v17.0.0

This release brings significant changes to existing challenges (⚡) which might break canned CTF setups as well as solution guides made for previous versions of OWASP Juice Shop! It also contains technical breaking changes or renamings (⚠️) which might require migrating to a newer Node.js version or updating existing customization files.

🎯 Challenges

• #2198: Added new Security Advisory ⭐⭐⭐-challenge

🎨 UI

• Removed legacy Score Board and all related settings and services (⚠️)
• Removed re-routing of legacy challenge=<name> parameter obsoleted by OWASP/OpenCRE#467 (⚠️)

🧹 Housekeeping

• Changed back to libxmljs because libxmljs2 is no longer maintained
  • Installation from source on Node.js 18-20 will download pre-built binaries for the underlying C++ library as in libxmljs2
  • Installation from source code on Node.js >20 currently requires C++ binaries to be built during installation (⚠️)

💾 Local Backup

• Removed scoreBoard subsection from backup format along with removal of legacy Score Board (compatible with the version: 1 backup format as the subsection from older exports would now simply be ignored during import)

🕵️ Cheat Detection

• Further pre-solve interactions after the first with the same expected URL will no longer be counted
• Cheat score is increased by half the percentage of missing expected pre-solve interactions with the server

🎭 Custom Theming

• Adjusted image URLs in 7ms theme and extended with photo wall entries and new products

🐳 Docker

• #2447: Significantly reduce Docker image size by omitting unneeded dependencies