New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security/patches #12632
Security/patches #12632
Conversation
Update: I've updated the ironbank image to node 20 and debian, so it's now using the latest |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice to see that the branch has become smaller :)
There are some changes on the submodules, the equivalent PRs will be required
f089a0f
into
revert-12934-revert-12930-revert-12929-revert-12769-isolated-vm
Description
Working through security patches for ironbank - the majority of this stuff is all version updates to patch dependencies, but I've made several updates as well.
vm2 - isolated VM
I've migrated our usages of
vm2
toisolated-vm
. So we should be covered from the vulns invm2
in future.isolated-vm
is a more robust and safer library. It also provides nice options for memory limits per execution, preventing endless loops etc from blowing up BB.QoL
A pet peeve I've always had is in the query UI, how you can't use the classic combo of Meta + Enter to run a query. I've added some key handlers for this, so when editing a query in the data section you can use that combination of keys to run your query.
NB: I'm aware this is a fairly high risk change. We don't have to merge it as I can continue to build the image for ironbank off this branch in the meantime. Just wanted to get a draft up for now
Feature branch env
Feature Branch Link