chore(deps): bump uuid from 10.0.0 to 13.0.0 by dependabot[bot] · Pull Request #7812 · monkeytypegame/monkeytype

dependabot · 2026-04-10T20:06:17Z

Bumps uuid from 10.0.0 to 13.0.0.

Release notes

v13.0.0

13.0.0 (2025-09-08)

⚠ BREAKING CHANGES

make browser exports the default (#901)

Bug Fixes

make browser exports the default (#901) (bce9d72)

v12.0.0

12.0.0 (2025-09-05)

⚠ BREAKING CHANGES

update to typescript@5.2 (#887)

remove CommonJS support (#886)

drop node@16 support (#883)

Features

add node@24 to ci matrix (#879) (42b6178)

drop node@16 support (#883) (0f38cf1)

remove CommonJS support (#886) (ae786e2)

update to typescript@5.2 (#887) (c7ee405)

Bug Fixes

improve v4() performance (#894) (5fd974c)

restore node: prefix (#889) (e1f42a3)

v11.1.0

11.1.0 (2025-02-19)

Features

update TS types to allowUint8Array subtypes for buffer option (#865) (a5231e7)

v11.0.5

11.0.5 (2025-01-09)

Bug Fixes

add TS unit test, pin to typescript@5.0.4 (#860) (24ac2fd)

... (truncated)

Changelog

Sourced from uuid's changelog.

13.0.0 (2025-09-08)

⚠ BREAKING CHANGES

make browser exports the default (#901)

Bug Fixes

make browser exports the default (#901) (bce9d72)

12.0.0 (2025-09-05)

⚠ BREAKING CHANGES

update to typescript@5.2 (#887)

remove CommonJS support (#886)

drop node@16 support (#883)

Features

add node@24 to ci matrix (#879) (42b6178)

drop node@16 support (#883) (0f38cf1)

remove CommonJS support (#886) (ae786e2)

update to typescript@5.2 (#887) (c7ee405)

Bug Fixes

improve v4() performance (#894) (5fd974c)

restore node: prefix (#889) (e1f42a3)

11.1.0 (2025-02-19)

Features

update TS types to allowUint8Array subtypes for buffer option (#865) (a5231e7)

11.0.5 (2025-01-09)

Bug Fixes

add TS unit test, pin to typescript@5.0.4 (#860) (24ac2fd)

11.0.4 (2025-01-05)

... (truncated)

Commits

24c1238 chore(main): release 13.0.0 (#902)
bce9d72 fix!: make browser exports the default (#901)
7844bc2 chore(main): release 12.0.0 (#880)
a2b4603 chore: npm run docs (#898)
744a4a8 docs: add motivation for dropping CJS support (#897)
3c9acd5 docs: fix CHANGELOG links. fixes #871 (#896)
5fd974c fix: improve v4() performance (#894)
330ee3b chore: minor example and benchmark cleanup (#893)
caea889 chore: fix bug report form
e1f42a3 fix: restore node: prefix (#889)
Additional commits viewable in compare view

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [uuid](https://github.com/uuidjs/uuid) from 10.0.0 to 13.0.0. - [Release notes](https://github.com/uuidjs/uuid/releases) - [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md) - [Commits](uuidjs/uuid@v10.0.0...v13.0.0) --- updated-dependencies: - dependency-name: uuid dependency-version: 13.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

socket-security · 2026-04-10T20:07:26Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	etag@1.8.1
	mustache@4.2.0
	object-hash@3.0.0
	uuid@13.0.0
	cors@2.8.5
	tailwindcss@4.1.18
	yaml@2.8.3
	playwright@1.58.2

View full report

socket-security · 2026-04-10T20:07:28Z

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert (click "▶" to expand/collapse)
Warn		Obfuscated code: npm `entities` is 91.0% likely obfuscated Confidence: 0.91 Location: Package overview From: pnpm-lock.yaml → `npm/entities@4.5.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/entities@4.5.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `entities` is 91.0% likely obfuscated Confidence: 0.91 Location: Package overview From: pnpm-lock.yaml → `npm/entities@6.0.1` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/entities@6.0.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 10, 2026

monkeytypegeorge added the backend Server stuff label Apr 10, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): bump uuid from 10.0.0 to 13.0.0#7812

chore(deps): bump uuid from 10.0.0 to 13.0.0#7812
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/uuid-13.0.0

dependabot bot commented on behalf of github Apr 10, 2026

Uh oh!

socket-security bot commented Apr 10, 2026

Uh oh!

socket-security bot commented Apr 10, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Conversation

dependabot bot commented on behalf of github Apr 10, 2026

v13.0.0

13.0.0 (2025-09-08)

⚠ BREAKING CHANGES

Bug Fixes

v12.0.0

12.0.0 (2025-09-05)

⚠ BREAKING CHANGES

Features

Bug Fixes

v11.1.0

11.1.0 (2025-02-19)

Features

v11.0.5

11.0.5 (2025-01-09)

Bug Fixes

13.0.0 (2025-09-08)

⚠ BREAKING CHANGES

Bug Fixes

12.0.0 (2025-09-05)

⚠ BREAKING CHANGES

Features

Bug Fixes

11.1.0 (2025-02-19)

Features

11.0.5 (2025-01-09)

Bug Fixes

11.0.4 (2025-01-05)

Uh oh!

socket-security bot commented Apr 10, 2026

Uh oh!

socket-security bot commented Apr 10, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant