[Snyk] Fix for 1 vulnerabilities

.github/CODEOWNERS

@@ -1,2 +1 @@
-/vagrant/ @wurstbrot
-/test/cypress/ @ShubhamPalriwala
+@thavelock

.github/workflows/generate-sbom.yml

@@ -0,0 +1,43 @@
+name: Snyk SBOM Generation
+
+on:
+  workflow_dispatch:
+  workflow_call:
+
+env:
+    ANGULAR_CLI_VERSION: 13
+jobs:
+  sbom-open-source:
+    runs-on: ubuntu-latest
+    steps:
+        - name: Checkout Repo
+          uses: actions/checkout@master
+
+        - name: Use Node.js
+          uses: actions/setup-node@v1
+          with:
+            node-version: 18.4
+
+        - name: "Install CLI tools"
+          run: npm install -g @angular/cli@$ANGULAR_CLI_VERSION
+
+        - name: Install minimalistically
+          run: |
+            npm install --ignore-scripts
+            cd frontend
+            npm install --ignore-scripts --legacy-peer-deps
+
+        - name: Setup Snyk
+          uses: snyk/actions/setup@master
+
+        - name: Snyk SBOM Generate
+          run: snyk sbom --all-projects --exclude=build --format=cyclonedx1.4+json --json-file-output=sbom-cyclonedx.json # Exclude the 'build' directory
+          env:
+            SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+
+        - name: Upload SBOM
+          uses: actions/upload-artifact@v3
+          with:
+            name: sbom-cyclonedx
+            path: sbom-cyclonedx.json
+            retention-days: 5

Dockerfile

@@ -1,6 +1,7 @@
 FROM node:18 as installer
 COPY . /juice-shop
 WORKDIR /juice-shop
+RUN rm -rf node_modules
 RUN npm i -g typescript ts-node
 RUN npm install --omit=dev --unsafe-perm
 RUN npm dedupe
@@ -15,21 +16,13 @@ RUN rm data/chatbot/botDefaultTrainingData.json || true
 RUN rm ftp/legal.md || true
 RUN rm i18n/*.json || true
 
-FROM gcr.io/distroless/nodejs:18
+FROM node:18
 ARG BUILD_DATE
 ARG VCS_REF
-LABEL maintainer="Bjoern Kimminich <[email protected]>" \
-    org.opencontainers.image.title="OWASP Juice Shop" \
-    org.opencontainers.image.description="Probably the most modern and sophisticated insecure web application" \
-    org.opencontainers.image.authors="Bjoern Kimminich <[email protected]>" \
-    org.opencontainers.image.vendor="Open Web Application Security Project" \
-    org.opencontainers.image.documentation="https://help.owasp-juice.shop" \
-    org.opencontainers.image.licenses="MIT" \
-    org.opencontainers.image.version="15.0.0" \
-    org.opencontainers.image.url="https://owasp-juice.shop" \
-    org.opencontainers.image.source="https://github.com/juice-shop/juice-shop" \
-    org.opencontainers.image.revision=$VCS_REF \
-    org.opencontainers.image.created=$BUILD_DATE
+LABEL org.opencontainers.image.licenses="MIT"
+LABEL org.opencontainers.image.version="1.0.0"
+LABEL org.opencontainers.image.source="https://github.com/somerset-inc/juice-shop-goof"
+LABEL io.snyk.containers.image.dockerfile="/Dockerfile"
 WORKDIR /juice-shop
 COPY --from=installer --chown=65532:0 /juice-shop .
 USER 65532

README.md

@@ -325,3 +325,4 @@ OWASP Juice Shop and any contributions are Copyright © by Bjoern Kimminich & th
 2014-2023.
 
 ![Juice Shop Logo](https://raw.githubusercontent.com/bkimminich/juice-shop/master/frontend/src/assets/public/images/JuiceShop_Logo_400px.png)
+

frontend/package.json

@@ -12,11 +12,11 @@
   },
   "private": true,
   "dependencies": {
-    "@angular-devkit/build-angular": "^15.0.4",
+    "@angular-devkit/build-angular": "^16.1.0",
     "@angular-material-extensions/password-strength": "^6.0.0",
     "@angular/animations": "^15.0.4",
     "@angular/cdk": "^14.0.4",
-    "@angular/cli": "^15.0.4",
+    "@angular/cli": "^17.0.0",
     "@angular/common": "^15.0.4",
     "@angular/compiler": "^15.0.4",
     "@angular/compiler-cli": "^15.0.4",