From f4da8c87bc40b9d2359cb537a64134956e3b7107 Mon Sep 17 00:00:00 2001
From: Alexey Milovidov <milovidov@yandex-team.ru>
Date: Fri, 16 Jul 2021 11:22:03 +0300
Subject: [PATCH 1/2] Fix failed assertion in RocksDB in case of bad_alloc
 exception during batch write

---
 contrib/rocksdb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/contrib/rocksdb b/contrib/rocksdb
index 07c77549a20..6ff0adefdc8 160000
--- a/contrib/rocksdb
+++ b/contrib/rocksdb
@@ -1 +1 @@
-Subproject commit 07c77549a20b63ff6981b400085eba36bb5c80c4
+Subproject commit 6ff0adefdc84dac44e78804f7ca4122fe992cf8d

From 70de8dbf743fe6c1a4cc03da182124814deac6ce Mon Sep 17 00:00:00 2001
From: vdimir <vdimir@yandex-team.ru>
Date: Fri, 16 Jul 2021 14:39:56 +0300
Subject: [PATCH 2/2] Add integrity for loaded scripts in play.html

---
 programs/server/play.html | 20 +++++++++++++++-----
 1 file changed, 15 insertions(+), 5 deletions(-)

diff --git a/programs/server/play.html b/programs/server/play.html
index 5e0377aa8f7..7b13807f2d9 100644
--- a/programs/server/play.html
+++ b/programs/server/play.html
@@ -613,10 +613,16 @@
     }
 
     /// Huge JS libraries should be loaded only if needed.
-    function loadJS(src) {
+    function loadJS(src, integrity) {
         return new Promise((resolve, reject) => {
             const script = document.createElement('script');
             script.src = src;
+            if (integrity) {
+                script.crossOrigin = 'anonymous';
+                script.integrity = integrity;
+            } else {
+                console.warn('no integrity for', src)
+            }
             script.addEventListener('load', function() { resolve(true); });
             document.head.appendChild(script);
         });
@@ -627,10 +633,14 @@
         if (load_dagre_promise) { return load_dagre_promise; }
 
         load_dagre_promise = Promise.all([
-            loadJS('https://dagrejs.github.io/project/dagre/v0.8.5/dagre.min.js'),
-            loadJS('https://dagrejs.github.io/project/graphlib-dot/v0.6.4/graphlib-dot.min.js'),
-            loadJS('https://dagrejs.github.io/project/dagre-d3/v0.6.4/dagre-d3.min.js'),
-            loadJS('https://cdn.jsdelivr.net/npm/d3@7.0.0'),
+            loadJS('https://dagrejs.github.io/project/dagre/v0.8.5/dagre.min.js',
+                   'sha384-2IH3T69EIKYC4c+RXZifZRvaH5SRUdacJW7j6HtE5rQbvLhKKdawxq6vpIzJ7j9M'),
+            loadJS('https://dagrejs.github.io/project/graphlib-dot/v0.6.4/graphlib-dot.min.js',
+                   'sha384-Q7oatU+b+y0oTkSoiRH9wTLH6sROySROCILZso/AbMMm9uKeq++r8ujD4l4f+CWj'),
+            loadJS('https://dagrejs.github.io/project/dagre-d3/v0.6.4/dagre-d3.min.js',
+                   'sha384-9N1ty7Yz7VKL3aJbOk+8ParYNW8G5W+MvxEfFL9G7CRYPmkHI9gJqyAfSI/8190W'),
+            loadJS('https://cdn.jsdelivr.net/npm/d3@7.0.0',
+                   'sha384-S+Kf0r6YzKIhKA8d1k2/xtYv+j0xYUU3E7+5YLrcPVab6hBh/r1J6cq90OXhw80u'),
         ]);
 
         return load_dagre_promise;