/home/lema/projects/wikibase/termbox/src/server/app.ts Potential timing attack on the right side of expression (tsr-detect-possible-timing-attacks) 65 | response.status( HttpStatus.BAD_REQUEST ) 66 | .send( 'Bad request\nErrors: ' + JSON.stringify( err.info ) ); > 67 | } else if ( err.constructor.name === BundleBoundaryPassingException.name ) { | ^ 68 | if ( err.reason === ErrorReason.EntityNotFound ) { 69 | response.status( HttpStatus.NOT_FOUND ).send( 'Entity not found' ); 70 | } else if ( err.reason === ErrorReason.LanguageNotFound ) { /home/lema/projects/wikibase/termbox/tests/edge-to-edge/server/app.spec.ts Found Element.innerHTML with non-literal value (tsr-detect-html-injection) 61 | function getDomFromMarkup( markup: string ): HTMLElement { 62 | const newNode = document.createElement( 'div' ); > 63 | newNode.innerHTML = markup; | ^ 64 | return newNode; 65 | } 66 | /home/lema/projects/wikibase/termbox/tests/unit/store/actions.spec.ts Found unsafe properties access (tsr-detect-unsafe-properties-access) 15 | } ); 16 | > 17 | actions[ EDITMODE_ACTIVATE ]( context ); | ^ 18 | expect( context.commit ).toBeCalledWith( 19 | EDITMODE_SET, 20 | true, Found unsafe properties access (tsr-detect-unsafe-properties-access) 30 | } ); 31 | > 32 | actions[ EDITMODE_DEACTIVATE ]( context ); | ^ 33 | expect( context.commit ).toBeCalledWith( 34 | EDITMODE_SET, 35 | false, /home/lema/projects/wikibase/termbox/tests/unit/store/entity/actions.spec.ts Found unsafe properties access (tsr-detect-unsafe-properties-access) 55 | } ); 56 | > 57 | actions[ ENTITY_INIT ]( context, { entity: entityId, revision } ).then( () => { | ^ 58 | expect( context.commit ).toBeCalledWith( 59 | ENTITY_UPDATE, 60 | entity, Found unsafe properties access (tsr-detect-unsafe-properties-access) 74 | } ); 75 | > 76 | return actions[ ENTITY_INIT ]( context, { entity: 'Q123', revision: 4711 } ).then( () => { | ^ 77 | expect( context.commit ).toHaveBeenCalledWith( EDITABILITY_UPDATE, isEditable ); 78 | } ); 79 | } ); Found unsafe properties access (tsr-detect-unsafe-properties-access) 85 | } ); 86 | > 87 | return actions[ ENTITY_INIT ]( context, { entity: 'Q123', revision } ).then( () => { | ^ 88 | expect( context.commit ).toHaveBeenCalledWith( ENTITY_REVISION_UPDATE, revision ); 89 | } ); 90 | } ); Found unsafe properties access (tsr-detect-unsafe-properties-access) 162 | 163 | const newTerm = { language: 'en', value: 'goat' }; > 164 | actions[ ENTITY_LABEL_EDIT ]( context, newTerm ); | ^ 165 | expect( commitMock ).toHaveBeenLastCalledWith( 166 | ENTITY_SET_LABEL_MUTATION, 167 | newTerm, Found unsafe properties access (tsr-detect-unsafe-properties-access) 178 | 179 | const newTerm = { language: 'en', value: 'domesticated mammal raised primarily for its milk' }; > 180 | actions[ ENTITY_DESCRIPTION_EDIT ]( context, newTerm ); | ^ 181 | expect( commitMock ).toHaveBeenLastCalledWith( 182 | ENTITY_SET_DESCRIPTION_MUTATION, 183 | newTerm, Found unsafe properties access (tsr-detect-unsafe-properties-access) 197 | const expectedTerms = [ { language, value: termString1 }, { language, value: