This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade next from 12.0.7 to 12.1.6.
![merge advice](https://app.snyk.io/badges/merge-advice/?package_manager=npm&package_name=next&from_version=12.0.7&to_version=12.1.6&pr_id=0e2dca59-0fbf-4563-8f2c-8d1a4257f8b5&visibility=true&has_feature_flag=false)
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **120 versions** ahead of your current version.
- The recommended version was released **25 days ago**, on 2022-05-02.
The recommended version fixes:
Severity | Issue | PriorityScore (*) | Exploit Maturity |
:-------------------------:|:-------------------------|-------------------------|:-------------------------
| Information Exposure [SNYK-JS-NODEFETCH-2342118](https://snyk.io/vuln/SNYK-JS-NODEFETCH-2342118) | **539/1000** **Why?** Has a fix available, CVSS 6.5 | No Known Exploit
| User Interface (UI) Misrepresentation of Critical Information [SNYK-JS-NEXT-2405694](https://snyk.io/vuln/SNYK-JS-NEXT-2405694) | **539/1000** **Why?** Has a fix available, CVSS 6.5 | No Known Exploit
| Denial of Service (DoS) [SNYK-JS-NEXT-2388583](https://snyk.io/vuln/SNYK-JS-NEXT-2388583) | **539/1000** **Why?** Has a fix available, CVSS 6.5 | No Known Exploit
| Prototype Pollution [SNYK-JS-MINIMIST-2429795](https://snyk.io/vuln/SNYK-JS-MINIMIST-2429795) | **539/1000** **Why?** Has a fix available, CVSS 6.5 | No Known Exploit
(*) Note that the real score may have changed since the PR was raised.
Release notes Package name: next
cd7419e Hoist the desired ReactDOM import expression (#36552)
Compare
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.*
For more information:
🧐 [View latest project report](https://app.snyk.io/org/avanade/project/6057ad65-f47c-48b0-a103-f5c54b28be58?utm_source=github&utm_medium=referral&page=upgrade-pr)
🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/avanade/project/6057ad65-f47c-48b0-a103-f5c54b28be58/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr)
🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/avanade/project/6057ad65-f47c-48b0-a103-f5c54b28be58/settings/integration?pkg=next&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade next from 12.0.7 to 12.1.6.
![merge advice](https://app.snyk.io/badges/merge-advice/?package_manager=npm&package_name=next&from_version=12.0.7&to_version=12.1.6&pr_id=0e2dca59-0fbf-4563-8f2c-8d1a4257f8b5&visibility=true&has_feature_flag=false) :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.- The recommended version is **120 versions** ahead of your current version. - The recommended version was released **25 days ago**, on 2022-05-02. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- | Information Exposure
[SNYK-JS-NODEFETCH-2342118](https://snyk.io/vuln/SNYK-JS-NODEFETCH-2342118) | **539/1000**
**Why?** Has a fix available, CVSS 6.5 | No Known Exploit | User Interface (UI) Misrepresentation of Critical Information
[SNYK-JS-NEXT-2405694](https://snyk.io/vuln/SNYK-JS-NEXT-2405694) | **539/1000**
**Why?** Has a fix available, CVSS 6.5 | No Known Exploit | Denial of Service (DoS)
[SNYK-JS-NEXT-2388583](https://snyk.io/vuln/SNYK-JS-NEXT-2388583) | **539/1000**
**Why?** Has a fix available, CVSS 6.5 | No Known Exploit | Prototype Pollution
[SNYK-JS-MINIMIST-2429795](https://snyk.io/vuln/SNYK-JS-MINIMIST-2429795) | **539/1000**
**Why?** Has a fix available, CVSS 6.5 | No Known Exploit (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: next
Core Changes
Example Changes
Credits
Huge thanks to @ ijjk, @ nkzawa, and @ gusrb3164 for helping!
Core Changes
Content-Length
header from Image Optimization API: #36581Documentation Changes
Example Changes
Credits
Huge thanks to @ styfle, @ javivelasco, @ leerob, @ ro11ingbutler, @ huozhi, and @ ijjk for helping!
Core Changes
next/script
forworker
andbeforeInteractive
strategies: #36364Documentation Changes
Credits
Huge thanks to @ huozhi, @ refactorized, @ balazsorban44, and @ housseindjirdeh for helping!
Core Changes
Example Changes
Credits
Huge thanks to @ kdy1, @ nikolovlazar, @ shuding, and @ balazsorban44 for helping!
Core Changes
Documentation Changes
<link rel="preconnect" ... />
to example optimized font output: #36529Misc Changes
Credits
Huge thanks to @ atcastle, @ leerob, @ sa3dany, @ ijjk, @ Brooooooklyn, @ huozhi, and @ kdy1 for helping!
Core Changes
Misc Changes
Credits
Huge thanks to @ colinhacks and @ huozhi for helping!
Core Changes
Commit messages
Package name: next
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/avanade/project/6057ad65-f47c-48b0-a103-f5c54b28be58?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/avanade/project/6057ad65-f47c-48b0-a103-f5c54b28be58/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/avanade/project/6057ad65-f47c-48b0-a103-f5c54b28be58/settings/integration?pkg=next&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)