If polyfill vulnerability impacts, Amchart4 or not? Also, if we remove polyfill from amchart Core.js.map and Core.js files, will it affect amchart 4?

amcharts / amcharts4

The most advanced amCharts charting library for JavaScript and TypeScript apps.

https://www.amcharts.com/

1.16k stars 322 forks source link

If polyfill vulnerability impacts, Amchart4 or not? Also, if we remove polyfill from amchart Core.js.map and Core.js files, will it affect amchart 4? #4428

Open Pooja26j opened 3 weeks ago

Pooja26j commented 3 weeks ago

We need to remove the references of "polyfill" from our Angular project due to some security constraints.

We have used amchart and its Core.js.map and Core.js files are having "Polyfill" reference. So, we need to remove these references as per our project requirement.

So, need to confirm If polyfill vulnerability impacts Amchart4 or not? Also, if we remove polyfill from amchart Core.js.map and Core.js files, will it affect amchart 4?

Thanks, in advance for the support.

martynasma commented 3 weeks ago

We use core-js polyfill in script (CDN) versions of amCharts 4.

At this time we are not aware of any vulnerabilities with the version of polyfill we are using.

That said, you may consider using an NPM version which does not have a polyfill.