From 81e11ee1aea3c44623eaeb3d1cb6a57abb500bee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Brunner?= Date: Thu, 27 Jun 2024 10:23:14 +0200 Subject: [PATCH 1/2] Remove all polyfill.io See: https://thehackernews.com/2024/06/over-110000-websites-affected-by.html --- api/dist/apihelp/apihelp.html | 4 ---- src/controllers/bootstrap.js | 16 +--------------- 2 files changed, 1 insertion(+), 19 deletions(-) diff --git a/api/dist/apihelp/apihelp.html b/api/dist/apihelp/apihelp.html index ba761350ff61..b13a5401a0ae 100644 --- a/api/dist/apihelp/apihelp.html +++ b/api/dist/apihelp/apihelp.html @@ -54,10 +54,6 @@

Simple API Help

Basis

To use the API you should add the following HTML:


-<script
-  src="https://cdn.polyfill.io/v2/polyfill.min.js?features=es6,default-3.6,Array.prototype.includes,Object.entries,Object.values"
-  crossorigin="anonymous">
-</script>
 <link href="https://geomapfish-demo-2-8.camptocamp.com/api.css" rel="stylesheet">
 <script src="https://geomapfish-demo-2-8.camptocamp.com/api.js?version=2"></script>
 <script>
diff --git a/src/controllers/bootstrap.js b/src/controllers/bootstrap.js
index 18c32c91828b..97bc2281af9e 100644
--- a/src/controllers/bootstrap.js
+++ b/src/controllers/bootstrap.js
@@ -1,6 +1,6 @@
 // The MIT License (MIT)
 //
-// Copyright (c) 2018-2023 Camptocamp SA
+// Copyright (c) 2018-2024 Camptocamp SA
 //
 // Permission is hereby granted, free of charge, to any person obtaining a copy of
 // this software and associated documentation files (the "Software"), to deal in
@@ -59,20 +59,6 @@ function addStylesheet(stylesheetUrl) {
  * @param {angular.IModule} module The module
  */
 function bootstrap(module) {
-  // Hack to make the bootstrap type check working with polyfill.io
-  const oldObjectToString = Object.prototype.toString;
-  if (!oldObjectToString.toString().includes('[native code]')) {
-    Object.prototype.toString = function () {
-      if (this === null) {
-        return '[object Null]';
-      }
-      if (this === undefined) {
-        return '[object Undefined]';
-      }
-      return oldObjectToString.call(this);
-    };
-  }
-
   const interface_ = $('meta[name=interface]')[0].getAttribute('content');
   const dynamicUrl_ = $('meta[name=dynamicUrl]')[0].getAttribute('content');
   const appNameMeta = $('meta[name=appName]')[0];

From 8dd11e7026da390d1c0d9515374c179e9fb0c3a5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Brunner?= 
Date: Thu, 27 Jun 2024 10:30:03 +0200
Subject: [PATCH 2/2] Use generic CodeQL implementation

---
 .github/workflows/codeql.yaml | 33 ---------------------------------
 1 file changed, 33 deletions(-)
 delete mode 100644 .github/workflows/codeql.yaml

diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml
deleted file mode 100644
index 6f643584b233..000000000000
--- a/.github/workflows/codeql.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
----
-name: CodeQL scanning
-
-on:
-  push:
-
-env:
-  HAS_SECRETS: ${{ secrets.HAS_SECRETS }}
-
-jobs:
-  codeql:
-    name: CodeQL scanning
-    runs-on: ubuntu-22.04
-    timeout-minutes: 15
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v3
-        if: env.HAS_SECRETS == 'HAS_SECRETS'
-
-      - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2
-        if: env.HAS_SECRETS == 'HAS_SECRETS'
-
-      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-      # If this step fails, then you should remove it and run the build manually (see below)
-      - name: Autobuild
-        uses: github/codeql-action/autobuild@v2
-        if: env.HAS_SECRETS == 'HAS_SECRETS'
-
-      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2
-        if: env.HAS_SECRETS == 'HAS_SECRETS'