chore(deps): remove uuid, use built-in crypto

[cacieprins]

PR checklist

• I have run npm test locally and all tests are passing.
• I have added/updated tests for any new behavior.
• If this is a significant change, an issue has already been created where the problem / solution was discussed: [N/A, or add link]

Summary

Removes the uuid dependency and generates UUIDs with Node’s built-in crypto.randomUUID():

• Digest authentication (lib/auth.js): cnonce when qop is set — still strips hyphens as before (randomUUID().replace(/-/g, '')).
• Multipart (lib/multipart.js): form boundary string.

Breaking / compatibility

Area	Change
Engines	package.json requires Node >= 14.17.0 (minimum version that provides crypto.randomUUID()).
Behavior	Same high-level behavior (random UUID-shaped strings); dependency surface shrinks. Minor differences could only matter if callers depended on the exact uuid package implementation rather than the output shape.

Risk note

Medium: Engine requirement is stricter than before, and random values are used for auth and multipart boundaries — worth sanity-checking digest-auth and multipart uploads against real backends if you rely on those paths.

[cypress-app-bot]

• Create a Draft Pull Request if your PR is not ready for review. Mark the PR as Ready for Review when you're ready for a Cypress team member to review the PR.

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit 70413a9. Configure here.}

[cypress-app-bot]

🎉 This PR is included in version 4.0.0 🎉

The release is available on:

• npm package (@latest dist-tag)
• GitHub release

Your semantic-release bot 📦🚀