GitHub/outline
1
0
Fork 0
mirror of https://github.com/outline/outline.git synced 2026-06-13 11:25:03 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix: Resolve uuid to ^11.1.1 to patch CVE-2026-41907 (#12541)

Browse Source 
Forces transitive uuid copies (8.3.2 via sequelize/bull, 9.0.1 via
@hocuspocus/*) onto the patched 11.1.1, addressing GHSA-w5hq-g745-h8pq.
11.1.1 is the highest version that is both patched and ships a CommonJS
build, which the require()-based consumers depend on.

Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
Tom Moor
2026-05-30 18:26:09 -04:00
committed by GitHub
parent b2bb2335a1
commit ad89288eac
2 changed files with 2 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files
package.json
+2 -1
View File
@@ -388,7 +388,8 @@
"minimatch@npm:9.0.1": "9.0.9",
"lodash@npm:4.17.21": "^4.18.1",
"i18next-parser/i18next": "^23.16.8",
"ws@npm:~8.17.1": "^8.20.1"
"ws@npm:~8.17.1": "^8.20.1",
"uuid": "^11.1.1"
},
"version": "1.7.1",
"packageManager": "yarn@4.11.0"