Daniel Sauble djsauble

## sbom.json
{
  "bomFormat": "CycloneDX",
  "specVersion": "1.2",
  "serialNumber": "urn:uuid:1f860713-54b9-4253-ba5a-9554851904af",
  "version": 1,
  "metadata": {
    "timestamp": "2020-08-03T03:20:53.771Z",
    "tools": [
      {
        "vendor": "CycloneDX",

## output.log
$ auditjs
No YAML parser loaded.  Suggest adding js-yaml dependency to your package.json file.
------------------------------------------------------------
[1/1061] nodejs 9.9.0  [VULNERABLE]   8 known vulnerabilities affecting installed version

[CVE-2018-7160] The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack ...
The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be exploited to perform remote code execution. An attack is possible from malicious websites open in a web browser on the same computer, or another computer with network access to the computer running the Node.js process. A malicious website could use a DNS rebinding attack to trick the web browser to bypass same-origin-policy checks and to allow HTTP connections to localhost or to hosts on the local network. If a Node.js process with the debug port active is running on localhost or on a host on the local network, the malicious website could connect to it as a debugger, and get

## gist:9bfa3c8926caf3f6a527feb16968b04a
### Keybase proof

I hereby claim:

  * I am djsauble on github.
  * I am djsauble (https://keybase.io/djsauble) on keybase.
  * I have a public key ASDFT6BBipPheRPAcIsujM5Ty1wnGmpkPqNI69k3mHDzAQo

To claim this, I am signing this object:

## output.log
$ npm install --verbose
npm info it worked if it ends with ok
npm verb cli [ '/usr/local/bin/node',
npm verb cli   '/usr/local/bin/npm',
npm verb cli   'install',
npm verb cli   '--verbose' ]
npm info using npm@6.9.0
npm info using node@v9.9.0
npm verb npm-session e5a5baac1900c012
npm info lifecycle juice-shop@8.4.1~preinstall: juice-shop@8.4.1

## output.log
$ npm install
npm WARN deprecated codeclimate-test-reporter@0.5.1: codeclimate-test-reporter has been deprecated in favor of our new unified test-reporter. Please visit https://docs.codeclimate.com/docs/configuring-test-coverage for details on setting up the new test-reporter.
npm WARN deprecated jade@1.11.0: Jade has been renamed to pug, please install the latest version of pug instead of jade
npm WARN deprecated joi@13.7.0: This version has been deprecated in accordance with the hapi support policy (hapi.im/support). Please upgrade to the latest version to get the best features, bug fixes, and security patches. If you are unable to upgrade at this time, paid support is available for older versions (hapi.im/commercial).
npm WARN deprecated ecstatic@3.3.1: https://github.com/jfhbrook/node-ecstatic/issues/259
npm WARN deprecated jsonwebtoken@0.1.0: Critical vulnerability fix in v5.0.0. See https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/
npm WARN deprecated constantinople

## debug.log
2018-12-15 21:36:42.410+0000 WARN [o.n.i.p.PageCache] The dbms.memory.pagecache.size setting has not been configured. It is recommended that this setting is always explicitly configured, to ensure the system has a balanced configuration. Until then, a computed heuristic value of 3787976704 bytes will be used instead. Run `neo4j-admin memrec` for memory configuration suggestions.
2018-12-15 21:36:42.654+0000 INFO [o.n.g.f.m.e.CommunityEditionModule] No locking implementation specified, defaulting to 'community'
2018-12-15 21:36:42.868+0000 INFO [o.n.g.f.GraphDatabaseFacadeFactory] Creating 'graph.db' database.
2018-12-15 21:36:42.925+0000 INFO [o.n.k.a.DatabaseAvailabilityGuard] Requirement `Database available` makes database graph.db unavailable.
2018-12-15 21:36:42.926+0000 INFO [o.n.k.a.DatabaseAvailabilityGuard] Database graph.db is unavailable.
2018-12-15 21:36:42.959+0000 INFO [o.n.i.d.DiagnosticsManager] --- INITIALIZED diagnostics START ---
2018-12-15 21:36:42.960+0000 INFO [o.n.i.d.DiagnosticsManager]

