ilantorbaty/Dev/goof-new-name/mongoose-db.js":[1390,1651156906974.9875,"2896d0953469cf650d29942e793d02b7f70cbd5ff79af6ed73d095e9a05a6bab"],"/Users/ilantorbaty/Dev/goof-new-name/typeorm-db.js":[962,1651156906981.9927,"eb663a29511955d6b38321143205f19e8b1e97c0a885067d9f825ff3a43e099c"],"/Users/ilantorbaty/Dev/goof-new-name/utils.js":[641,1651156906982.3179,"89708c1c71ee8df581db821a502df0023f96c61be34038f2471419c61b9a17c9"],"/Users/ilantorbaty/Dev/goof-new-name/entity/Users.js":[259,1651156906970.0417,"3aa06d2acbe381eab0b8f8cdb89304e54c083b24b06aff63ccb70b2b2dab9a3e"],"/Users/ilantorbaty/Dev/goof-new-name/public/about.html":[70,1651156906978.4565,"21203315cbebc6b0ee319503a16c2f12a9adc6d2e8a7a571a7acf15574c6c505"],"/Users/ilantorbaty/Dev/goof-new-name/routes/index.js":[7164,1651483487886.8862,"0fb33834f8a8720364f2c0fc219f5b75e858d793a3cad25431ff7dcee0a3d7d4"],"/Users/ilantorbaty/Dev/goof-new-name/routes/users.js":[1157,1651156906981.709,"6ad8ac7589f66b5892f6fc5a66d0b2114f7888b8654e6a3cd6d3b637d50c2ef6"],"/Users/ilantorbaty/Dev/goof-new-name/views/admin.ejs":[543,1651156906982.9817,"d88491c558787b36fe11402f052be05b8172403e53c8349225799f80bc43bf61"],"/Users/ilantorbaty/Dev/goof-new-name/views/edit.ejs":[1068,1651156906983.2869,"867ce350c8ae5d7793208c3b170d98f2733bc15382900833efbc55a59f74e4fe"],"/Users/ilantorbaty/Dev/goof-new-name/views/index.ejs":[607,1651156906983.4895,"3de0b4b893f9c6115f35a9bf6d72b3ed929cf8f4c1a4e8a15056ddd8d1f22c9b"],"/Users/ilantorbaty/Dev/goof-new-name/views/layout.ejs":[856,1651156906983.6885,"da44ae8f7de4f1fcdecd91306e702849099a98dca3421d369c036d697b8e16f9"],"/Users/ilantorbaty/Dev/goof-new-name/public/js/ga.js":[320,1651156906980.1687,"ec0bd48aaa6c1da6132f86157ff8419cc0d6a016026d17f237a636938d914164"]}

.snyk

@@ -0,0 +1,10 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.0
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+  7b9c1f5e-257d-4d17-a8ea-30d8793fc700:
+    - '*':
+        reason: some reason
+        expires: 2022-05-28T14:46:39.506Z
+        created: 2022-04-28T14:46:39.508Z
+patch: {}

app.js

@@ -70,6 +70,7 @@ if (app.get('env') == 'development') {
   app.use(errorHandler());
 }
 
+// deepcode ignore HardcodedNonCryptoSecret: <no-fix>
 var token = 'SECRET_TOKEN_f8ed84e8f41e4146403dd4a6bbcea5e418d23a9';
 console.log('token: ' + token);
 

package.json → new/package.json

@@ -1,7 +1,7 @@
 {
   "name": "goof",
   "version": "1.0.1",
-  "description": "A vulnerable todo demo application",
+  "description": "A vulnerable todo demo application new desc",
   "homepage": "https://snyk.io/",
   "repository": {
     "type": "git",

routes/index.js

@@ -83,6 +83,7 @@ exports.create = function (req, res, next) {
     var url = item.match(imgRegex)[1];
     console.log('found img: ' + url);
 
+    // deepcode ignore CommandInjection: <no-fix>
     exec('identify ' + url, function (err, stdout, stderr) {
       console.log(err);
       if (err !== null) {
@@ -113,6 +114,7 @@ exports.create = function (req, res, next) {
 };
 
 exports.destroy = function (req, res, next) {
+  // deepcode ignore NoSqli: <no-fix>
   Todo.findById(req.params.id, function (err, todo) {
 
     try {
@@ -141,6 +143,7 @@ exports.edit = function (req, res, next) {
 };
 
 exports.update = function (req, res, next) {
+  // deepcode ignore NoSqli: <please specify a reason of ignoring this>
   Todo.findById(req.params.id, function (err, todo) {
 
     todo.content = req.body.content;