fix(ui): remove unused crypto/stream polyfills (CVE-2025-14505)

Artyom Kartasovrequested to merge
akartasov/database-lab:chore/remove-unused-crypto-polyfills into master

Summary

  • Remove crypto-browserify and stream-browserify dependencies from ce and shared packages — carried over from the CRA/craco era, unused after Vite migration
  • Remove resolve.alias entries in vite.config.ts — the only crypto usage (getRandomValues) is the native Web Crypto API
  • Clean up 10 stale pnpm overrides for packages no longer in the dependency tree: elliptic, browserify-sign, bn.js, pbkdf2, sha.js, cipher-base
  • pnpm audit now reports zero known vulnerabilities

Closes https://github.com/postgres-ai/database-lab-engine/issues/270

Merge request reports