build(deps): bump uuid from 11.1.0 to 14.0.0 in /agentex-ui by dependabot[bot] · Pull Request #207 · scaleapi/scale-agentex

dependabot · 2026-04-23T21:01:38Z

Bumps uuid from 11.1.0 to 14.0.0.

Release notes

v14.0.0

14.0.0 (2026-04-19)

⚠ BREAKING CHANGES

expect crypto to be global everywhere (requires node@20+) (#935)

drop node@18 support (#934)

Features

drop node@18 support (#934) (dc4ddb8)

Bug Fixes

expect crypto to be global everywhere (requires node@20+) (#935) (f2c235f)

Use GITHUB_TOKEN for release-please and enable npm provenance (#925) (ffa3138)

v13.0.2

13.0.2 (2026-05-04)

Bug Fixes

rerelease to fix provenance. (49ccb35)

v13.0.1

13.0.1 (2026-04-27)

Bug Fixes

backport fix for GHSA-w5hq-g745-h8pq (9d27ddf)

v13.0.0

13.0.0 (2025-09-08)

⚠ BREAKING CHANGES

make browser exports the default (#901)

Bug Fixes

make browser exports the default (#901) (bce9d72)

v12.0.1

12.0.1 (2026-04-29)

... (truncated)

Changelog

Sourced from uuid's changelog.

14.0.0 (2026-04-19)

Security

Fixes GHSA-w5hq-g745-h8pq: v3(), v5(), and v6() did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid offset was provided. A RangeError is now thrown if offset < 0 or offset + 16 > buf.length.

⚠ BREAKING CHANGES

crypto is now expected to be globally defined (requires node@20+) (#935)

drop node@18 support (#934)

upgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years

13.0.0 (2025-09-08)

⚠ BREAKING CHANGES

make browser exports the default (#901)

Bug Fixes

make browser exports the default (#901) (bce9d72)

12.0.0 (2025-09-05)

⚠ BREAKING CHANGES

update to typescript@5.2 (#887)

remove CommonJS support (#886)

drop node@16 support (#883)

Features

add node@24 to ci matrix (#879) (42b6178)

drop node@16 support (#883) (0f38cf1)

remove CommonJS support (#886) (ae786e2)

update to typescript@5.2 (#887) (c7ee405)

Bug Fixes

improve v4() performance (#894) (5fd974c)

restore node: prefix (#889) (e1f42a3)

Commits

7c1ea08 chore(main): release 14.0.0 (#926)
3d2c5b0 Merge commit from fork
f2c235f fix!: expect crypto to be global everywhere (requires node@20+) (#935)
529ef08 chore: upgrade TypeScript and fixup types (#927)
086fd79 chore: update dependencies (#933)
dc4ddb8 feat!: drop node@18 support (#934)
0f1f9c9 chore: switch to Biome for parsing and linting (#932)
e2879e6 chore: use maintained version of npm-run-all (#930)
ffa3138 fix: Use GITHUB_TOKEN for release-please and enable npm provenance (#925)
0423d49 docs: remove obsolete v1 option notes (#915)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for uuid since your current version.

Greptile Summary

Bumps uuid from 11.1.0 to 14.0.0 across three major versions. The key breaking changes are: removal of CommonJS support (v12), browser exports as the default export (v13), and a hard requirement of Node.js 20+ with globally available crypto (v14). The project's Dockerfile already uses node:20-trixie-slim, so all runtime requirements are satisfied.
The project only imports { v4 } from uuid via ESM, so neither the CJS removal nor the security fix for v3/v5/v6 buffer out-of-bounds writes (GHSA-w5hq-g745-h8pq) impacts this codebase.

Confidence Score: 5/5

Safe to merge — all breaking changes are satisfied by existing environment constraints.

No functional code changes; only a dependency version bump. Node 20 runtime, ESM-only imports, TypeScript 5.9.2, and exclusive use of v4 make this a clean upgrade with no incompatibilities.

No files require special attention.

Important Files Changed

Filename	Overview
agentex-ui/package.json	Bumps uuid from ^11.1.0 to ^14.0.0; Node 20 runtime (confirmed in Dockerfile) satisfies the new node@20+ requirement.
agentex-ui/package-lock.json	Lock file updated to uuid 14.0.0 with new dist-node bin path and updated integrity hash; no issues.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A["uuid v11.1.0"] --> B["v12.0.0\n⚠ Remove CommonJS\n⚠ Drop node@16"]
    B --> C["v13.0.0\n⚠ Browser exports default"]
    C --> D["v14.0.0\n⚠ Require node@20+\n⚠ Drop node@18\n✅ Fix GHSA-w5hq-g745-h8pq"]
    D --> E["agentex-ui"]

    subgraph compat ["Compatibility check"]
        F["Node 20 runtime\n(Dockerfile: node:20-trixie-slim)"] -->|"✅ node@20+"| E
        G["ESM import: import { v4 } from 'uuid'"] -->|"✅ No CJS needed"| E
        H["TypeScript 5.9.2"] -->|"✅ ≥ 5.4.3 required"| E
        I["Uses v4 only"] -->|"✅ Security fix\nnot applicable"| E
    end

_{Reviews (2): Last reviewed commit: "build(deps): bump uuid from 11.1.0 to 14..." | Re-trigger Greptile}

socket-security · 2026-04-23T21:02:24Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/uuid@11.1.0 ⏵ 14.0.0	⁺¹	⁺²

View full report

Bumps [uuid](https://github.com/uuidjs/uuid) from 11.1.0 to 14.0.0. - [Release notes](https://github.com/uuidjs/uuid/releases) - [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md) - [Commits](uuidjs/uuid@v11.1.0...v14.0.0) --- updated-dependencies: - dependency-name: uuid dependency-version: 14.0.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 23, 2026

dependabot Bot requested a review from a team as a code owner April 23, 2026 21:01

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 23, 2026

dependabot Bot force-pushed the dependabot/npm_and_yarn/agentex-ui/uuid-14.0.0 branch from ccdad02 to eb91982 Compare May 7, 2026 17:27

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump uuid from 11.1.0 to 14.0.0 in /agentex-ui#207

build(deps): bump uuid from 11.1.0 to 14.0.0 in /agentex-ui#207
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/agentex-ui/uuid-14.0.0

dependabot Bot commented on behalf of github Apr 23, 2026 •

edited by greptile-apps Bot

Loading

Uh oh!

socket-security Bot commented Apr 23, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Apr 23, 2026 • edited by greptile-apps Bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v14.0.0

14.0.0 (2026-04-19)

⚠ BREAKING CHANGES

Features

Bug Fixes

v13.0.2

13.0.2 (2026-05-04)

Bug Fixes

v13.0.1

13.0.1 (2026-04-27)

Bug Fixes

v13.0.0

13.0.0 (2025-09-08)

⚠ BREAKING CHANGES

Bug Fixes

v12.0.1

12.0.1 (2026-04-29)

14.0.0 (2026-04-19)

Security

⚠ BREAKING CHANGES

13.0.0 (2025-09-08)

⚠ BREAKING CHANGES

Bug Fixes

12.0.0 (2025-09-05)

⚠ BREAKING CHANGES

Features

Bug Fixes

Greptile Summary

Confidence Score: 5/5

Important Files Changed

Flowchart

Uh oh!

socket-security Bot commented Apr 23, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github Apr 23, 2026 •

edited by greptile-apps Bot

Loading

socket-security Bot commented Apr 23, 2026 •

edited

Loading