From dddefc9e30d91b6926e3f59e1ed608afbc79a9f8 Mon Sep 17 00:00:00 2001
From: Andrew Rumble <andrew.rumble@overleaf.com>
Date: Wed, 27 May 2026 14:38:54 +0100
Subject: [PATCH] Merge pull request #33962 from
 overleaf/lg-uuid-security-upgrade

[Security upgrade] pin uuid to 11.1.1 in root yarn.lock

GitOrigin-RevId: 873da40311c0e67fc3eb7eb0c484475d1e515148
---
 services/web/package.json |  4 ++--
 yarn.lock                 | 20 ++++++++++++++++++--
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/services/web/package.json b/services/web/package.json
index 8eb1d49cd1..03862b03ea 100644
--- a/services/web/package.json
+++ b/services/web/package.json
@@ -272,7 +272,7 @@
     "@types/sanitize-html": "^2.14.0",
     "@types/sinon-chai": "^3.2.12",
     "@types/utf-8-validate": "^5.0.2",
-    "@types/uuid": "^9.0.8",
+    "@types/uuid": "^10.0.0",
     "@uppy/core": "^3.8.0",
     "@uppy/dashboard": "3.7.1",
     "@uppy/drag-drop": "3.0.3",
@@ -416,7 +416,7 @@
     "unified": "^11.0.5",
     "unist-util-visit": "^5.0.0",
     "use-stick-to-bottom": "^1.1.1",
-    "uuid": "^9.0.1",
+    "uuid": "^11.0.0",
     "vitest": "4.1.5",
     "w3c-keyname": "^2.2.8",
     "webpack": "^5.106.2",
diff --git a/yarn.lock b/yarn.lock
index defb6c6a08..517cfb79b1 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -7281,7 +7281,7 @@ __metadata:
     "@types/sanitize-html": "npm:^2.14.0"
     "@types/sinon-chai": "npm:^3.2.12"
     "@types/utf-8-validate": "npm:^5.0.2"
-    "@types/uuid": "npm:^9.0.8"
+    "@types/uuid": "npm:^10.0.0"
     "@uppy/core": "npm:^3.8.0"
     "@uppy/dashboard": "npm:3.7.1"
     "@uppy/drag-drop": "npm:3.0.3"
@@ -7506,7 +7506,7 @@ __metadata:
     unist-util-visit: "npm:^5.0.0"
     use-stick-to-bottom: "npm:^1.1.1"
     utf-8-validate: "npm:^5.0.2"
-    uuid: "npm:^9.0.1"
+    uuid: "npm:^11.0.0"
     valid-data-url: "npm:^2.0.0"
     valid-url: "npm:^1.0.9"
     vitest: "npm:4.1.5"
@@ -11462,6 +11462,13 @@ __metadata:
   languageName: node
   linkType: hard
 
+"@types/uuid@npm:^10.0.0":
+  version: 10.0.0
+  resolution: "@types/uuid@npm:10.0.0"
+  checksum: 10c0/9a1404bf287164481cb9b97f6bb638f78f955be57c40c6513b7655160beb29df6f84c915aaf4089a1559c216557dc4d2f79b48d978742d3ae10b937420ddac60
+  languageName: node
+  linkType: hard
+
 "@types/uuid@npm:^9.0.8":
   version: 9.0.8
   resolution: "@types/uuid@npm:9.0.8"
@@ -33617,6 +33624,15 @@ __metadata:
   languageName: node
   linkType: hard
 
+"uuid@npm:^11.0.0":
+  version: 11.1.1
+  resolution: "uuid@npm:11.1.1"
+  bin:
+    uuid: dist/esm/bin/uuid
+  checksum: 10c0/9e3af58eba872ece5a5e76f4773a94fc78a0ef2c2444c38dbe6b42f41dadf76c01850fd783604f27986f6195e6286aef064d45987d401b2a33127b98ddf7c0c5
+  languageName: node
+  linkType: hard
+
 "uuid@npm:^3.3.2":
   version: 3.4.0
   resolution: "uuid@npm:3.4.0"