[Snyk] Upgrade next from 14.2.6 to 14.2.13

[randomusert]

Snyk has created this PR to upgrade next from 14.2.6 to 14.2.13.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 7 versions ahead of your current version.
• The recommended version was released 21 days ago, on 2024-09-20.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Acceptance of Extraneous Untrusted Data With Trusted Data SNYK-JS-NEXT-8025427	721/1000 Why? Recently disclosed, Has a fix available, CVSS 8.7	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: next

• 14.2.13 - 2024-09-20
  

  Note

  This release is backporting bug fixes. It does not include all pending features/changes on canary.

  Core Changes

  • Fix missing cache-control on SSR app route (#70265)
  • feat: add polyfill of URL.canParse for browser compatibility (#70228)
  • Fix vercel og package memory leak (#70214)
  • Fix startTime error on Android 9 with Chrome 74 (#67391)

  Credits

  Huge thanks to @ raeyoung-kim, @ huozhi, @ devjiwonchoi, and @ ijjk for helping!

• 14.2.12 - 2024-09-17
  

  Note

  This release is backporting bug fixes. It does not include all pending features/changes on canary.

  Core Changes

  • update prefetching jsdoc & documentation (#68047)
  • Ensure we chunk revalidate tag requests (#70189)
  • (backport) fix(eslint): allow typescript-eslint v8 (#70090)
  • [ppr] Don't mark RSC requests as /_next/data requests (backport of #66249) (#70083)

  Credits

  Huge thanks to @ alvarlagerlof, @ wyattjoh, @ delbaoliveira, and @ ijjk for helping!

• 14.2.11 - 2024-09-12
• 14.2.10 - 2024-09-11
• 14.2.9 - 2024-09-09
• 14.2.8 - 2024-09-04
• 14.2.7 - 2024-08-27
• 14.2.6 - 2024-08-21

from next GitHub release notes

Commit messages

Package name: next

• f550237 v14.2.13
• b0ff3d0 Fix startTime error on Android 9 with Chrome 74 (#67391)
• 49566f5 Fix vercel og package memory leak (#70214)
• 62fbd7f feat: add polyfill of `URL.canParse` for browser compatibility (#70228)
• b503b8e Fix missing cache-control on SSR app route (#70265)
• 6d7ced4 v14.2.12
• 367c6e6 update prefetching jsdoc & documentation (#68047)
• 16ad368 Ensure we chunk revalidate tag requests (#70189)
• 77910c8 (backport) fix(eslint): allow typescript-eslint v8 (#70090)
• 0b907c7 [ppr] Don't mark RSC requests as /_next/data requests (backport of #66249) (#70083)
• bfbc92a v14.2.11
• fa51ff5 fix: correct metadata url suffix (#69959) (#70042)
• 276ddf3 fix: setting `assetPrefix` to URL format breaks HMR (#70040)
• 9954a21 Update revalidateTag to batch tags in one request (#65296)
• 937651f v14.2.10
• 7ed7f12 Remove invalid fallback revalidate value (#69990)
• 99de057 Revert server action optimization (#69925)
• 24647b9 Add ability to customize Cache-Control (#69802)
• 6fa8982 v14.2.9
• 7998745 test: lock ts type check (#69889)
• 4bd3849 create-next-app: fix font file corruption when using import alias (#69806)
• 3756801 test: check most possible combination of CNA flags
• 9a72ad6 unpin CNA tests from 14.2.3
• 747d365 Fix metadata prop merging (#69807)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
tinteeam	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Oct 11, 2024 5:20am