From b9ae440d538522b94589ee8a356fe911ada1e144 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 12 Feb 2021 11:43:27 +0000 Subject: [PATCH 1/2] Update dependency uuid to v8 Signed-off-by: Renovate Bot --- package.json | 2 +- yarn.lock | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/package.json b/package.json index d348439b8..67bbe52fc 100644 --- a/package.json +++ b/package.json @@ -128,7 +128,7 @@ "tedious": "^6.6.0", "toobusy-js": "^0.5.1", "turndown": "^7.0.0", - "uuid": "^3.1.0", + "uuid": "^8.0.0", "validator": "^13.0.0", "velocity-animate": "^1.4.0", "visibilityjs": "^2.0.0", diff --git a/yarn.lock b/yarn.lock index e4f429c83..35c32ea9d 100644 --- a/yarn.lock +++ b/yarn.lock @@ -10993,6 +10993,11 @@ uuid@^3.0.0, uuid@^3.1.0, uuid@^3.2.1, uuid@^3.3.2, uuid@^3.3.3: resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.4.0.tgz#b23e4358afa8a202fe7a100af1f5f883f02007ee" integrity sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A== +uuid@^8.0.0: + version "8.3.2" + resolved "https://registry.yarnpkg.com/uuid/-/uuid-8.3.2.tgz#80d5b5ced271bb9af6c445f21a1a04c606cefbe2" + integrity sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg== + v8-compile-cache@^2.0.3, v8-compile-cache@^2.2.0: version "2.2.0" resolved "https://registry.yarnpkg.com/v8-compile-cache/-/v8-compile-cache-2.2.0.tgz#9471efa3ef9128d2f7c6a7ca39c4dd6b5055b132" From 67cb3c89f596c03afb09400c2e694af238abbceb Mon Sep 17 00:00:00 2001 From: David Mehren Date: Tue, 16 Feb 2021 22:21:13 +0100 Subject: [PATCH 2/2] Use new uuid export Signed-off-by: David Mehren --- lib/csp.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/csp.js b/lib/csp.js index a5f0a4fcd..616c1d21f 100644 --- a/lib/csp.js +++ b/lib/csp.js @@ -1,5 +1,5 @@ const config = require('./config') -const uuid = require('uuid') +const { v4: uuidv4 } = require('uuid') const CspStrategy = {} @@ -98,7 +98,7 @@ function addReportURI (directives) { } CspStrategy.addNonceToLocals = function (req, res, next) { - res.locals.nonce = uuid.v4() + res.locals.nonce = uuidv4() next() }