[Snyk] Security upgrade uuid from 9.0.1 to 14.0.0

[heather-formio]

Snyk has created this PR to fix 1 vulnerabilities in the yarn dependencies of this project.

Snyk changed the following file(s):

• package.json
• yarn.lock

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Improper Validation of Specified Index, Position, or Offset in Input SNYK-JS-UUID-16133035	708

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[heather-formio]

This is a significant major version upgrade that includes several critical breaking changes, requiring both environment updates and code modifications.

Key Breaking Changes:

• Node.js Version Requirement: Support for older Node.js versions has been progressively dropped. Version 14.0.0 requires Node.js 20+. [2, 10]
• CommonJS Support Removed (v12.0.0): The library is now ESM-only. You must update your code from CommonJS require() to ESM import syntax. [1, 2]
  • Example: const { v4: uuidv4 } = require('uuid'); must become import { v4 as uuidv4 } from 'uuid';.
• Deep Imports Removed: Importing specific functions directly (e.g., uuid/v4) is no longer supported. You must use named imports from the main package. [3, 7]
• Timestamp UUID Behavior (v11.0.0): The handling of options for timestamp-based UUIDs (v1, v6, v7) has changed, which may affect uniqueness guarantees if you were providing custom options. [1]

Recommendation:
Before merging, you must:

1. Ensure your runtime environment is Node.js 20 or newer.
2. Refactor all require('uuid') statements to use ESM import syntax.
3. Verify that any usage of timestamp-based UUIDs with custom options still meets your requirements.

Source: GitHub Releases

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.