Update BoringSSL, add SHA3 to WebCrypto and node:crypto #29323
Merged
Claude / Claude Code Review
completed
Apr 15, 2026 in 37m 14s
Code review found 2 important issues
Found 5 candidates, confirmed 3. See review comments for details.
Details
| Severity | Count |
|---|---|
| 🔴 Important | 2 |
| 🟡 Nit | 0 |
| 🟣 Pre-existing | 0 |
| Severity | File:Line | Issue |
|---|---|---|
| 🔴 Important | src/bun.js/bindings/webcrypto/SubtleCrypto.cpp:784-790 |
RETURN_IF_EXCEPTION before hasException check leaves digest promise permanently pending |
| 🔴 Important | test/js/web/crypto/web-crypto-sha3.test.ts:28-45 |
web-crypto-sha3.test.ts missing from no-validate-exceptions.txt |
Annotations
Check failure on line 790 in src/bun.js/bindings/webcrypto/SubtleCrypto.cpp
claude / Claude Code Review
RETURN_IF_EXCEPTION before hasException check leaves digest promise permanently pending
In `SubtleCrypto::digest`, `RETURN_IF_EXCEPTION(scope, void())` fires BEFORE the `paramsOrException.hasException()` check — the opposite of the established pattern in every other `SubtleCrypto` method. When `normalizeCryptoAlgorithmParameters` encounters a JS exception (e.g., from a getter on the algorithm object), the function returns `void()` and destroys the `Ref<DeferredPromise>` without ever rejecting it, leaving the JS Promise permanently pending. While post-PR commit 4be6752 added this or
Check failure on line 45 in test/js/web/crypto/web-crypto-sha3.test.ts
claude / Claude Code Review
web-crypto-sha3.test.ts missing from no-validate-exceptions.txt
The new test file `test/js/web/crypto/web-crypto-sha3.test.ts` is missing from `test/no-validate-exceptions.txt` under the `# normalizeCryptoAlgorithmParameters` section, causing real ASAN CI failures. The robobun bot already reported the failure: "unchecked exception at reject @ JSDOMPromiseDeferred.cpp:190 (thrown from SubtleCrypto.cpp:112) on x64-asan". Fix: add `test/js/web/crypto/web-crypto-sha3.test.ts` to that section of `test/no-validate-exceptions.txt`.
Loading