fix: replace uuid dependency with crypto.randomUUID()

uuid <14.0.0 is flagged by GHSA-w5hq-g745-h8pq (missing buffer bounds
check in v3/v5/v6 when buf is provided). The only upstream fix is uuid
v14, but v14 dropped CommonJS support, which would break this package.

Since only uuid.v4() is used here (in generateUuid()), replace it with
Node's built-in crypto.randomUUID() — available since Node 14.17.0,
produces the same RFC 4122 v4 UUID format, and requires no external
dependency. The engines field is updated accordingly.

All 426 existing tests pass.

Author: escoberik

lib/pbxProject.js

@@ -21,7 +21,6 @@ var util = require('util'),
     f = util.format,
     EventEmitter = require('events').EventEmitter,
     path = require('path'),
-    uuid = require('uuid'),
     fork = require('child_process').fork,
     pbxWriter = require('./pbxWriter'),
     pbxFile = require('./pbxFile'),
@@ -89,7 +88,7 @@ pbxProject.prototype.allUuids = function() {
 }
 
 pbxProject.prototype.generateUuid = function() {
-    var id = uuid.v4()
+    var id = require('crypto').randomUUID()
         .replace(/-/g, '')
         .substr(0, 24)
         .toUpperCase()

package.json

@@ -7,11 +7,10 @@
   "repository": "github:apache/cordova-node-xcode",
   "bugs": "https://github.com/apache/cordova-node-xcode/issues",
   "engines": {
-    "node": ">=10.0.0"
+    "node": ">=14.17.0"
   },
   "dependencies": {
-    "simple-plist": "^1.1.0",
-    "uuid": "^7.0.3"
+    "simple-plist": "^1.1.0"
   },
   "devDependencies": {
     "pegjs": "^0.10.0"