fixing encoding/decoding problem

[MmagdyHafezZ]

Learner bug fixes, urget hot fixes for timers, attempts

[ibm-mend-app]

Mend Code Security Check

New finding (1 of 2)

The Mend Code Security Check of your branch failed because of a Log Forging finding in this line.

Severity	Vulnerability Type	CWE	File	Data Flows	Detected
Low	Log Forging	CWE-117	attempt.service.ts:1530	1	2025-10-22 10:37pm
Vulnerable Code mark/apps/api/src/api/assignment/attempt/attempt.service.ts Lines 1525 to 1530 in 997ed95 ); console.log( `Found ${ongoingAttempts.length} ongoing attempts for user ${userSession.userId} on assignment ${assignment.id}`, ); if (ongoingAttempts.length > 0) { console.log( 1 Data Flow/s detected mark/apps/api/src/api/assignment/attempt/attempt.controller.ts Line 88 in 997ed95 createAssignmentAttempt( mark/apps/api/src/api/assignment/attempt/attempt.controller.ts Line 92 in 997ed95 return this.attemptService.createAssignmentAttempt( mark/apps/api/src/api/assignment/attempt/attempt.service.ts Line 338 in 997ed95 async createAssignmentAttempt( mark/apps/api/src/api/assignment/attempt/attempt.service.ts Line 346 in 997ed95 await this.validateNewAttempt(assignment, userSession); mark/apps/api/src/api/assignment/attempt/attempt.service.ts Line 1496 in 997ed95 private async validateNewAttempt( mark/apps/api/src/api/assignment/attempt/attempt.service.ts Line 1531 in 997ed95 `User ${userSession.userId} has ongoing attempts for assignment ${assignment.id}`, mark/apps/api/src/api/assignment/attempt/attempt.service.ts Line 1530 in 997ed95 console.log( Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Log Forging Training ● Videos    ▪ Secure Code Warrior Log Forging Video ● Further Reading    ▪ OWASP Log Forging 🏴 Suppress Finding ... as False Alarm ... as Acceptable Risk

[ibm-mend-app]

Mend Code Security Check

New finding (2 of 2)

The Mend Code Security Check of your branch failed because of a Log Forging finding in this line.

Severity	Vulnerability Type	CWE	File	Data Flows	Detected
Low	Log Forging	CWE-117	attempt.service.ts:1526	1	2025-10-22 10:37pm
Vulnerable Code mark/apps/api/src/api/assignment/attempt/attempt.service.ts Lines 1521 to 1526 in 997ed95 orderBy: { createdAt: "desc" }, }); const ongoingAttempts = attempts.filter( (sub) => !sub.submitted && (!sub.expiresAt || sub.expiresAt >= now), ); console.log( 1 Data Flow/s detected mark/apps/api/src/api/assignment/attempt/attempt.controller.ts Line 88 in 997ed95 createAssignmentAttempt( mark/apps/api/src/api/assignment/attempt/attempt.controller.ts Line 92 in 997ed95 return this.attemptService.createAssignmentAttempt( mark/apps/api/src/api/assignment/attempt/attempt.service.ts Line 338 in 997ed95 async createAssignmentAttempt( mark/apps/api/src/api/assignment/attempt/attempt.service.ts Line 346 in 997ed95 await this.validateNewAttempt(assignment, userSession); mark/apps/api/src/api/assignment/attempt/attempt.service.ts Line 1496 in 997ed95 private async validateNewAttempt( mark/apps/api/src/api/assignment/attempt/attempt.service.ts Line 1527 in 997ed95 `Found ${ongoingAttempts.length} ongoing attempts for user ${userSession.userId} on assignment ${assignment.id}`, mark/apps/api/src/api/assignment/attempt/attempt.service.ts Line 1526 in 997ed95 console.log( Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Log Forging Training ● Videos    ▪ Secure Code Warrior Log Forging Video ● Further Reading    ▪ OWASP Log Forging 🏴 Suppress Finding ... as False Alarm ... as Acceptable Risk