maximus/simpl-liste
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases 18 Packages Wiki Activity Actions

WIP: fix(deps): uuid override ^11.0.0 — GHSA-w5hq-g745-h8pq #86

Closed
defenseur-auto-bot wants to merge 2 commits from defenseur-auto/d8fb641059-1777737632446 into master
pull from: defenseur-auto/d8fb641059-1777737632446
merge into: maximus:master
Conversation 0 Commits 2 Files changed 1 +3 -3
defenseur-auto-bot commented 2026-05-02 16:13:29 +00:00
Collaborator
Copy link

Vuln GHSA-w5hq-g745-h8pq detectee (uuid <10.0.0).
Fix: override uuid ^11.0.0 (CJS stable, uuid@11.1.1 installe).
Rationale: uuid@10 est ESM-only (require() echoue) ; uuid@11 est la version CJS minimale qui satisfait la GHSA. Le bump ^14.0.0 du premier essai etait inutile — ^11.0.0 pre-existant est la correction correcte.
Tests: npm test pass — 6/6 checks (v3/v5 buffer arg, sites vuln).
Source: defenseur-simpl-liste 2026-05-02.

Closes #<ISSUE_NUMBER>

Closes #85

Vuln GHSA-w5hq-g745-h8pq detectee (uuid <10.0.0). Fix: override uuid ^11.0.0 (CJS stable, uuid@11.1.1 installe). Rationale: uuid@10 est ESM-only (require() echoue) ; uuid@11 est la version CJS minimale qui satisfait la GHSA. Le bump ^14.0.0 du premier essai etait inutile — ^11.0.0 pre-existant est la correction correcte. Tests: npm test pass — 6/6 checks (v3/v5 buffer arg, sites vuln). Source: defenseur-simpl-liste 2026-05-02. Closes #<ISSUE_NUMBER> Closes #85
defenseur-auto-bot added 2 commits 2026-05-02 16:13:30 +00:00
maximus changed title from fix(deps): uuid override ^11.0.0 — GHSA-w5hq-g745-h8pq to WIP: fix(deps): uuid override ^11.0.0 — GHSA-w5hq-g745-h8pq 2026-05-02 16:14:44 +00:00
maximus changed title from WIP: fix(deps): uuid override ^11.0.0 — GHSA-w5hq-g745-h8pq to fix(deps): uuid override ^11.0.0 — GHSA-w5hq-g745-h8pq 2026-05-02 16:14:44 +00:00
maximus changed title from fix(deps): uuid override ^11.0.0 — GHSA-w5hq-g745-h8pq to WIP: fix(deps): uuid override ^11.0.0 — GHSA-w5hq-g745-h8pq 2026-05-02 16:15:10 +00:00
maximus closed this pull request 2026-05-02 19:00:27 +00:00

Pull request closed

This pull request cannot be reopened because the branch was deleted.
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
autopilot:pending-human

PR produite par autopilot, attend review humaine

  
source:analyste

Créée par le Super-Analyste

  
source:defenseur

Créée par l Escouade Défenseur

  
source:human

Créée par un humain

  
source:medic

Créée par le Medic (auto-détection)

  
status:approved

PR approuvée, prête à merger

  
status:blocked

Bloquée (question, dépendance, clarification)

  
status:in-progress

Un agent (Medic/Dev) travaille dessus

  
status:needs-clarification

Ambiguite LOW, Max doit clarifier

  
status:needs-fix

Reviewer demande des corrections

  
status:ready

Analysée et documentée, prête à prendre

  
status:review

PR créée, en attente du Reviewer

  
status:triage

Nouvelle issue, pas encore analysée

  
type:bug

Correction de bug → Medic

  
type:feature

Nouvelle fonctionnalité → Dev

  
type:infra

Config, CI/CD, déploiement → Dev

  
type:refactor

Refactoring / amélioration technique → Dev

  
type:schema

Modèle de données / migrations → Dev

  
type:security

Issue de sécurité → Medic ou Dev

No labels
autopilot:pending-human
source:analyste
source:defenseur
source:human
source:medic
status:approved
status:blocked
status:in-progress
status:needs-clarification
status:needs-fix
status:ready
status:review
status:triage
type:bug
type:feature
type:infra
type:refactor
type:schema
type:security
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: maximus/simpl-liste#86
No description provided.
Delete branch "defenseur-auto/d8fb641059-1777737632446"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?