From 852d7d05b155c7f5135ca78fa08790aac53ecee3 Mon Sep 17 00:00:00 2001
From: mohitvijay45 <107183474+mohitvijay45@users.noreply.github.com>
Date: Thu, 11 Jan 2024 14:53:07 +0000
Subject: [PATCH 1/5] FPET-730 and FPET-827 changes

---
 src/main/steps/eligibility/cannot-apply/template.njk | 5 +++++
 src/main/steps/eligibility/domicile/content.test.ts  | 2 +-
 src/main/steps/eligibility/domicile/content.ts       | 4 +++-
 src/main/steps/eligibility/lived-uk/content.test.ts  | 2 +-
 src/main/steps/eligibility/lived-uk/content.ts       | 4 +++-
 src/main/steps/eligibility/married/content.test.ts   | 2 +-
 src/main/steps/eligibility/married/content.ts        | 4 +++-
 src/main/steps/eligibility/start/content.test.ts     | 6 +++---
 src/main/steps/eligibility/start/content.ts          | 6 +++---
 src/main/steps/eligibility/under-18/content.test.ts  | 2 +-
 src/main/steps/eligibility/under-18/content.ts       | 4 +++-
 src/main/steps/eligibility/under-21/content.test.ts  | 2 +-
 src/main/steps/eligibility/under-21/content.ts       | 4 +++-
 13 files changed, 31 insertions(+), 16 deletions(-)

diff --git a/src/main/steps/eligibility/cannot-apply/template.njk b/src/main/steps/eligibility/cannot-apply/template.njk
index 892c0fa70..62154a181 100644
--- a/src/main/steps/eligibility/cannot-apply/template.njk
+++ b/src/main/steps/eligibility/cannot-apply/template.njk
@@ -7,7 +7,12 @@
                 <span class="govuk-caption-l">{{section}}</span>
                 <h1 class="govuk-heading-l">{{ title }}</h1>
                 <p class="govuk-body govuk-!-margin-top-4">{{line1}}</p>
+                {% if language == 'en' %}
                     <a href="https://www.gov.uk/child-adoption" class="govuk-link">{{line2}}</a>
+                {% else %}
+                    <a href="https://www.gov.uk/mabwysiadu-plentyn" class="govuk-link">{{line2}}</a>
+                {% endif %}
+                    
 
             </div>
         </div>
diff --git a/src/main/steps/eligibility/domicile/content.test.ts b/src/main/steps/eligibility/domicile/content.test.ts
index 9d94031cb..9dbea60b9 100644
--- a/src/main/steps/eligibility/domicile/content.test.ts
+++ b/src/main/steps/eligibility/domicile/content.test.ts
@@ -72,7 +72,7 @@ describe('eligibility > domicile > content', () => {
     expect((field.values[1].label as Function)(commonContent)).toBe(commonContent.no);
     expect(field.values[1].value).toBe(YesNoNotsure.NO);
     expect((field.values[1].conditionalText as Function)(generatedContent)).toBe(
-      '<p class="govuk-label">You cannot apply to adopt a child unless you have a permanent home here.</p> <p class="govuk-label"><a href="https://www.gov.uk/child-adoption" class="govuk-link">More about adoption</a></p>'
+      '<p class="govuk-label">You cannot apply to adopt a child unless you have a permanent home here.</p> <p class="govuk-label"><a href=https://www.gov.uk/child-adoption class="govuk-link">More about adoption</a></p>'
     );
     expect(field.validator).toBe(isFieldFilledIn);
   });
diff --git a/src/main/steps/eligibility/domicile/content.ts b/src/main/steps/eligibility/domicile/content.ts
index 2b7804e9e..ab961985a 100644
--- a/src/main/steps/eligibility/domicile/content.ts
+++ b/src/main/steps/eligibility/domicile/content.ts
@@ -11,6 +11,7 @@ const en = () => ({
   domicileNo: 'You cannot apply to adopt a child unless you have a permanent home here.',
   moreInfo: 'More about adoption',
   continue: 'Continue',
+  url: 'https://www.gov.uk/child-adoption',
   errors: {
     domicileEligible: {
       required:
@@ -26,6 +27,7 @@ const cy: typeof en = () => ({
   domicileNo: 'Ni allwch wneud cais i fabwysiadu plentyn oni bai bod gennych gartref parhaol yma.',
   moreInfo: 'Mwy o wybodaeth am fabwysiadu',
   continue: 'Parhau',
+  url: 'https://www.gov.uk/mabwysiadu-plentyn',
   yes: 'Ie',
   no: 'Na',
   errors: {
@@ -50,7 +52,7 @@ export const form: FormContent = {
           label: l => l.no,
           value: YesOrNo.NO,
           conditionalText: l =>
-            `<p class="govuk-label">${l.domicileNo}</p> <p class="govuk-label"><a href="https://www.gov.uk/child-adoption" class="govuk-link">${l.moreInfo}</a></p>`,
+            `<p class="govuk-label">${l.domicileNo}</p> <p class="govuk-label"><a href=${l.url} class="govuk-link">${l.moreInfo}</a></p>`,
         },
       ],
       validator: isFieldFilledIn,
diff --git a/src/main/steps/eligibility/lived-uk/content.test.ts b/src/main/steps/eligibility/lived-uk/content.test.ts
index 662f8289e..80931a783 100644
--- a/src/main/steps/eligibility/lived-uk/content.test.ts
+++ b/src/main/steps/eligibility/lived-uk/content.test.ts
@@ -72,7 +72,7 @@ describe('eligibility > lived-uk > content', () => {
     expect((field.values[1].label as Function)(commonContent)).toBe(commonContent.no);
     expect(field.values[1].value).toBe(YesNoNotsure.NO);
     expect((field.values[1].conditionalText as Function)(generatedContent)).toBe(
-      '<p class="govuk-label">You cannot apply to adopt a child unless you have a permanent home here.</p> <p class="govuk-label"><a href="https://www.gov.uk/child-adoption" class="govuk-link">More about adoption</a></p>'
+      '<p class="govuk-label">You cannot apply to adopt a child unless you have a permanent home here.</p> <p class="govuk-label"><a href=https://www.gov.uk/child-adoption class="govuk-link">More about adoption</a></p>'
     );
     expect(field.validator).toBe(isFieldFilledIn);
   });
diff --git a/src/main/steps/eligibility/lived-uk/content.ts b/src/main/steps/eligibility/lived-uk/content.ts
index 9d0e5ba9a..9204ce36d 100644
--- a/src/main/steps/eligibility/lived-uk/content.ts
+++ b/src/main/steps/eligibility/lived-uk/content.ts
@@ -11,6 +11,7 @@ const en = () => ({
   livedUKNo: 'You cannot apply to adopt a child unless you have a permanent home here.',
   moreInfo: 'More about adoption',
   continue: 'Continue',
+  url: 'https://www.gov.uk/child-adoption',
   errors: {
     livedUKEligible: {
       required:
@@ -26,6 +27,7 @@ const cy: typeof en = () => ({
   livedUKNo: 'Ni allwch wneud cais i fabwysiadu plentyn oni bai bod gennych gartref parhaol yma.',
   moreInfo: 'Mwy o wybodaeth am fabwysiadu',
   continue: 'Parhau',
+  url: 'https://www.gov.uk/mabwysiadu-plentyn',
   yes: 'Do',
   no: 'Naddo',
   errors: {
@@ -50,7 +52,7 @@ export const form: FormContent = {
           label: l => l.no,
           value: YesOrNo.NO,
           conditionalText: l =>
-            `<p class="govuk-label">${l.livedUKNo}</p> <p class="govuk-label"><a href="https://www.gov.uk/child-adoption" class="govuk-link">${l.moreInfo}</a></p>`,
+            `<p class="govuk-label">${l.livedUKNo}</p> <p class="govuk-label"><a href=${l.url} class="govuk-link">${l.moreInfo}</a></p>`,
         },
       ],
       validator: isFieldFilledIn,
diff --git a/src/main/steps/eligibility/married/content.test.ts b/src/main/steps/eligibility/married/content.test.ts
index ff286f071..971097268 100644
--- a/src/main/steps/eligibility/married/content.test.ts
+++ b/src/main/steps/eligibility/married/content.test.ts
@@ -70,7 +70,7 @@ describe('eligibility > married > content', () => {
     expect((field.values[0].label as Function)(commonContent)).toBe(commonContent.yes);
     expect(field.values[0].value).toBe(YesNoNotsure.YES);
     expect((field.values[0].conditionalText as Function)(generatedContent)).toBe(
-      '<p class="govuk-label">You can only apply to adopt a child if they\'ve not been married or in a civil partnership.</p> <p class="govuk-label"><a rel="noreferrer noopener" href="https://www.gov.uk/child-adoption" class="govuk-link">More about adoption</a></p>'
+      '<p class="govuk-label">You can only apply to adopt a child if they\'ve not been married or in a civil partnership.</p> <p class="govuk-label"><a rel="noreferrer noopener" href=https://www.gov.uk/child-adoption class="govuk-link">More about adoption</a></p>'
     );
 
     expect((field.values[1].label as Function)(commonContent)).toBe(commonContent.no);
diff --git a/src/main/steps/eligibility/married/content.ts b/src/main/steps/eligibility/married/content.ts
index a84818802..f011b21f5 100644
--- a/src/main/steps/eligibility/married/content.ts
+++ b/src/main/steps/eligibility/married/content.ts
@@ -11,6 +11,7 @@ const en = () => ({
   marriedYes: "You can only apply to adopt a child if they've not been married or in a civil partnership.",
   moreInfo: 'More about adoption',
   continue: 'Continue',
+  url: 'https://www.gov.uk/child-adoption',
   errors: {
     marriedEligible: {
       required: 'Select if the child is married or in a civil partnership.',
@@ -25,6 +26,7 @@ const cy: typeof en = () => ({
   marriedYes: 'Gallwch ond wneud cais i fabwysiadu plentyn os nad ydynt wedi priodi ac ddim mewn partneriaeth sifil.',
   moreInfo: 'Mwy o wybodaeth am fabwysiadu',
   continue: 'Parhau',
+  url: 'https://www.gov.uk/mabwysiadu-plentyn',
   yes: 'Ydy',
   no: 'Nac ydy',
   errors: {
@@ -48,7 +50,7 @@ export const form: FormContent = {
           label: l => l.yes,
           value: YesOrNo.YES,
           conditionalText: l =>
-            `<p class="govuk-label">${l.marriedYes}</p> <p class="govuk-label"><a rel="noreferrer noopener" href="https://www.gov.uk/child-adoption" class="govuk-link">${l.moreInfo}</a></p>`,
+            `<p class="govuk-label">${l.marriedYes}</p> <p class="govuk-label"><a rel="noreferrer noopener" href=${l.url} class="govuk-link">${l.moreInfo}</a></p>`,
         },
         { label: l => l.no, value: YesOrNo.NO },
       ],
diff --git a/src/main/steps/eligibility/start/content.test.ts b/src/main/steps/eligibility/start/content.test.ts
index 062f37fdf..b63548243 100644
--- a/src/main/steps/eligibility/start/content.test.ts
+++ b/src/main/steps/eligibility/start/content.test.ts
@@ -33,13 +33,13 @@ const enContent = {
   line12:
     "If you're applying for more than one child, you must submit a new application for each child. You will not be charged if you submit these before midnight on the day of your first application. If you submit after the day of the first application, you will be charged another £183. For this reason we recommend you begin the applications early and have everything you need.",
   line13: 'You must sign in using the same email address and password used in your first application.',
-  startnow: 'Start now',
+  startnow: 'Continue',
 };
 
 const cyContent = {
   title: 'Gwneud cais i fabwysiadu plentyn a osodwyd yn eich gofal',
   line1:
-    'Gallwch wneud cais i fabwysiadu plentyn sydd yn eich gofal yn dilyn <a class="govuk-link" href="https://www.gov.uk/child-adoption/applying-for-an-adoption-court-order">gorchymyn lleoli gan y llys.</a>',
+    'Gallwch wneud cais i fabwysiadu plentyn sydd yn eich gofal yn dilyn <a class="govuk-link" href="https://www.gov.uk/mabwysiadu-plentyn/gwneud-cais-am-orchymyn-llys-mabwysiadu">gorchymyn lleoli gan y llys.</a>',
   line2:
     "Gallwch ddechrau eich cais ar unrhyw adeg fodd bynnag, mae'n rhaid i'r plentyn fod wedi byw gyda chi am o leiaf 10 wythnos cyn y gallwch gyflwyno’r cais.",
   line3:
@@ -66,7 +66,7 @@ const cyContent = {
     'Os ydych chi’n gwneud cais i fabwysiadu mwy nag un plentyn, mae’n rhaid i chi gyflwyno cais newydd ar gyfer pob plentyn. Ni chodir ffi arall arnoch os byddwch yn cyflwyno’r ceisiadau hyn cyn hanner nos ar ddyddiad cyflwyno’ch cais cyntaf. Os byddwch yn eu cyflwyno ar ôl dyddiad cyflwyno’r cais cyntaf, yna bydd rhaid i chi dalu £183 arall. Am y rheswm hwn, argymhellwn eich bod yn dechrau eich ceisiadau yn gynnar a bod gennych bopeth rydych ei angen wrth law.',
   line13:
     'Mae’n rhaid ichi fewngofnodi gan ddefnyddio’r un cyfeiriad e-bost a chyfrinair a ddefnyddiwyd ar gyfer eich cais cyntaf.',
-  startnow: 'Dechrau nawr',
+  startnow: 'Parhau',
 };
 