termString2 } ]; 198 | > 199 | actions[ ENTITY_ALIASES_EDIT ]( | ^ 200 | context, 201 | { language, aliasValues: [ termString1, termString2 ] }, 202 | ); Found unsafe properties access (tsr-detect-unsafe-properties-access) 212 | const payload = { languageCode: 'en', index: 5 }; 213 | > 214 | actions[ ENTITY_ALIAS_REMOVE ]( context, payload ); | ^ 215 | 216 | expect( context.commit ).toHaveBeenCalledWith( ENTITY_REMOVE_ALIAS, payload ); 217 | } ); Found unsafe properties access (tsr-detect-unsafe-properties-access) 220 | const context = newMockStore( { commit: jest.fn() } ); 221 | > 222 | actions[ ENTITY_ROLLBACK ]( context ); | ^ 223 | 224 | expect( context.commit ).toHaveBeenCalledWith( ENTITY_ROLLBACK_MUTATION ); 225 | } ); /home/lema/projects/wikibase/termbox/tests/unit/store/entity/mutations.spec.ts Found unsafe properties access (tsr-detect-unsafe-properties-access) 61 | ); 62 | > 63 | mutations[ ENTITY_UPDATE ]( state, entity ); | ^ 64 | 65 | expect( state.id ).toBe( entity.id ); 66 | expect( state.labels ).toBe( entity.labels ); Found unsafe properties access (tsr-detect-unsafe-properties-access) 78 | const state = newEntityState( { isEditable: false } ); 79 | > 80 | mutations[ EDITABILITY_UPDATE ]( state, true ); | ^ 81 | expect( state.isEditable ).toBe( true ); 82 | 83 | mutations[ EDITABILITY_UPDATE ]( state, false ); Found unsafe properties access (tsr-detect-unsafe-properties-access) 81 | expect( state.isEditable ).toBe( true ); 82 | > 83 | mutations[ EDITABILITY_UPDATE ]( state, false ); | ^ 84 | expect( state.isEditable ).toBe( false ); 85 | } ); 86 | Found unsafe properties access (tsr-detect-unsafe-properties-access) 92 | 93 | const newTerm = { language, value: newLabel }; > 94 | mutations[ ENTITY_SET_LABEL ]( store, newTerm ); | ^ 95 | expect( store.labels[ language ] ).toBe( newTerm ); 96 | } ); 97 | Found unsafe properties access (tsr-detect-unsafe-properties-access) 108 | } ); 109 | const newTerm = { language, value: newLabel }; > 110 | mutations[ ENTITY_SET_LABEL ]( store, newTerm ); | ^ 111 | expect( store.labels[ language ] ).toBe( newTerm ); 112 | } ); 113 | Found unsafe properties access (tsr-detect-unsafe-properties-access) 121 | 122 | const newTerm = { language, value: newDescription }; > 123 | mutations[ ENTITY_SET_DESCRIPTION ]( state, newTerm ); | ^ 124 | expect( state.descriptions[ language ] ).toBe( newTerm ); 125 | } ); 126 | Found unsafe properties access (tsr-detect-unsafe-properties-access) 138 | 139 | const newTerm = { language, value: newDescription }; > 140 | mutations[ ENTITY_SET_DESCRIPTION ]( state, newTerm ); | ^ 141 | expect( state.descriptions[ language ] ).toBe( newTerm ); 142 | } ); 143 | } ); Found unsafe properties access (tsr-detect-unsafe-properties-access) 149 | const terms = [ { language, value: 'hat' } ]; 150 | > 151 | mutations[ ENTITY_SET_ALIASES ]( state, { language, terms } ); | ^ 152 | expect( state.aliases[ language ] ).toBe( terms ); 153 | } ); 154 | Found unsafe properties access (tsr-detect-unsafe-properties-access) 165 | const newTerms = [ { language, value: 'hat' } ]; 166 | > 167 | mutations[ ENTITY_SET_ALIASES ]( state, { language, terms: newTerms } ); | ^ 168 | expect( state.aliases[ language ] ).toBe( newTerms ); 169 | 170 | } ); Found unsafe properties access (tsr-detect-unsafe-properties-access) 175 | const state = newEntityState( { revision: 0 } ); 176 | const revision = 4711; > 177 | mutations[ ENTITY_REVISION_UPDATE ]( state, revision ); | ^ 178 | expect( state.baseRevision ).toBe( revision ); 179 | } ); 180 | Found unsafe properties access (tsr-detect-unsafe-properties-access) 190 | } ); 191 | > 192 | mutations[ ENTITY_REMOVE_ALIAS ]( state, { languageCode: 'en', index: 1 } ); | ^ 193 | 194 | expect( state.aliases.en ).toEqual( [ 195 | { language: 'en', value: 'foo' }, Found unsafe properties access (tsr-detect-unsafe-properties-access) 203 | const state = newEntityState( { baseRevisionFingerprint: null } ); 204 | try { > 205 | mutations[ ENTITY_ROLLBACK ]( state, null ); | ^ 206 | expect( true ).toBeFalsy(); 207 | } catch ( e ) { 208 | expect( e ).toBeInstanceOf( InvalidEntityException ); Found unsafe properties access (tsr-detect-unsafe-properties-access) 261 | } ); 262 | > 263 | mutations[ ENTITY_ROLLBACK ]( state, null ); | ^ 264 | 265 | // these are not touched by the rollback, i.e. look like the state was set up 266 | expect( state.id ).toBe( id ); Found unsafe properties access (tsr-detect-unsafe-properties-access) 295 | } ); 296 | > 297 | mutations[ ENTITY_ROLLBACK ]( state, null ); | ^ 298 | mutations[ ENTITY_SET_LABEL ]( state, { language: 'en', value: 'thingyyy' } ); 299 | 300 | expect( state.baseRevisionFingerprint!.labels.en.value ).toEqual( baseRevisionLabel ); Found unsafe properties access (tsr-detect-unsafe-properties-access) 296 | 297 | mutations[ ENTITY_ROLLBACK ]( state, null ); > 298 | mutations[ ENTITY_SET_LABEL ]( state, { language: 'en', value: 'thingyyy' } ); | ^ 299 | 300 | expect( state.baseRevisionFingerprint!.labels.en.value ).toEqual( baseRevisionLabel ); 301 | } ); /home/lema/projects/wikibase/termbox/tests/unit/store/language/actions.spec.ts Found unsafe properties access (tsr-detect-unsafe-properties-access) 37 | } ); 38 | > 39 | actions[ LANGUAGE_INIT ]( context ).then( () => { | ^ 40 | expect( commitMock ).toBeCalledWith( 41 | LANGUAGE_UPDATE, 42 | languages, Found unsafe properties access (tsr-detect-unsafe-properties-access) 67 | } ); 68 | > 69 | actions[ ENSURE_AVAILABLE_IN_LANGUAGE ]( context, inLanguage ).then( () => { | ^ 70 | expect( commitMock ).toBeCalledWith( 71 | LANGUAGE_TRANSLATION_UPDATE, 72 | translations, /home/lema/projects/wikibase/termbox/tests/unit/store/language/mutations.spec.ts Found unsafe properties access (tsr-detect-unsafe-properties-access) 38 | }; 39 | > 40 | mutations[ LANGUAGE_UPDATE ]( state, languages ); | ^ 41 | 42 | expect( state.languages.de ).toBe( languages.de ); 43 | expect( state.languages.en ).toBe( languages.en ); Found unsafe properties access (tsr-detect-unsafe-properties-access) 68 | }; 69 | > 70 | mutations[ LANGUAGE_UPDATE ]( state, languages ); | ^ 71 | 72 | expect( state.languages.de ).toBe( originalDe.de ); 73 | expect( state.languages.en ).toBe( languages.en ); Found unsafe properties access (tsr-detect-unsafe-properties-access) 107 | }; 108 | > 109 | mutations[ LANGUAGE_TRANSLATION_UPDATE ]( state, translations ); | ^ 110 | 111 | expect( state.translations.de ).toBe( translations.de ); 112 | expect( state.translations.ar ).toBe( translations.ar ); /home/lema/projects/wikibase/termbox/tests/unit/store/links/actions.spec.ts Found unsafe properties access (tsr-detect-unsafe-properties-access) 12 | } ); 13 | > 14 | actions[ EDIT_LINK_URL_INIT ]( store, url ); | ^ 15 | expect( store.commit ).toHaveBeenCalledWith( EDIT_LINK_URL_UPDATE, url ); 16 | } ); 17 | } ); /home/lema/projects/wikibase/termbox/tests/unit/store/links/mutations.spec.ts Found unsafe properties access (tsr-detect-unsafe-properties-access) 8 | const state: LinksState = { editLinkUrl: '' }; 9 | const url = '/link/to/edit/Q123'; > 10 | mutations[ EDIT_LINK_URL_UPDATE ]( state, url ); | ^ 11 | 12 | expect( state.editLinkUrl ).toBe( url ); 13 | } ); /home/lema/projects/wikibase/termbox/tests/unit/store/messages/actions.spec.ts Found unsafe properties access (tsr-detect-unsafe-properties-access) 24 | } ); 25 | > 26 | actions[ MESSAGES_INIT ]( context, 'de' ).then( () => { | ^ 27 | expect( context.commit ).toBeCalledWith( 28 | MESSAGES_INIT_MUTATION, 29 | mockMessages, /home/lema/projects/wikibase/termbox/tests/unit/store/messages/mutations.spec.ts Found unsafe properties access (tsr-detect-unsafe-properties-access) 21 | }; 22 | > 23 | mutations[ MESSAGES_INIT ]( state, messages ); | ^ 24 | 25 | expect( state.messages.de ).toEqual( messages.de ); 26 | } ); /home/lema/projects/wikibase/termbox/tests/unit/store/mutations.spec.ts Found unsafe properties access (tsr-detect-unsafe-properties-access) 11 | const store: Root = { editMode: false }; 12 | > 13 | mutations[ EDITMODE_SET ]( store, true ); | ^ 14 | 15 | expect( store.editMode ).toBeTruthy(); 16 | } ); /home/lema/projects/wikibase/termbox/tests/unit/store/user/actions.spec.ts Found unsafe properties access (tsr-detect-unsafe-properties-access) 28 | const preferredLanguages = [ 'de', 'en', 'fr', 'zh', 'pl', 'hu' ]; 29 | > 30 | actions[ LANGUAGE_PREFERENCE ]( context, { primaryLanguage, preferredLanguages } ).then( () => { | ^ 31 | expect( commitMock ).toBeCalledWith( 32 | LANGUAGE_INIT, 33 | primaryLanguage, /home/lema/projects/wikibase/termbox/tests/unit/store/user/mutations.spec.ts Found unsafe properties access (tsr-detect-unsafe-properties-access) 34 | const userState = newUserState(); 35 | > 36 | mutations[ LANGUAGE_INIT ]( userState, primaryLanguage ); | ^ 37 | 38 | expect( userState.primaryLanguage ).toStrictEqual( primaryLanguage ); 39 | } ); Found unsafe properties access (tsr-detect-unsafe-properties-access) 53 | const userState = newUserState(); 54 | const secondaryLanguages = [ 'de', 'en', 'it', 'zh', 'ug', 'ar', 'kl' ]; > 55 | mutations[ SECONDARY_LANGUAGES_INIT ]( userState, secondaryLanguages ); | ^ 56 | expect( userState.secondaryLanguages ).toStrictEqual( secondaryLanguages ); 57 | } ); 58 | } );