Using this package causes security alerts for any consuming repo on github.
GHSA: GHSA-w5hq-g745-h8pq
The fix is quite easy. The reason its' happening right now is due to usage of the outdated uuid v10 package. The repo now also requires node 22, so the correct fix is likely removing the package and using the native crypto.randomUUID instead as that's been in node since 16.7: https://developer.mozilla.org/en-US/docs/Web/API/Crypto/randomUUID
Is this something you are open to? I can create a PR in a minute if so.
Using this package causes security alerts for any consuming repo on github.
GHSA: GHSA-w5hq-g745-h8pq
The fix is quite easy. The reason its' happening right now is due to usage of the outdated uuid v10 package. The repo now also requires node 22, so the correct fix is likely removing the package and using the native
crypto.randomUUIDinstead as that's been in node since 16.7: https://developer.mozilla.org/en-US/docs/Web/API/Crypto/randomUUIDIs this something you are open to? I can create a PR in a minute if so.