Update test project: README and package-lock.json

jeongsoolee09 · jeongsoolee09 · commit b5033bd56cb5 · 2025-01-06T16:54:04.000-08:00
diff --git a/javascript/frameworks/cap/test/queries/loginjection/log-injection-type-sanitized/README.md b/javascript/frameworks/cap/test/queries/loginjection/log-injection-type-sanitized/README.md
@@ -2,6 +2,6 @@
 
 This application demonstrates how a potential injection vulnerability is not reported if the data type definied in the service description is not strings.
 
-## It _is not_ a false positive case
+## It _is_ a false positive case
 
 Service responds to a Received event and logs the data. However, the type of the message (Integer) does not allow for the injection to succeed.
diff --git a/javascript/frameworks/cap/test/queries/loginjection/log-injection-type-sanitized/package.json b/javascript/frameworks/cap/test/queries/loginjection/log-injection-type-sanitized/package.json
@@ -2,9 +2,10 @@
     "name": "@advanced-security/log-injection",
     "version": "1.0.0",
     "dependencies": {
-        "@sap/cds": "^7",
-        "express": "^4.17.1",
-        "@cap-js/sqlite": "*"
+        "@cap-js/sqlite": "*",
+        "@sap/cds": "^7.9.5",
+        "@sap/cds-dk": "^8.6.1",
+        "express": "^4.17.1"
     },
     "scripts": {
         "start": "cds-serve",
