Release Notes v8.5.0

12 views
Skip to first unread message

Bjoern Kimminich

unread,
Apr 16, 2019, 11:55:58 AM4/16/19
to Juice Shop Project
Release Notes v8.5.0

:godmode: Challenges

  • Added challenge Repetitive Registration (star) which enforces the DRY principle
  • Added challenge Privacy Policy Tier 1 (star) which involves more reading than hacking
  • Added challenge Privacy Policy Tier 2 (starstarstar) which involves actual reading and some puzzle solving
  • Added challenge Expired Coupon (starstarstarstar) which involves brand new marketing campaigns
  • Added challenge XSS Tier 6 (starstarstarstarstarstar) which targets some brilliant marketing collateral
  • Increased difficulty of Forgotten Sales Backup from starstarstar to starstarstarstar
  • Removed an unrealistic solution path for Forgotten Sales Backup
  • Renamed misleading CSRF challenge into Change Bender's Password (kudos to @omerlh)
  • Fixed practically unsolvable XSS Tier 5 challenge

new Features

  • #939: Added setup screens to enable/disable 2FA for user accounts
  • #636: Added customer loyalty program with simple bonus points calculation
  • #660: Added initial Request Data Export screen for GDPR compliance including strong CAPTCHA

art User Interface

  • #842: Added dedicated Privacy & Security menu for all related user settings and information
  • #862: Improved layout of order confirmation PDFs generated upon basket checkout
  • #882: Password equality with repeated password is now checked during user registration flow
  • Added Show all/Hide all buttons for difficulty and category filters on Score Board
  • Show book icon on unsolved badge on Score Board only if a hint URL is present for the challenge

bug Bugfixes

  • #856: Fixed issue where the same You successfully solved a challenge notification showed up multiple times
  • #867: Save last login IP address upon user logout for display in Privacy & Security section
  • #871: Prevent submitting empty product reviews by disabling the submit button accordingly
  • #879: Fixed issue of registration error from existing account with same email not being displayed

snail Performance

  • Enabled compression for all incoming server requests
  • Reduce size of product and support team images

world_map I18N

  • #854: Retrieve available languages from server and calculate translation ratio (kudos to @Whamo12)
  • Extended portugal and some other translations

left_luggage Miscellaneous

  • #683: Port availability is checked before server startup
  • #683: Server and frontend dependencies are checked before server startup
  • #933: Migrated to Sequelize 5.x and replaced epilogue with finale-rest for API auto-creation

Bjoern Kimminich

unread,
Apr 16, 2019, 3:40:17 PM4/16/19
to Juice Shop Project
Our Docker and ZIP-file users will experience an issue starting v8.5.0 due to a broken precondition check! Please update to v8.5.1 which fixes this issue! https://github.com/bkimminich/juice-shop/releases/tag/v8.5.1

(Users who cloned from GitHub are not affected by this issue.)
Reply all
Reply to author
Forward
0 new messages