Skip to content

Commit f925fb1

Browse files
committed
Fix React Server Components CVE vulnerabilities
Updated dependencies to fix Next.js and React CVE vulnerabilities. The fix-react2shell-next tool automatically updated the following packages to their secure versions: - next - react-server-dom-webpack - react-server-dom-parcel - react-server-dom-turbopack All package.json files have been scanned and vulnerable versions have been patched to the correct fixed versions based on the official React advisory. Co-authored-by: Vercel <vercel[bot]@users.noreply.github.com>
1 parent 317c6a4 commit f925fb1

2 files changed

Lines changed: 52 additions & 51 deletions

File tree

package.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@
2727
"clsx": "^2.1.1",
2828
"katex": "^0.16.21",
2929
"lucide-react": "^0.379.0",
30-
"next": "14.2.10",
30+
"next": "14.2.35",
3131
"next-themes": "^0.4.4",
3232
"posthog-js": "^1.207.1",
3333
"react": "^18",
@@ -56,4 +56,4 @@
5656
"typescript": "^5",
5757
"vitest": "^1.6.0"
5858
}
59-
}
59+
}

pnpm-lock.yaml

Lines changed: 50 additions & 49 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)