 describe('eligibility > start > content', () => {
diff --git a/src/main/steps/eligibility/start/content.ts b/src/main/steps/eligibility/start/content.ts
index 21ecbec96..466d2a09f 100644
--- a/src/main/steps/eligibility/start/content.ts
+++ b/src/main/steps/eligibility/start/content.ts
@@ -27,13 +27,13 @@ const en = content => ({
   line12:
     "If you're applying for more than one child, you must submit a new application for each child. You will not be charged if you submit these before midnight on the day of your first application. If you submit after the day of the first application, you will be charged another £183. For this reason we recommend you begin the applications early and have everything you need.",
   line13: 'You must sign in using the same email address and password used in your first application.',
-  startnow: 'Start now',
+  startnow: 'Continue',
 });
 
 const cy: typeof en = () => ({
   title: 'Gwneud cais i fabwysiadu plentyn a osodwyd yn eich gofal',
   line1:
-    'Gallwch wneud cais i fabwysiadu plentyn sydd yn eich gofal yn dilyn <a class="govuk-link" href="https://www.gov.uk/child-adoption/applying-for-an-adoption-court-order">gorchymyn lleoli gan y llys.</a>',
+    'Gallwch wneud cais i fabwysiadu plentyn sydd yn eich gofal yn dilyn <a class="govuk-link" href="https://www.gov.uk/mabwysiadu-plentyn/gwneud-cais-am-orchymyn-llys-mabwysiadu">gorchymyn lleoli gan y llys.</a>',
   line2:
     "Gallwch ddechrau eich cais ar unrhyw adeg fodd bynnag, mae'n rhaid i'r plentyn fod wedi byw gyda chi am o leiaf 10 wythnos cyn y gallwch gyflwyno’r cais.",
   line3:
@@ -60,7 +60,7 @@ const cy: typeof en = () => ({
     'Os ydych chi’n gwneud cais i fabwysiadu mwy nag un plentyn, mae’n rhaid i chi gyflwyno cais newydd ar gyfer pob plentyn. Ni chodir ffi arall arnoch os byddwch yn cyflwyno’r ceisiadau hyn cyn hanner nos ar ddyddiad cyflwyno’ch cais cyntaf. Os byddwch yn eu cyflwyno ar ôl dyddiad cyflwyno’r cais cyntaf, yna bydd rhaid i chi dalu £183 arall. Am y rheswm hwn, argymhellwn eich bod yn dechrau eich ceisiadau yn gynnar a bod gennych bopeth rydych ei angen wrth law.',
   line13:
     'Mae’n rhaid ichi fewngofnodi gan ddefnyddio’r un cyfeiriad e-bost a chyfrinair a ddefnyddiwyd ar gyfer eich cais cyntaf.',
-  startnow: 'Dechrau nawr',
+  startnow: 'Parhau',
 });
 
 const languages = {
diff --git a/src/main/steps/eligibility/under-18/content.test.ts b/src/main/steps/eligibility/under-18/content.test.ts
index 92ab3c029..37c386942 100644
--- a/src/main/steps/eligibility/under-18/content.test.ts
+++ b/src/main/steps/eligibility/under-18/content.test.ts
@@ -69,7 +69,7 @@ describe('eligibility > under-18 > content', () => {
     expect((field.values[1].label as Function)(commonContent)).toBe(commonContent.no);
     expect(field.values[1].value).toBe(YesNoNotsure.NO);
     expect((field.values[1].conditionalText as Function)(generatedContent)).toBe(
-      '<p class="govuk-label">You can only apply to adopt a child if they are under 18 years old on the date your application is submitted.</p> <p class="govuk-label"><a href="https://www.gov.uk/child-adoption" class="govuk-link">More about adoption</a></p>'
+      '<p class="govuk-label">You can only apply to adopt a child if they are under 18 years old on the date your application is submitted.</p> <p class="govuk-label"><a href=https://www.gov.uk/child-adoption class="govuk-link">More about adoption</a></p>'
     );
     expect(field.validator).toBe(isFieldFilledIn);
   });
diff --git a/src/main/steps/eligibility/under-18/content.ts b/src/main/steps/eligibility/under-18/content.ts
index c625c6bb6..db0055bac 100644
--- a/src/main/steps/eligibility/under-18/content.ts
+++ b/src/main/steps/eligibility/under-18/content.ts
@@ -11,6 +11,7 @@ const en = () => ({
     'You can only apply to adopt a child if they are under 18 years old on the date your application is submitted.',
   moreInfo: 'More about adoption',
   continue: 'Continue',
+  url: 'https://www.gov.uk/child-adoption',
   errors: {
     under18Eligible: {
       required: 'Select if the child will be under 18 years old on the date you submit your application.',
@@ -24,6 +25,7 @@ const cy: typeof en = () => ({
   under18No: 'Gallwch ond mabwysiadu plentyn os ydynt dan 18 oed ar y dyddiad mae eich cais yn cael ei gyflwyno.',
   moreInfo: 'Mwy o wybodaeth am fabwysiadu',
   continue: 'Parhau',
+  url: 'https://www.gov.uk/mabwysiadu-plentyn',
   yes: 'Bydd',
   no: 'Na fydd',
   errors: {
@@ -47,7 +49,7 @@ export const form: FormContent = {
           label: l => l.no,
           value: YesOrNo.NO,
           conditionalText: l =>
-            `<p class="govuk-label">${l.under18No}</p> <p class="govuk-label"><a href="https://www.gov.uk/child-adoption" class="govuk-link">${l.moreInfo}</a></p>`,
+            `<p class="govuk-label">${l.under18No}</p> <p class="govuk-label"><a href=${l.url} class="govuk-link">${l.moreInfo}</a></p>`,
         },
       ],
       validator: isFieldFilledIn,
diff --git a/src/main/steps/eligibility/under-21/content.test.ts b/src/main/steps/eligibility/under-21/content.test.ts
index 142ee51b9..01fec89cf 100644
--- a/src/main/steps/eligibility/under-21/content.test.ts
+++ b/src/main/steps/eligibility/under-21/content.test.ts
@@ -68,7 +68,7 @@ describe('eligibility > under-21 > content', () => {
     expect((field.values[1].label as Function)(commonContent)).toBe(commonContent.no);
     expect(field.values[1].value).toBe(YesNoNotsure.NO);
     expect((field.values[1].conditionalText as Function)(generatedContent)).toBe(
-      '<p class="govuk-label">You must be 21 or over to adopt a child. This includes any other applicant.</p> <p class="govuk-label"><a href="https://www.gov.uk/child-adoption" class="govuk-link">More about adoption</a></p>'
+      '<p class="govuk-label">You must be 21 or over to adopt a child. This includes any other applicant.</p> <p class="govuk-label"><a href=https://www.gov.uk/child-adoption class="govuk-link">More about adoption</a></p>'
     );
     expect(field.validator).toBe(isFieldFilledIn);
   });
diff --git a/src/main/steps/eligibility/under-21/content.ts b/src/main/steps/eligibility/under-21/content.ts
index c55054e24..058588441 100644
--- a/src/main/steps/eligibility/under-21/content.ts
+++ b/src/main/steps/eligibility/under-21/content.ts
@@ -10,6 +10,7 @@ const en = () => ({
   under21Yes: 'You must be 21 or over to adopt a child. This includes any other applicant.',
   moreInfo: 'More about adoption',
   continue: 'Continue',
+  url: 'https://www.gov.uk/child-adoption',
   errors: {
     under21Eligible: {
       required: 'Select if you, and the other applicant if relevant, are both aged 21 or over.',
@@ -23,6 +24,7 @@ const cy: typeof en = () => ({
   under21Yes: 'Rhaid i chi fod yn 21 oed o leiaf i fabwysiadu plentyn. Mae hyn yn cynnwys unrhyw geisydd arall.',
   moreInfo: 'Mwy o wybodaeth am fabwysiadu',
   continue: 'Parhau',
+  url: 'https://www.gov.uk/mabwysiadu-plentyn',
   yes: 'Ydy',
   no: 'Nac ydy',
   errors: {
@@ -46,7 +48,7 @@ export const form: FormContent = {
           label: l => l.no,
           value: YesOrNo.NO,
           conditionalText: l =>
-            `<p class="govuk-label">${l.under21Yes}</p> <p class="govuk-label"><a href="https://www.gov.uk/child-adoption" class="govuk-link">${l.moreInfo}</a></p>`,
+            `<p class="govuk-label">${l.under21Yes}</p> <p class="govuk-label"><a href=${l.url} class="govuk-link">${l.moreInfo}</a></p>`,
         },
       ],
       validator: isFieldFilledIn,

