From 5182d727d9cd24eb87a117d27ce4a1dd16a78410 Mon Sep 17 00:00:00 2001 From: "ugo.bechameil" Date: Fri, 24 Apr 2026 15:18:16 +0200 Subject: [PATCH] fix uuid cve --- package-lock.json | 60 ++++++++++++++++++++++++----------------------- package.json | 9 +++---- 2 files changed, 36 insertions(+), 33 deletions(-) diff --git a/package-lock.json b/package-lock.json index 8011d6c..3138d90 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,19 +1,19 @@ { "name": "Synapse", - "version": "0.2.31", + "version": "0.2.32", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "Synapse", - "version": "0.2.31", + "version": "0.2.32", "dependencies": { "@hackolade/fetch": "1.3.0", "base64url": "3.0.1", "crypto": "1.0.1", "lodash": "4.18.1", - "mssql": "12.0.0", - "randomstring": "1.3.0" + "mssql": "12.5.0", + "randomstring": "1.3.1" }, "devDependencies": { "@hackolade/hck-esbuild-plugins-pack": "0.0.1", @@ -81,7 +81,6 @@ "resolved": "https://registry.npmjs.org/@azure/core-client/-/core-client-1.10.1.tgz", "integrity": "sha512-Nh5PhEOeY6PrnxNPsEHRr9eimxLwgLlpmguQaHKBinFYA/RU9+kOYVOQqOrTsCL+KSxrLLl1gD8Dk5BFW/7l/w==", "license": "MIT", - "peer": true, "dependencies": { "@azure/abort-controller": "^2.1.2", "@azure/core-auth": "^1.10.0", @@ -143,7 +142,6 @@ "resolved": "https://registry.npmjs.org/@azure/core-rest-pipeline/-/core-rest-pipeline-1.22.2.tgz", "integrity": "sha512-MzHym+wOi8CLUlKCQu12de0nwcq9k9Kuv43j4Wa++CsCpJwps2eeBQwD2Bu8snkxTtDKDx4GwjuR9E8yC8LNrg==", "license": "MIT", - "peer": true, "dependencies": { "@azure/abort-controller": "^2.1.2", "@azure/core-auth": "^1.10.0", @@ -1319,9 +1317,9 @@ } }, "node_modules/@tediousjs/connection-string": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/@tediousjs/connection-string/-/connection-string-0.6.0.tgz", - "integrity": "sha512-GxlsW354Vi6QqbUgdPyQVcQjI7cZBdGV5vOYVYuCVDTylx2wl3WHR2HlhcxxHTrMigbelpXsdcZso+66uxPfow==", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/@tediousjs/connection-string/-/connection-string-1.1.0.tgz", + "integrity": "sha512-z9ZBWEG+8pIB5V1zYzlRPXx0oRJ5H7coPnMQK8EZOw03UTPI9Umn6viL36f5w+CuqkKsnCM50RVStpjZmR0Bng==", "license": "MIT" }, "node_modules/@types/node": { @@ -1853,7 +1851,6 @@ "dev": true, "hasInstallScript": true, "license": "MIT", - "peer": true, "bin": { "esbuild": "bin/esbuild" }, @@ -2654,12 +2651,12 @@ "license": "MIT" }, "node_modules/mssql": { - "version": "12.0.0", - "resolved": "https://registry.npmjs.org/mssql/-/mssql-12.0.0.tgz", - "integrity": "sha512-FcDQ1Gwe4g3Mhw25R1Onr8N+jmqBTWE/pmtcgxYnAUSIf/vBQMvJfMnyMY8ruOICtBch5+Wgbcfd3REDQSlWpA==", + "version": "12.5.0", + "resolved": "https://registry.npmjs.org/mssql/-/mssql-12.5.0.tgz", + "integrity": "sha512-nTbhxS1qi5SPwuKygwfRzmp2p6e/2v37ZFzvwvMf27wRSI+09J7J2pP7zaAUzqT4znMyHYBrcUyxkjSeeNyDTg==", "license": "MIT", "dependencies": { - "@tediousjs/connection-string": "^0.6.0", + "@tediousjs/connection-string": "^1.0.0", "commander": "^11.0.0", "debug": "^4.3.3", "tarn": "^3.0.2", @@ -2669,7 +2666,7 @@ "mssql": "bin/mssql" }, "engines": { - "node": ">=18" + "node": ">=18.19.0" } }, "node_modules/mssql/node_modules/commander": { @@ -2794,7 +2791,6 @@ "integrity": "sha512-EEHNdo5cW2w1xwYdBQ7d3IXDqWAtMkfVFrh+9gQ4kYbYJwygY4QXSh1eH80/xVipZdVKujAwBgg/nNNHk56kxQ==", "dev": true, "license": "MIT", - "peer": true, "bin": { "tsgolint": "bin/tsgolint.js" }, @@ -2924,7 +2920,6 @@ "integrity": "sha512-UOnG6LftzbdaHZcKoPFtOcCKztrQ57WkHDeRD9t/PTQtmT0NHSeWWepj6pS0z/N7+08BHFDQVUrfmfMRcZwbMg==", "dev": true, "license": "MIT", - "peer": true, "bin": { "prettier": "bin/prettier.cjs" }, @@ -2966,18 +2961,21 @@ "license": "MIT" }, "node_modules/randombytes": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/randombytes/-/randombytes-2.0.3.tgz", - "integrity": "sha512-lDVjxQQFoCG1jcrP06LNo2lbWp4QTShEXnhActFBwYuHprllQV6VUpwreApsYqCgD+N1mHoqJ/BI/4eV4R2GYg==", - "license": "MIT" + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/randombytes/-/randombytes-2.1.0.tgz", + "integrity": "sha512-vYl3iOX+4CKUWuxGi9Ukhie6fsqXqS9FE2Zaic4tNFD2N2QQaXOMFbuKK4QmDHC0JO6B1Zp41J0LpT0oR68amQ==", + "license": "MIT", + "dependencies": { + "safe-buffer": "^5.1.0" + } }, "node_modules/randomstring": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/randomstring/-/randomstring-1.3.0.tgz", - "integrity": "sha512-gY7aQ4i1BgwZ8I1Op4YseITAyiDiajeZOPQUbIq9TPGPhUm5FX59izIaOpmKbME1nmnEiABf28d9K2VSii6BBg==", + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/randomstring/-/randomstring-1.3.1.tgz", + "integrity": "sha512-lgXZa80MUkjWdE7g2+PZ1xDLzc7/RokXVEQOv5NN2UOTChW1I8A9gha5a9xYBOqgaSoI6uJikDmCU8PyRdArRQ==", "license": "MIT", "dependencies": { - "randombytes": "2.0.3" + "randombytes": "2.1.0" }, "bin": { "randomstring": "bin/randomstring" @@ -3342,12 +3340,16 @@ } }, "node_modules/uuid": { - "version": "8.3.2", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", - "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "version": "14.0.0", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-14.0.0.tgz", + "integrity": "sha512-Qo+uWgilfSmAhXCMav1uYFynlQO7fMFiMVZsQqZRMIXp0O7rR7qjkj+cPvBHLgBqi960QCoo/PH2/6ZtVqKvrg==", + "funding": [ + "https://github.com/sponsors/broofa", + "https://github.com/sponsors/ctavan" + ], "license": "MIT", "bin": { - "uuid": "dist/bin/uuid" + "uuid": "dist-node/bin/uuid" } }, "node_modules/wrap-ansi": { diff --git a/package.json b/package.json index 1fa0c92..e922a23 100644 --- a/package.json +++ b/package.json @@ -49,8 +49,8 @@ "base64url": "3.0.1", "crypto": "1.0.1", "lodash": "4.18.1", - "mssql": "12.0.0", - "randomstring": "1.3.0" + "mssql": "12.5.0", + "randomstring": "1.3.1" }, "simple-git-hooks": { "pre-commit": "npm run package && npx lint-staged --config lint-staged.config.js", @@ -76,6 +76,7 @@ "simple-git-hooks": "2.13.1" }, "overrides": { - "minimatch": "10.2.4" + "minimatch": "10.2.4", + "uuid": "14.0.0" } -} \ No newline at end of file +}