Skip to content

Commit 2bcc4fa

Browse files
committed
Merge branch 'chore/remove-unused-crypto-polyfills' into 'master'
fix(ui): remove unused crypto/stream polyfills (CVE-2025-14505) Closes #270 See merge request postgres-ai/database-lab!1124
2 parents e1a0d28 + 85de8e6 commit 2bcc4fa

5 files changed

Lines changed: 16 additions & 411 deletions

File tree

ui/package.json

Lines changed: 0 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -27,20 +27,14 @@
2727
"semver@<5.7.2": ">=5.7.2",
2828
"semver@>=6.0.0 <6.3.1": ">=6.3.1",
2929
"minimatch@<3.1.4": ">=3.1.4 <4.0.0",
30-
"bn.js@<5.2.3": "5.2.3",
3130
"json5@<1.0.2": ">=1.0.2",
3231
"json5@>=2.0.0 <2.2.2": ">=2.2.2",
3332
"ip@<1.1.9": ">=1.1.9",
34-
"browserify-sign@>=2.6.0 <=4.2.1": ">=4.2.2",
3533
"@cypress/request@<=2.88.12": ">=3.0.0",
3634
"follow-redirects@<=1.15.5": ">=1.15.6",
3735
"@babel/traverse@<7.23.2": ">=7.23.2",
38-
"elliptic@>=4.0.0 <=6.5.6": ">=6.5.7",
39-
"elliptic@>=2.0.0 <=6.5.6": ">=6.5.7",
40-
"elliptic@>=5.2.1 <=6.5.6": ">=6.5.7",
4136
"dompurify@<2.5.4": ">=2.5.4",
4237
"nanoid@<3.3.8": "3.3.8",
43-
"elliptic@<=6.6.0": ">=6.6.1",
4438
"cookie@<0.7.0": ">=0.7.0",
4539
"@babel/runtime-corejs3@<7.26.10": ">=7.26.10",
4640
"@babel/runtime@<7.26.10": ">=7.26.10",
@@ -49,16 +43,11 @@
4943
"path-to-regexp@<0.1.12": ">=0.1.12",
5044
"brace-expansion@>=1.0.0 <1.1.13": "1.1.13",
5145
"brace-expansion@>=2.0.0 <2.0.3": "2.0.3",
52-
"pbkdf2@<=3.1.2": ">=3.1.3",
53-
"pbkdf2@>=3.0.10 <=3.1.2": ">=3.1.3",
54-
"elliptic@<6.6.0": ">=6.6.0",
5546
"prismjs@<1.30.0": ">=1.30.0",
5647
"form-data@>=3.0.0 <3.0.4": ">=3.0.4",
5748
"form-data@<2.5.4": ">=2.5.4",
5849
"on-headers@<1.1.0": ">=1.1.0",
5950
"tmp@<=0.2.3": ">=0.2.4",
60-
"sha.js@<=2.4.11": ">=2.4.12",
61-
"cipher-base@<=1.0.4": ">=1.0.5",
6251
"lodash@<=4.17.22": ">=4.17.23",
6352
"lodash-es@<=4.17.22": ">=4.17.23",
6453
"flatted@<3.4.2": ">=3.4.2",

ui/packages/ce/package.json

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,6 @@
2424
"classnames": "^2.3.1",
2525
"clsx": "^2.1.1",
2626
"copy-to-clipboard": "^3.3.1",
27-
"crypto-browserify": "^3.12.0",
2827
"cypress": "^14.5.4",
2928
"date-fns": "^2.22.1",
3029
"formik": "^2.2.9",
@@ -38,7 +37,6 @@
3837
"react-router": "^5.1.2",
3938
"react-router-dom": "^5.1.2",
4039
"react-syntax-highlighter": "^15.5.0",
41-
"stream-browserify": "^3.0.0",
4240
"typescript": "^4.4.4",
4341
"use-timer": "^2.0.1",
4442
"whatwg-fetch": "^3.6.2",

ui/packages/ce/vite.config.ts

Lines changed: 1 addition & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -72,12 +72,7 @@ export default defineConfig({
7272
},
7373
},
7474
},
75-
resolve: {
76-
alias: {
77-
crypto: 'crypto-browserify',
78-
stream: 'stream-browserify',
79-
},
80-
},
75+
resolve: {},
8176
css: {
8277
preprocessorOptions: {
8378
scss: {

ui/packages/shared/package.json

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,6 @@
2727
"classnames": "^2.3.1",
2828
"clsx": "^2.1.1",
2929
"copy-to-clipboard": "^3.3.1",
30-
"crypto-browserify": "^3.12.0",
3130
"date-fns": "^2.22.1",
3231
"formik": "^2.2.9",
3332
"get-user-locale": "^1.4.0",
@@ -41,7 +40,6 @@
4140
"react-router": "^5.1.2",
4241
"react-router-dom": "^5.1.2",
4342
"react-syntax-highlighter": "^15.5.0",
44-
"stream-browserify": "^3.0.0",
4543
"typescript": "^4.8.3",
4644
"use-timer": "^2.0.1",
4745
"whatwg-fetch": "^3.6.2",

0 commit comments

Comments
 (0)