From dc4eee0d4fff97d190834aa01fccbbbdd5e67f7f Mon Sep 17 00:00:00 2001
From: mohitvijay45 <107183474+mohitvijay45@users.noreply.github.com>
Date: Thu, 11 Jan 2024 15:25:00 +0000
Subject: [PATCH 2/5] Update yarn-audit-known-issues

---
 yarn-audit-known-issues | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/yarn-audit-known-issues b/yarn-audit-known-issues
index 52a24a042..384cbf3b0 100644
--- a/yarn-audit-known-issues
+++ b/yarn-audit-known-issues
@@ -1 +1 @@
-{"actions":[],"advisories":{"1094555":{"findings":[{"version":"6.3.0","paths":["@hmcts/nodejs-healthcheck>superagent>semver","applicationinsights>@azure/opentelemetry-instrumentation-azure-sdk>@opentelemetry/instrumentation>semver","@hmcts/properties-volume>@azure/identity>@azure/msal-node>jsonwebtoken>semver","express-nunjucks>nunjucks-async-loader>chokidar>fsevents>node-gyp>semver","express-nunjucks>nunjucks-async-loader>chokidar>fsevents>node-gyp>make-fetch-happen>cacache>@npmcli/fs>semver"]}],"metadata":null,"vulnerable_versions":">=6.0.0 <6.3.1","module_name":"semver","severity":"moderate","github_advisory_id":"GHSA-c2qf-rxjj-qqgw","cves":["CVE-2022-25883"],"access":"public","patched_versions":">=6.3.1","cvss":{"score":5.3,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},"updated":"2023-11-05T05:04:46.000Z","recommendation":"Upgrade to version 6.3.1 or later","cwe":["CWE-1333"],"found_by":null,"deleted":null,"id":1094555,"references":"- https://nvd.nist.gov/vuln/detail/CVE-2022-25883\n- https://github.com/npm/node-semver/pull/564\n- https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441\n- https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795\n- https://github.com/npm/node-semver/blob/main/classes/range.js#L97-L104\n- https://github.com/npm/node-semver/blob/main/internal/re.js#L138\n- https://github.com/npm/node-semver/blob/main/internal/re.js#L160\n- https://github.com/npm/node-semver/pull/585\n- https://github.com/npm/node-semver/commit/928e56d21150da0413a3333a3148b20e741a920c\n- https://github.com/npm/node-semver/pull/593\n- https://github.com/npm/node-semver/commit/2f8fd41487acf380194579ecb6f8b1bbfe116be0\n- https://github.com/advisories/GHSA-c2qf-rxjj-qqgw","created":"2023-06-21T06:30:28.000Z","reported_by":null,"title":"semver vulnerable to Regular Expression Denial of Service","npm_advisory_id":null,"overview":"Versions of the package semver before 7.5.2 on the 7.x branch, before 6.3.1 on the 6.x branch, and all other versions before 5.7.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.","url":"https://github.com/advisories/GHSA-c2qf-rxjj-qqgw"},"1094889":{"findings":[{"version":"0.26.1","paths":["axios"]}],"metadata":null,"vulnerable_versions":">=0.8.1 <1.6.0","module_name":"axios","severity":"moderate","github_advisory_id":"GHSA-wf5p-g6vw-rhxx","cves":["CVE-2023-45857"],"access":"public","patched_versions":">=1.6.0","cvss":{"score":6.5,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},"updated":"2023-11-16T19:59:09.000Z","recommendation":"Upgrade to version 1.6.0 or later","cwe":["CWE-352"],"found_by":null,"deleted":null,"id":1094889,"references":"- https://nvd.nist.gov/vuln/detail/CVE-2023-45857\n- https://github.com/axios/axios/issues/6006\n- https://github.com/axios/axios/issues/6022\n- https://github.com/axios/axios/pull/6028\n- https://github.com/axios/axios/commit/96ee232bd3ee4de2e657333d4d2191cd389e14d0\n- https://github.com/axios/axios/releases/tag/v1.6.0\n- https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459\n- https://github.com/advisories/GHSA-wf5p-g6vw-rhxx","created":"2023-11-08T21:30:37.000Z","reported_by":null,"title":"Axios Cross-Site Request Forgery Vulnerability","npm_advisory_id":null,"overview":"An issue discovered in Axios 0.8.1 through 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.","url":"https://github.com/advisories/GHSA-wf5p-g6vw-rhxx"}},"muted":[],"metadata":{"vulnerabilities":{"info":0,"low":0,"moderate":6,"high":0,"critical":0},"dependencies":402,"devDependencies":3,"optionalDependencies":0,"totalDependencies":405}}
