Title: chore(deps)(deps): bump next from 16.1.6 to 16.2.9 by dependabot[bot] · Pull Request #135 · aicodingstack/aicodingstack.io · GitHub
Open Graph Title: chore(deps)(deps): bump next from 16.1.6 to 16.2.9 by dependabot[bot] · Pull Request #135 · aicodingstack/aicodingstack.io
X Title: chore(deps)(deps): bump next from 16.1.6 to 16.2.9 by dependabot[bot] · Pull Request #135 · aicodingstack/aicodingstack.io
Description: Bumps next from 16.1.6 to 16.2.9.
Release notes
Sourced from next's releases.
v16.2.9
Empty release to ensure next@latest points at a stable release. Next.js only allows publishing with Trusted Publishing enabled. In order to fix NPM dist-tags, we have to release a new version. Updating dist-tags is not possible with Trusted Publishing.
v16.2.8
Release with no changes in an attempt to fix next@latest pointing at a prerelease version.
v16.2.7
[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.
Core Changes
Backport documentation fixes for v16.2 (#93804)
[backport] Patch playwright-core to resolve _finishedPromise on requestFailed (#93920)
[backport] Fix dev mode hydration failure when page is served from HTTP cache (#93492)
[backport] Fix catch-all router.query corruption with basePath + rewrites (#93917)
[backport] Encode non-ASCII characters in cache tags at construction (#93918)
[backport] Fix server action forwarding loop with middleware rewrites (#93919)
[backport] Turbopack: switch from base40 to base38 hash encoding (#93932)
[ci] Disable hanging node 24 typescript tests on 16.2 backport branch (#94164)
[backport] Fix "type: module" in project dir when using standalone or adapters (#94050)
[backport] Propagate adapter preferred regions (#94200)
[16.2.x] Don't drop FormData entries (#94240)
[backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolution (#94284)
Credits
Huge thanks to @eps1lon, @icyJoseph, @unstubbable, @mischnic, @bgw, @timneutkens, and @lukesandberg for helping!
v16.2.6
[!NOTE]
This release contains security fixes and backported bug fixes. It does not include all pending features/changes on canary.
Security Fixes
The following advisories have been addressed:
High:
GHSA-8h8q-6873-q5fj: Denial of Service with Server Components
GHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes
GHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up
GHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components
GHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection
GHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades
GHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n
Moderate:
GHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces
GHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input
GHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API
... (truncated)
Commits
f37fad9 v16.2.9
d9aaaed [cd] Allow tagging semver-lower releases as @latest if @latest po… (#94627)
6f16804 v16.2.8
0dbc1d5 [16.2.x][cd] Ensure release can be triggered on old branches (#94598)
90e3c81 [16.2.x] Align Actions dependencies with Canary (#94339)
83f402c [16.2.x][cd] Stop fetching all tags when searching parent tag (#94334)
411c455 v16.2.7
c63224f [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolut...
63115c7 [16.2.x] Don't drop FormData entries (#94240)
aef22fd [backport] Propagate adapter preferred regions (#94200)
Additional commits viewable in compare view
Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for next since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show
Open Graph Description: Bumps next from 16.1.6 to 16.2.9. Release notes Sourced from next's releases. v16.2.9 Empty release to ensure next@latest points at a stable release. Next.js only allows publishing with Trust...
X Description: Bumps next from 16.1.6 to 16.2.9. Release notes Sourced from next's releases. v16.2.9 Empty release to ensure next@latest points at a stable release. Next.js only allows publishing with T...
Opengraph URL: https://github.com/aicodingstack/aicodingstack.io/pull/135
X: @github
Domain: github.com
| route-pattern | /:user_id/:repository/pull/:id/files(.:format) |
| route-controller | pull_requests |
| route-action | files |
| fetch-nonce | v2:e3d4ff5b-7067-8495-7dc1-1b3070ea528b |
| current-catalog-service-hash | ae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b |
| request-id | D77A:3B8B53:10AD39F:18658F0:6A4E3375 |
| html-safe-nonce | 95deefcfa5152cea3add20f9000633e8881f0c2a80e57b4339c2d59c870b9f13 |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJENzdBOjNCOEI1MzoxMEFEMzlGOjE4NjU4RjA6NkE0RTMzNzUiLCJ2aXNpdG9yX2lkIjoiNzY2NTk4MzIzNzQ0OTk4NjkzMyIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9 |
| visitor-hmac | d889b9dbed7bf90ccb144231f75a3c6adc47ae6577c4bdf832e965b03c9ceb32 |
| hovercard-subject-tag | pull_request:3908099065 |
| github-keyboard-shortcuts | repository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | / |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/aicodingstack/aicodingstack.io/pull/135/files |
| twitter:image | https://avatars.githubusercontent.com/in/29110?s=400&v=4 |
| twitter:card | summary_large_image |
| og:image | https://avatars.githubusercontent.com/in/29110?s=400&v=4 |
| og:image:alt | Bumps next from 16.1.6 to 16.2.9. Release notes Sourced from next's releases. v16.2.9 Empty release to ensure next@latest points at a stable release. Next.js only allows publishing with Trust... |
| og:site_name | GitHub |
| og:type | object |
| hostname | github.com |
| expected-hostname | github.com |
| None | 030096ee0db095447bfe77409d33bfac127ca7128299c58deef27c52eaa1b1f0 |
| turbo-cache-control | no-preview |
| diff-view | unified |
| go-import | github.com/aicodingstack/aicodingstack.io git https://github.com/aicodingstack/aicodingstack.io.git |
| octolytics-dimension-user_id | 242950640 |
| octolytics-dimension-user_login | aicodingstack |
| octolytics-dimension-repository_id | 1097345677 |
| octolytics-dimension-repository_nwo | aicodingstack/aicodingstack.io |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | false |
| octolytics-dimension-repository_network_root_id | 1097345677 |
| octolytics-dimension-repository_network_root_nwo | aicodingstack/aicodingstack.io |
| turbo-body-classes | logged-out env-production page-responsive full-width |
| disable-turbo | true |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | 42a6d378d7587a44c93aca255096cd66b7c8eb2d |
| ui-target | canary-2 |
| theme-color | #1e2327 |
| color-scheme | light dark |
Links:
Viewport: width=device-width