Skip to content

Update react and nextjs for security #721

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ieedan merged 2 commits into from
Dec 5, 2025
Merged

Update react and nextjs for security #721

ieedan merged 2 commits into from
Dec 5, 2025

Conversation

@ieedan
Copy link
Collaborator

@ieedan ieedan commented Dec 5, 2025

Update React and Next.js packages to address the critical security vulnerability CVE-2025-55182.

The next, react, and react-dom packages in examples/react/package.json and apps/docs/package.json have been updated to their latest versions (Next.js 16.0.7, React 19.2.1, React-DOM 19.2.1) and dependencies reinstalled with npm.

Open in Cursor Open in Web

@cursoragent @ieedan
Refactor: Update dependencies and lock files
af3c003 
Updates dependencies in apps/docs and examples/react. Regenerates lock files.

Co-authored-by: aidanbleser35 <[email protected]>
@cursor
Copy link

cursor bot commented Dec 5, 2025

Cursor Agent can help with this pull request. Just @cursor in comments and I'll start working on changes in this branch.
Learn more about Cursor Agents

@changeset-bot
Copy link

changeset-bot bot commented Dec 5, 2025
edited
Loading

⚠️ No Changeset found

Latest commit: f6db16a

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@vercel
Copy link

vercel bot commented Dec 5, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Comments Updated (UTC)
jsrepo.dev Ready Ready Preview Comment Dec 5, 2025 11:54am

@cursoragent @ieedan
Refactor: Remove unused lockfile and update dependencies
f6db16a 
This commit removes the outdated lockfile and updates various dependencies to their latest versions, ensuring better compatibility and security.

Co-authored-by: aidanbleser35 <[email protected]>
@pkg-pr-new
Copy link

pkg-pr-new bot commented Dec 5, 2025

Open in StackBlitz

jsrepo

pnpm add https://pkg.pr.new/jsrepojs/jsrepo@721

@jsrepo/mcp

pnpm add https://pkg.pr.new/jsrepojs/jsrepo/@jsrepo/mcp@721

@jsrepo/migrate

pnpm add https://pkg.pr.new/jsrepojs/jsrepo/@jsrepo/migrate@721

@jsrepo/transform-biome

pnpm add https://pkg.pr.new/jsrepojs/jsrepo/@jsrepo/transform-biome@721

@jsrepo/transform-javascript

pnpm add https://pkg.pr.new/jsrepojs/jsrepo/@jsrepo/transform-javascript@721

@jsrepo/transform-prettier

pnpm add https://pkg.pr.new/jsrepojs/jsrepo/@jsrepo/transform-prettier@721

commit: f6db16a

@ieedan ieedan marked this pull request as ready for review December 5, 2025 12:12
@ieedan ieedan merged commit d10eb77 into main Dec 5, 2025
7 checks passed
@ieedan ieedan deleted the cursor/update-react-and-nextjs-for-security-composer-1-685b branch December 5, 2025 12:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ieedan @cursoragent