Upgrade project dependencies (npm, NuGet)

[Copilot]

Upgrades all npm and NuGet package dependencies to their latest versions.

npm Packages

DataverseDialogBuilder.GrapesJS:

• uuid: 9.0.1 → 13.0.0 (removed deprecated @types/uuid - now bundled)
• eslint: 9.3.0 → 9.39.1
• xml-formatter: 3.6.2 → 3.6.7
• stream: 0.0.2 → 0.0.3
• Added overrides for webpack-dev-server ^5.2.2 to fix CVE

DataverseDialogBuilder.WebResource:

• @types/xrm: 9.0.73 → 9.0.88

NuGet Packages

Microsoft CRM SDK:

• CoreAssemblies: 9.0.2.52 → 9.0.2.60
• Workflow: 9.0.2.52 → 9.0.2.60
• XrmTooling.CoreAssembly: 9.1.1.45 → 9.1.1.65
• XrmTooling.WpfControls: 9.1.1.45 → 9.1.1.65
• CoreTools: 9.1.0.159 → 9.1.0.179

DynamicsCrm.DevKit:

• Cli: 3.33.33.33 → 3.45.67.89
• Analyzers: 3.33.33.34 → 3.55.55.55

Other:

• Castle.Core: 5.1.1 → 5.2.1
• NSubstitute: 5.0.0 → 5.3.0

Notes

Remaining lodash.template vulnerability is transitive via grapesjs-cli (dev dependency only) - requires upstream fix.

Original prompt

upgrade project to latest version (npm, nuget, ...)

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[phuocle]

Ok

[Copilot]

Pull request overview

This PR updates npm and NuGet dependencies across the Dataverse Dialog Builder project to their latest versions, addressing security vulnerabilities and keeping the project current with upstream changes.

Key Changes:

• Upgraded npm packages in GrapesJS project, including major version bump for uuid (9.0.1 → 13.0.0) and removal of deprecated @types/uuid
• Updated Microsoft CRM SDK packages across all C# projects (9.0.2.52 → 9.0.2.60)
• Upgraded development and testing dependencies including NSubstitute (5.0.0 → 5.3.0) and Castle.Core (5.1.1 → 5.2.1)

Reviewed changes

Copilot reviewed 10 out of 12 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
DataverseDialogBuilder.GrapesJS/package.json	Updated npm dependencies including uuid major version upgrade and added webpack-dev-server override for security
DataverseDialogBuilder.WebResource/package.json	Updated @types/xrm type definitions
DataverseDialogBuilder.WebResource/packages.config	Updated DynamicsCrm.DevKit packages
DataverseDialogBuilder.WebResource/DataverseDialogBuilder.WebResource.csproj	Updated analyzer path reference
DataverseDialogBuilder.SolutionPackager/packages.config	Updated Microsoft.CrmSdk.CoreTools and DynamicsCrm.DevKit packages
DataverseDialogBuilder.SolutionPackager/DataverseDialogBuilder.SolutionPackager.csproj	Updated analyzer path reference
DataverseDialogBuilder.CustomAction/packages.config	Updated Microsoft.CrmSdk.CoreAssemblies and DynamicsCrm.DevKit packages
DataverseDialogBuilder.CustomAction/DataverseDialogBuilder.CustomAction.csproj	Updated assembly hint paths and analyzer reference
DataverseDialogBuilder.Console/packages.config	Updated multiple Microsoft CRM SDK packages, Castle.Core, and NSubstitute
DataverseDialogBuilder.Console/DataverseDialogBuilder.Console.csproj	Updated all assembly hint paths to match new package versions

Files not reviewed (1)

• DataverseDialogBuilder.WebResource/package-lock.json: Language not supported

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.