Skip to content

fix(deps): vuln major: @types/uuid, uuid #2286

Merged
Drarig29 merged 12 commits into
masterfrom
engraver-auto-version-upgrade/major/npm/0-1776957983
May 6, 2026
Merged

fix(deps): vuln major: @types/uuid, uuid #2286
Drarig29 merged 12 commits into
masterfrom
engraver-auto-version-upgrade/major/npm/0-1776957983

Conversation

@gh-worker-campaigns-3e9aa4

Copy link
Copy Markdown
Contributor

Summary: Security update — 7 packages upgraded (MAJOR changes included)

Manifests changed:

  • . (yarn)

✅ Action Required: Please review the changes below. If they look good, approve and merge this PR.


Updates

Package From To Type Dep Type Vulnerabilities Fixed
uuid 9.0.1 14.0.0 major Direct 1 MODERATE
uuid 9.0.1 14.0.0 major Direct 1 MODERATE
uuid 9.0.1 14.0.0 major Direct 1 MODERATE
uuid 9.0.1 14.0.0 major Direct 1 MODERATE
uuid 9.0.1 14.0.0 major Direct 1 MODERATE
@types/uuid 9.0.8 11.0.0 major Direct -
@types/uuid 9.0.8 11.0.0 major Direct -

Packages marked with "-" are updated due to dependency constraints.


Warning

Major Version Upgrade

This update includes major version changes that may contain breaking changes. Please:

  • Review the changelog/release notes for breaking changes
  • Test thoroughly in a staging environment
  • Update any code that depends on changed APIs
  • Ensure all tests pass before merging

Security Details

ℹ️ Other Vulnerabilities (5)
Package CVE Severity Summary Unsafe Version Fixed In
uuid GHSA-w5hq-g745-h8pq MODERATE uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided 9.0.1 14.0.0
uuid GHSA-w5hq-g745-h8pq MODERATE uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided 9.0.1 14.0.0
uuid GHSA-w5hq-g745-h8pq MODERATE uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided 9.0.1 14.0.0
uuid GHSA-w5hq-g745-h8pq MODERATE uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided 9.0.1 14.0.0
uuid GHSA-w5hq-g745-h8pq MODERATE uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided 9.0.1 14.0.0

Review Checklist

Extra review is recommended for this update:

  • Review changes for compatibility with your code
  • Check release notes for breaking changes
  • Run integration tests to verify service behavior
  • Test in staging environment before production
  • Monitor key metrics after deployment
  • Approve and merge this PR

Update Mode: Vulnerability Remediation

🤖 Generated by DataDog Automated Dependency Management System

@gh-worker-campaigns-3e9aa4

gh-worker-campaigns-3e9aa4 Bot commented Apr 24, 2026

Copy link
Copy Markdown
Contributor Author

Auto-rebase complete

Branch is up to date with master — rebased onto 15593b6.


Auto-Rebase · Add no-auto-rebase to opt out

@dd-octo-sts-dcc400
dd-octo-sts-dcc400 Bot force-pushed the engraver-auto-version-upgrade/major/npm/0-1776957983 branch from c9c8cdd to 7634e88 Compare April 24, 2026 14:02
@dd-octo-sts-4caf68
dd-octo-sts-4caf68 Bot force-pushed the engraver-auto-version-upgrade/major/npm/0-1776957983 branch from 7634e88 to 6b8e304 Compare April 27, 2026 15:44
@dd-octo-sts
dd-octo-sts Bot force-pushed the engraver-auto-version-upgrade/major/npm/0-1776957983 branch from 6b8e304 to 514c38d Compare May 1, 2026 17:57
@Drarig29
Drarig29 marked this pull request as ready for review May 4, 2026 12:35
@Drarig29
Drarig29 requested review from a team as code owners May 4, 2026 12:35
@Drarig29
Drarig29 requested review from colemaring and rulix-dev and removed request for a team May 4, 2026 12:35
@dd-octo-sts-4caf68
dd-octo-sts-4caf68 Bot force-pushed the engraver-auto-version-upgrade/major/npm/0-1776957983 branch from 7e8dddc to 07d3266 Compare May 4, 2026 12:54
@dd-octo-sts-dcc400
dd-octo-sts-dcc400 Bot force-pushed the engraver-auto-version-upgrade/major/npm/0-1776957983 branch from 92de955 to 1310432 Compare May 5, 2026 16:01
@dd-octo-sts-b8cf80
dd-octo-sts-b8cf80 Bot force-pushed the engraver-auto-version-upgrade/major/npm/0-1776957983 branch from 1310432 to 6c5c5c3 Compare May 5, 2026 16:12
dd-octo-sts-09fbc5 Bot and others added 8 commits May 5, 2026 16:40
Co-authored-by: dd-octo-sts-b8cf80[bot] <266798001+dd-octo-sts-b8cf80[bot]@users.noreply.github.com>
Co-authored-by: corentin <[email protected]>

Co-authored-by: dd-octo-sts-b8cf80[bot] <266798001+dd-octo-sts-b8cf80[bot]@users.noreply.github.com>
Co-authored-by: dd-octo-sts-b8cf80[bot] <266798001+dd-octo-sts-b8cf80[bot]@users.noreply.github.com>
Co-authored-by: corentin <[email protected]>

Co-authored-by: dd-octo-sts-b8cf80[bot] <266798001+dd-octo-sts-b8cf80[bot]@users.noreply.github.com>
Co-authored-by: corentin <[email protected]>

Co-authored-by: dd-octo-sts-b8cf80[bot] <266798001+dd-octo-sts-b8cf80[bot]@users.noreply.github.com>
Co-authored-by: dd-octo-sts-b8cf80[bot] <266798001+dd-octo-sts-b8cf80[bot]@users.noreply.github.com>
Co-authored-by: dd-octo-sts-b8cf80[bot] <266798001+dd-octo-sts-b8cf80[bot]@users.noreply.github.com>
Co-authored-by: gh-worker-campaigns-3e9aa4[bot] <244854796+gh-worker-campaigns-3e9aa4[bot]@users.noreply.github.com>
@dd-octo-sts-09fbc5
dd-octo-sts-09fbc5 Bot force-pushed the engraver-auto-version-upgrade/major/npm/0-1776957983 branch from 6c5c5c3 to 5d82a6f Compare May 5, 2026 16:41
@datadog-prod-us1-4

datadog-prod-us1-4 Bot commented May 6, 2026

Copy link
Copy Markdown

Tests

🎉 All green!

❄️ No new flaky tests detected
🧪 All tests passed

This comment will be updated automatically if new data arrives.
🔗 Commit SHA: 20701b3 | Docs | Datadog PR Page | Give us feedback!

@Drarig29
Drarig29 merged commit 337486f into master May 6, 2026
29 checks passed
@Drarig29
Drarig29 deleted the engraver-auto-version-upgrade/major/npm/0-1776957983 branch May 6, 2026 13:17
@ava-silver ava-silver mentioned this pull request May 6, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant