Skip to content

fix(deps): vuln uuid (major → 14.0.1) [packages/react-native-babel-plugin]#1325

Open
gh-worker-campaigns-3e9aa4[bot] wants to merge 2 commits into
developfrom
engraver-auto-version-upgrade/major/npm/react-native-babel-plugin/1-1783352202
Open

fix(deps): vuln uuid (major → 14.0.1) [packages/react-native-babel-plugin]#1325
gh-worker-campaigns-3e9aa4[bot] wants to merge 2 commits into
developfrom
engraver-auto-version-upgrade/major/npm/react-native-babel-plugin/1-1783352202

Conversation

@gh-worker-campaigns-3e9aa4

Copy link
Copy Markdown

Summary: Security update — 1 package upgraded (MAJOR changes included)

Manifests changed:

  • packages/react-native-babel-plugin (yarn)

✅ Action Required: Please review the changes below. If they look good, approve and merge this PR.


Updates

Package From To Type Dep Type Vulnerabilities Fixed
uuid 8.3.2 14.0.1 major Direct 1 MEDIUM

Warning

Major Version Upgrade

This update includes major version changes that may contain breaking changes. Please:

  • Review the changelog/release notes for breaking changes
  • Test thoroughly in a staging environment
  • Update any code that depends on changed APIs
  • Ensure all tests pass before merging

Security Details

ℹ️ Other Vulnerabilities (1)
Package CVE Severity Summary Unsafe Version Fixed In Case
uuid GHSA-w5hq-g745-h8pq MODERATE uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided 8.3.2 11.1.1 -

Review Checklist

Extra review is recommended for this update:

  • Review changes for compatibility with your code
  • Check release notes for breaking changes
  • Run integration tests to verify service behavior
  • Test in staging environment before production
  • Monitor key metrics after deployment
  • Approve and merge this PR

Update Mode: all_vulns

🤖 Generated by DataDog Automated Dependency Management System

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot can't review bot-authored pull requests automatically. A user with Copilot access can request a review manually.

@sbarrio sbarrio requested a review from 0xnm July 8, 2026 07:06
dd-octo-sts Bot and others added 2 commits July 8, 2026 12:08
Co-authored-by: gh-worker-campaigns-3e9aa4[bot] <244854796+gh-worker-campaigns-3e9aa4[bot]@users.noreply.github.com>
Co-authored-by: gh-worker-campaigns-3e9aa4[bot] <244854796+gh-worker-campaigns-3e9aa4[bot]@users.noreply.github.com>
@gh-worker-campaigns-3e9aa4

Copy link
Copy Markdown
Author

Auto-rebase complete

Branch is up to date with develop — rebased onto 43106f1.


Auto-Rebase · Add no-auto-rebase to opt out

Copilot AI review requested due to automatic review settings July 8, 2026 12:08
@dd-octo-sts dd-octo-sts Bot force-pushed the engraver-auto-version-upgrade/major/npm/react-native-babel-plugin/1-1783352202 branch from ff95764 to 8911bb8 Compare July 8, 2026 12:08

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot can't review bot-authored pull requests automatically. A user with Copilot access can request a review manually.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant