demo-course-platform
demo-course-platform copied to clipboard
sanity-io
[Snyk] Security upgrade next from 14.2.5 to 14.2.7
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- web/package.json
- web/package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
586/1000 Why? Recently disclosed, Has a fix available, Medium severity |
Uncontrolled Recursion SNYK-JS-NEXT-8186172 |
No | No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: next
The new version differs by 24 commits.- a1c3a03 v14.2.7
- d46ab2c Fix hmr assetPrefix escaping and reuse logic from other files (#67983)
- d11cbc9 Reject next image urls in image optimizer (#68628)
- 575385e Fix bad modRequest in flight entry manifest (#68888)
- 9ecf2e8 update turbopack build manifest
- 325dc4b pages router: ensure x-middleware-cache is respected (#67734)
- d3021b6 update playwright interface
- 5e6f511 fix i18n data pathname resolving (#68947)
- dd32e0f Update font data (#68639)
- 2f7fa98 Add deployment id header for rsc payload if present (#67255)
- 545746e fix: properly patch lockfile against swc bindings (#66515)
- 26c80ee GTM dataLayer parameter should take an object, not an array of strings (#66339)
- bce2ec0 build: upgrade edge-runtime (#67565)
- 96d6ada fix(next): add cross origin in react dom preload (#67423)
- c572030 fix: Narrow down from `string | undefined` to `string` (#65248)
- b5db704 Refactor internal routing headers to use request meta (#66987)
- deeeb5f Revert "chore: externalize undici for bundling" (#65727)
- 43f24d0 Switch from automatically requesting reviews to manually requesting them (#67024)
- 42f0129 fix formatting from #69164
- 427c01d v14.2.6
- d4ca0b9 Ensure fetch cache TTL is updated properly (#69164)
- eee87cb remove invalid line in disabling webpack cache example
- dc40cc9 Fix typo in memory usage docs
- 28110b6 [docs] Backport Multi-Zones docs to 14.x branch (#68460)
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
๐ง View latest project report
๐ Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
๐ฆ Learn about vulnerability in an interactive lesson of Snyk Learn.
The latest updates on your projects. Learn more about Vercel for Git โ๏ธ
| Name | Status | Preview | Comments | Updated (UTC) |
|---|---|---|---|---|
| demo-course-platform | โ Ready (Inspect) | Visit Preview | ๐ฌ Add feedback | Oct 16, 2024 1:31am |
| demo-course-platform-studio | โ Ready (Inspect) | Visit Preview | ๐ฌ Add feedback | Oct 16, 2024 1:31am |
![vercel[bot] avatar](https://avatars.githubusercontent.com/in/8329?v=4 "Published by a pub.dev verified publisher"){kind=small}
New and removed dependencies detected. Learn more about Socket for GitHub โ๏ธ
| Package | New capabilities | Transitives | Size | Publisher |
|---|---|---|---|---|
| npm/[email protected] | environment, filesystem, network, shell, unsafe | +17 |
1.2 GB | vercel-release-bot |
๐ฎ Removed packages: npm/[email protected]
![socket-security[bot] avatar](https://avatars.githubusercontent.com/in/156372?v=4 "Published by a pub.dev verified publisher"){kind=small}