## styles.css
age-in-days-input .age-in-days-input>input[type=number].age-input{display:inline-block;margin-right:4px;vertical-align:initial;width:calc(50% - 25px)}age-in-days-input .age-in-days-input>dropdown-selector{display:inline-block;width:calc(50% - 9px)}.greedy-table thead tr th{background-color:#f5f5f5;color:#575757;text-align:left}.greedy-table thead tr th.selected-column{background-color:#eaeaea}.greedy-table tbody:before{content:""}.greedy-table tbody tr{border-top:1px solid transparent}.greedy-table tbody tr:not(:first-child){border-top-color:#f5f5f5}.greedy-table tbody tr:last-child{border-bottom:1px solid #f5f5f5}.greedy-table tbody tr.clickable:active,.greedy-table tbody tr.clickable:hover{cursor:pointer}.greedy-table tbody tr.clickable:active>.fa-chevron-right,.greedy-table tbody tr.clickable:hover>.fa-chevron-right{color:#070707}.greedy-table tbody tr.clickable:active,.greedy-table tbody tr.clickable:focus{outline:0}.greedy-table tbody tr.clickable:hover{border-top-color:#cacaca}.greedy-table tbody tr.cli

## sencha-error-20180322-2.log
Sencha Cmd 6.5.3.6 - Crash report
================================================
An error occurred while executing the following command: app build

Diagnostic information:
=======================
                         app.archivePath : archive
                      app.bootstrap.base : /Users/djsauble/Projects/work/drilldown
                       app.bootstrap.css : bootstrap.css
               app.bootstrap.microloader : bootstrap.js

## console.log
$ ls ext/
Readme.md		cmd			index.js		modern			sass			welcome
build			examples		license-include.txt	package.json		templates
build.xml		ext-bootstrap.js	license.txt		packages		test
classic			index.html		licenses		release-notes.html	version.properties
$ sencha app build
Sencha Cmd v6.5.3.6
[INF] Processing Build Descriptor : default (production environment)

[ERR] /usr/local/Sencha/Cmd/6.5.3.6/plugin.xml:333: The following error occurred while executing this line:

## output.log
-------------------------------------------------------
 T E S T S
-------------------------------------------------------
Running com.sonatype.firewall.core.DateUtilTest
Tests run: 1, Failures: 1, Errors: 0, Skipped: 0, Time elapsed: 0.084 sec <<< FAILURE!
testGetExpirationDate(com.sonatype.firewall.core.DateUtilTest)  Time elapsed: 0.029 sec  <<< FAILURE!
java.lang.AssertionError:
Expected: is "2018/02/18"
     but: was "2018/05/28"
	at org.hamcrest.MatcherAssert.assertThat(MatcherAssert.java:20)
	{
	"bomFormat": "CycloneDX",
	"specVersion": "1.2",
	"serialNumber": "urn:uuid:1f860713-54b9-4253-ba5a-9554851904af",
	"version": 1,
	"metadata": {
	"timestamp": "2020-08-03T03:20:53.771Z",
	"tools": [
	{
	"vendor": "CycloneDX",
	$ auditjs
	No YAML parser loaded. Suggest adding js-yaml dependency to your package.json file.
	------------------------------------------------------------
	[1/1061] nodejs 9.9.0 [VULNERABLE] 8 known vulnerabilities affecting installed version

	[CVE-2018-7160] The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack ...
	The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be exploited to perform remote code execution. An attack is possible from malicious websites open in a web browser on the same computer, or another computer with network access to the computer running the Node.js process. A malicious website could use a DNS rebinding attack to trick the web browser to bypass same-origin-policy checks and to allow HTTP connections to localhost or to hosts on the local network. If a Node.js process with the debug port active is running on localhost or on a host on the local network, the malicious website could connect to it as a debugger, and get
	### Keybase proof

	I hereby claim:

	* I am djsauble on github.
	* I am djsauble (https://keybase.io/djsauble) on keybase.
	* I have a public key ASDFT6BBipPheRPAcIsujM5Ty1wnGmpkPqNI69k3mHDzAQo