+{"actions":[],"advisories":{"1094889":{"findings":[{"version":"0.26.1","paths":["axios"]}],"metadata":null,"vulnerable_versions":">=0.8.1 <1.6.0","module_name":"axios","severity":"moderate","github_advisory_id":"GHSA-wf5p-g6vw-rhxx","cves":["CVE-2023-45857"],"access":"public","patched_versions":">=1.6.0","cvss":{"score":6.5,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},"updated":"2023-11-16T19:59:09.000Z","recommendation":"Upgrade to version 1.6.0 or later","cwe":["CWE-352"],"found_by":null,"deleted":null,"id":1094889,"references":"- https://nvd.nist.gov/vuln/detail/CVE-2023-45857\n- https://github.com/axios/axios/issues/6006\n- https://github.com/axios/axios/issues/6022\n- https://github.com/axios/axios/pull/6028\n- https://github.com/axios/axios/commit/96ee232bd3ee4de2e657333d4d2191cd389e14d0\n- https://github.com/axios/axios/releases/tag/v1.6.0\n- https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459\n- https://github.com/advisories/GHSA-wf5p-g6vw-rhxx","created":"2023-11-08T21:30:37.000Z","reported_by":null,"title":"Axios Cross-Site Request Forgery Vulnerability","npm_advisory_id":null,"overview":"An issue discovered in Axios 0.8.1 through 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.","url":"https://github.com/advisories/GHSA-wf5p-g6vw-rhxx"},"1095366":{"findings":[{"version":"6.3.0","paths":["@hmcts/nodejs-healthcheck>superagent>semver","applicationinsights>@azure/opentelemetry-instrumentation-azure-sdk>@opentelemetry/instrumentation>semver","@hmcts/properties-volume>@azure/identity>@azure/msal-node>jsonwebtoken>semver","express-nunjucks>nunjucks-async-loader>chokidar>fsevents>node-gyp>semver","express-nunjucks>nunjucks-async-loader>chokidar>fsevents>node-gyp>make-fetch-happen>cacache>@npmcli/fs>semver"]}],"metadata":null,"vulnerable_versions":">=6.0.0 <6.3.1","module_name":"semver","severity":"moderate","github_advisory_id":"GHSA-c2qf-rxjj-qqgw","cves":["CVE-2022-25883"],"access":"public","patched_versions":">=6.3.1","cvss":{"score":5.3,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},"updated":"2024-01-08T20:36:49.000Z","recommendation":"Upgrade to version 6.3.1 or later","cwe":["CWE-1333"],"found_by":null,"deleted":null,"id":1095366,"references":"- https://nvd.nist.gov/vuln/detail/CVE-2022-25883\n- https://github.com/npm/node-semver/pull/564\n- https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441\n- https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795\n- https://github.com/npm/node-semver/blob/main/classes/range.js#L97-L104\n- https://github.com/npm/node-semver/blob/main/internal/re.js#L138\n- https://github.com/npm/node-semver/blob/main/internal/re.js#L160\n- https://github.com/npm/node-semver/pull/585\n- https://github.com/npm/node-semver/commit/928e56d21150da0413a3333a3148b20e741a920c\n- https://github.com/npm/node-semver/pull/593\n- https://github.com/npm/node-semver/commit/2f8fd41487acf380194579ecb6f8b1bbfe116be0\n- https://github.com/advisories/GHSA-c2qf-rxjj-qqgw","created":"2023-06-21T06:30:28.000Z","reported_by":null,"title":"semver vulnerable to Regular Expression Denial of Service","npm_advisory_id":null,"overview":"Versions of the package semver before 7.5.2 on the 7.x branch, before 6.3.1 on the 6.x branch, and all other versions before 5.7.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.","url":"https://github.com/advisories/GHSA-c2qf-rxjj-qqgw"},"1095374":{"findings":[{"version":"1.15.3","paths":["axios>follow-redirects"]}],"metadata":null,"vulnerable_versions":"<1.15.4","module_name":"follow-redirects","severity":"moderate","github_advisory_id":"GHSA-jchw-25xp-jwwc","cves":["CVE-2023-26159"],"access":"public","patched_versions":">=1.15.4","cvss":{"score":6.1,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},"updated":"2024-01-09T19:03:25.000Z","recommendation":"Upgrade to version 1.15.4 or later","cwe":["CWE-20","CWE-601"],"found_by":null,"deleted":null,"id":1095374,"references":"- https://nvd.nist.gov/vuln/detail/CVE-2023-26159\n- https://github.com/follow-redirects/follow-redirects/issues/235\n- https://github.com/follow-redirects/follow-redirects/pull/236\n- https://security.snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6141137\n- https://github.com/follow-redirects/follow-redirects/commit/7a6567e16dfa9ad18a70bfe91784c28653fbf19d\n- https://github.com/advisories/GHSA-jchw-25xp-jwwc","created":"2024-01-02T06:30:30.000Z","reported_by":null,"title":"Follow Redirects improperly handles URLs in the url.parse() function","npm_advisory_id":null,"overview":"Versions of the package follow-redirects before 1.15.4 are vulnerable to Improper Input Validation due to the improper handling of URLs by the url.parse() function. When new URL() throws an error, it can be manipulated to misinterpret the hostname. An attacker could exploit this weakness to redirect traffic to a malicious site, potentially leading to information disclosure, phishing attacks, or other security breaches.","url":"https://github.com/advisories/GHSA-jchw-25xp-jwwc"}},"muted":[],"metadata":{"vulnerabilities":{"info":0,"low":0,"moderate":7,"high":0,"critical":0},"dependencies":402,"devDependencies":3,"optionalDependencies":0,"totalDependencies":405}}

From faae1e56971881b066e6bc3bf5af50c35b1f0eef Mon Sep 17 00:00:00 2001
From: mohitvijay45 <107183474+mohitvijay45@users.noreply.github.com>
Date: Mon, 15 Jan 2024 11:57:27 +0000
Subject: [PATCH 3/5] updated page to include inset Text

---
 src/main/steps/eligibility/start/template.njk | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/main/steps/eligibility/start/template.njk b/src/main/steps/eligibility/start/template.njk
index 6f6422a6d..bacb2fc77 100644
--- a/src/main/steps/eligibility/start/template.njk
+++ b/src/main/steps/eligibility/start/template.njk
@@ -1,3 +1,4 @@
+{% from "govuk/components/inset-text/macro.njk" import govukInsetText %}
 {% extends "common/page.njk" %}
 {% block content %}
 
@@ -8,7 +9,8 @@
 
         <h1 class="govuk-heading-xl">{{ title }}</h1>
 
-        <p class="govuk-body">{{ line1 | safe }}</p>
+        {{ govukInsetText( {text: line1 | safe }) }}
+        
         <p class="govuk-body">{{ line2 }}</p>
         <p class="govuk-body">{{ line3 }}</p>
 

From 1ab31ad5f2bd986b336fe136514a89545a593bf6 Mon Sep 17 00:00:00 2001
From: priteshkr <pritesh.kumar@hmcts.net>
Date: Mon, 15 Jan 2024 13:44:20 +0000
Subject: [PATCH 4/5] New PR for FPET-730 and FPET-827

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index c0393a2f8..d87723d96 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,7 @@
 
 ### Prerequisites
 
-Running the application requires the following tools to be installed in your environment:
+Running the application requires the following tools to be installed in your environment
 
 - [Node.js](https://nodejs.org/) v12.0.0 or later
 - [yarn](https://yarnpkg.com/)

From d9460df91b9858caa4ff8ffd408c66a8ba4a2b0f Mon Sep 17 00:00:00 2001
From: elizereyes123 <107991381+elizereyes123@users.noreply.github.com>
Date: Mon, 15 Jan 2024 16:04:59 +0000
Subject: [PATCH 5/5] update test from Start now to Continue

---
 src/test/e2e/pages/login.page.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/test/e2e/pages/login.page.js b/src/test/e2e/pages/login.page.js
index b6f1ec638..974e7b31b 100644
--- a/src/test/e2e/pages/login.page.js
+++ b/src/test/e2e/pages/login.page.js
@@ -30,7 +30,7 @@ module.exports = {
   async signInFromEligibility() {
     await I.retry(3).goToPage(config.baseUrl + 'eligibility/start');
     await I.wait(4);
-    await I.retry(3).click('Start now');
+    await I.retry(3).click('Continue');
     await I.wait(4);
     await I.retry(3).see('Are you applying to adopt more than one child?');
     await I.retry(3).click('Continue');