	To claim this, I am signing this object:
	$ npm install --verbose
	npm info it worked if it ends with ok
	npm verb cli [ '/usr/local/bin/node',
	npm verb cli '/usr/local/bin/npm',
	npm verb cli 'install',
	npm verb cli '--verbose' ]
	npm info using npm@6.9.0
	npm info using node@v9.9.0
	npm verb npm-session e5a5baac1900c012
	npm info lifecycle juice-shop@8.4.1~preinstall: juice-shop@8.4.1
	$ npm install
	npm WARN deprecated codeclimate-test-reporter@0.5.1: codeclimate-test-reporter has been deprecated in favor of our new unified test-reporter. Please visit https://docs.codeclimate.com/docs/configuring-test-coverage for details on setting up the new test-reporter.
	npm WARN deprecated jade@1.11.0: Jade has been renamed to pug, please install the latest version of pug instead of jade
	npm WARN deprecated joi@13.7.0: This version has been deprecated in accordance with the hapi support policy (hapi.im/support). Please upgrade to the latest version to get the best features, bug fixes, and security patches. If you are unable to upgrade at this time, paid support is available for older versions (hapi.im/commercial).
	npm WARN deprecated ecstatic@3.3.1: https://github.com/jfhbrook/node-ecstatic/issues/259
	npm WARN deprecated jsonwebtoken@0.1.0: Critical vulnerability fix in v5.0.0. See https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/
	npm WARN deprecated constantinople
	2018-12-15 21:36:42.410+0000 WARN [o.n.i.p.PageCache] The dbms.memory.pagecache.size setting has not been configured. It is recommended that this setting is always explicitly configured, to ensure the system has a balanced configuration. Until then, a computed heuristic value of 3787976704 bytes will be used instead. Run `neo4j-admin memrec` for memory configuration suggestions.
	2018-12-15 21:36:42.654+0000 INFO [o.n.g.f.m.e.CommunityEditionModule] No locking implementation specified, defaulting to 'community'
	2018-12-15 21:36:42.868+0000 INFO [o.n.g.f.GraphDatabaseFacadeFactory] Creating 'graph.db' database.
	2018-12-15 21:36:42.925+0000 INFO [o.n.k.a.DatabaseAvailabilityGuard] Requirement `Database available` makes database graph.db unavailable.
	2018-12-15 21:36:42.926+0000 INFO [o.n.k.a.DatabaseAvailabilityGuard] Database graph.db is unavailable.
	2018-12-15 21:36:42.959+0000 INFO [o.n.i.d.DiagnosticsManager] --- INITIALIZED diagnostics START ---
	2018-12-15 21:36:42.960+0000 INFO [o.n.i.d.DiagnosticsManager]
	Sencha Cmd 6.5.3.6 - Crash report
	================================================
	An error occurred while executing the following command: app build

	Diagnostic information:
	=======================
	app.archivePath : archive
	app.bootstrap.base : /Users/djsauble/Projects/work/drilldown
	app.bootstrap.css : bootstrap.css
	app.bootstrap.microloader : bootstrap.js
	$ ls ext/
	Readme.md cmd index.js modern sass welcome
	build examples license-include.txt package.json templates
	build.xml ext-bootstrap.js license.txt packages test
	classic index.html licenses release-notes.html version.properties
	$ sencha app build
	Sencha Cmd v6.5.3.6
	[INF] Processing Build Descriptor : default (production environment)

	[ERR] /usr/local/Sencha/Cmd/6.5.3.6/plugin.xml:333: The following error occurred while executing this line:
	-------------------------------------------------------
	T E S T S
	-------------------------------------------------------
	Running com.sonatype.firewall.core.DateUtilTest
	Tests run: 1, Failures: 1, Errors: 0, Skipped: 0, Time elapsed: 0.084 sec <<< FAILURE!
	testGetExpirationDate(com.sonatype.firewall.core.DateUtilTest) Time elapsed: 0.029 sec <<< FAILURE!
	java.lang.AssertionError:
	Expected: is "2018/02/18"
	but: was "2018/05/28"
	at org.hamcrest.MatcherAssert.assertThat(MatcherAssert.java:20)