Closed dependabot[bot] closed 9 months ago
@dependabot merge
On Fri, Oct 6, 2023 at 10:35 PM dependabot[bot] @.***> wrote:
This automated pull request fixes a security vulnerability https://github.com/Kevin-Kwan/portfolio-next/security/dependabot/1 (low severity).
Learn more about Dependabot security updates https://docs.github.com/github/managing-security-vulnerabilities/configuring-dependabot-security-updates.
Removes zod https://github.com/colinhacks/zod. It's no longer used after updating ancestor dependency next https://github.com/vercel/next.js. These dependencies need to be updated together.
Removes zod
Updates next from 13.4.19 to 13.5.4 Release notes
Sourced from next's releases https://github.com/vercel/next.js/releases.
v13.5.4 Core Changes
- chore: NextJS -> Next.js: #55961 https://redirect.github.com/vercel/next.js/issues/55961
- fix-failed-to-generate-self-signed-certificate issue:#55891 https://redirect.github.com/vercel/next.js/issues/55891: #55947 https://redirect.github.com/vercel/next.js/issues/55947
- Remove .test.js from dist: #55946 https://redirect.github.com/vercel/next.js/issues/55946
- Turbopack next/font/google: don't insert css rules for multiple weights or styles: #55852 https://redirect.github.com/vercel/next.js/issues/55852
- Fix stale revalidate stream handling: #55978 https://redirect.github.com/vercel/next.js/issues/55978
- turbopack: improve turbopack/test stability: #56024 https://redirect.github.com/vercel/next.js/issues/56024
- Mark testmode fetches internal: #56036 https://redirect.github.com/vercel/next.js/issues/56036
- chore: Remove 'beta.' Subdomain from beta.nextjs.org Links: #55924 https://redirect.github.com/vercel/next.js/issues/55924
- Remove experimental.sharedPool: #56021 https://redirect.github.com/vercel/next.js/issues/56021
- fix(worker): pass env to build worker w/ config.experimental.workerThreads: #55257 https://redirect.github.com/vercel/next.js/issues/55257
- Update swc_core to v0.83.26: #55780 https://redirect.github.com/vercel/next.js/issues/55780
- Revert "Update swc_core to v0.83.26": #56077 https://redirect.github.com/vercel/next.js/issues/56077
- fix reporting of illegal segments when directory only contains irrelevant files: #56076 https://redirect.github.com/vercel/next.js/issues/56076
- Make permanentRedirect return 308 in route handlers: #56065 https://redirect.github.com/vercel/next.js/issues/56065
- Remove unneeded next-dev js in next-core: #56039 https://redirect.github.com/vercel/next.js/issues/56039
- Fix: Use boolean instead of false for experimental logging config:
56110 https://redirect.github.com/vercel/next.js/issues/56110
- chore: remove chalk in favor of picocolors: #55992 https://redirect.github.com/vercel/next.js/issues/55992
- Revert: "Generate prefetch RSC payload during build for SSR paths (
54403 https://redirect.github.com/vercel/next.js/issues/54403)":
56059 https://redirect.github.com/vercel/next.js/issues/56059
- fetching logging on edge: #56108 https://redirect.github.com/vercel/next.js/issues/56108
- Optimize build trace handling: #56048 https://redirect.github.com/vercel/next.js/issues/56048
- Update font data: #56121 https://redirect.github.com/vercel/next.js/issues/56121
- feat(turbopack): port bloom filter to nexturbo: #55678 https://redirect.github.com/vercel/next.js/issues/55678
- Fixes performance problems due to TaskScopes: #55721 https://redirect.github.com/vercel/next.js/issues/55721
- perf: remove react dom legacy from app router: #56082 https://redirect.github.com/vercel/next.js/issues/56082
- perf: replace zod with superstruct: #56083 https://redirect.github.com/vercel/next.js/issues/56083
- perf: externalise ws for bundled server: #56095 https://redirect.github.com/vercel/next.js/issues/56095
- misc: refactor node utils: #56096 https://redirect.github.com/vercel/next.js/issues/56096
- Add support for skipTrailingSlashRedirect and skipMiddlewareUrlNormalize in Turbopack: #56147 https://redirect.github.com/vercel/next.js/issues/56147
- Add experimental.scrollRestoration for Turbopack: #56150 https://redirect.github.com/vercel/next.js/issues/56150
- misc: refactor handleExternals: #56161 https://redirect.github.com/vercel/next.js/issues/56161
- perf: add option to bundle pages externals: #56162 https://redirect.github.com/vercel/next.js/issues/56162
- Allow jest to run with use server directive: #56148 https://redirect.github.com/vercel/next.js/issues/56148
- Update experimental compile cache handling: #56139 https://redirect.github.com/vercel/next.js/issues/56139
- App render related code clean up: #56178 https://redirect.github.com/vercel/next.js/issues/56178
- Add support for i18n config in Turbopack: #56182 https://redirect.github.com/vercel/next.js/issues/56182
- Implement list of config options for Turbopack: #56188 https://redirect.github.com/vercel/next.js/issues/56188
- Turbopack: add support for an assetPrefix and basePath: #56058 https://redirect.github.com/vercel/next.js/issues/56058
- update turbopack: #56197 https://redirect.github.com/vercel/next.js/issues/56197
- Update supported options list to reflect #56188 https://redirect.github.com/vercel/next.js/issues/56188: #56200 https://redirect.github.com/vercel/next.js/issues/56200
- Add support for experimental.logging.level in Turbopack: #56201 https://redirect.github.com/vercel/next.js/issues/56201
- Add next.config.js options to turbopack warning file: #56207 https://redirect.github.com/vercel/next.js/issues/56207
- fix: @libsql/client build error: #56192 https://redirect.github.com/vercel/next.js/issues/56192
- chore: bump postcss: #56225 https://redirect.github.com/vercel/next.js/issues/56225
- Add additional handling for experimental-compile: #56224 https://redirect.github.com/vercel/next.js/issues/56224
- Drop ipc server headers filters: #56226 https://redirect.github.com/vercel/next.js/issues/56226
- only override NODE_EXTRA_CA_CERTS when using experimental https flag: #56252 https://redirect.github.com/vercel/next.js/issues/56252
- Pass same mangling option as terser to SWC minifier: #56281 https://redirect.github.com/vercel/next.js/issues/56281
... (truncated) Commits
- 1e8dca4 https://github.com/vercel/next.js/commit/1e8dca4a87113f9d6ce0505c90f9a3d89096cefd v13.5.4
- 9e24d6f https://github.com/vercel/next.js/commit/9e24d6ff3b5c9193d64b448cc3fa8cd3b8bfd597 v13.5.4-canary.11
- 281ae41 https://github.com/vercel/next.js/commit/281ae41896cca9335921536de80ab435a0736607 Fix build output logging order (#56335 https://redirect.github.com/vercel/next.js/issues/56335)
- d7626ff https://github.com/vercel/next.js/commit/d7626ffb7996463daf95f554ed30e67893741cf7 Revert "misc: shortcut styled-jsx in external resolution (#56291 https://redirect.github.com/vercel/next.js/issues/56291)" (#56334 https://redirect.github.com/vercel/next.js/issues/56334)
- db48052 https://github.com/vercel/next.js/commit/db48052a5e1beedb3ff142e95e0ea7b5ca8dd923 v13.5.4-canary.10
- 7df92b8 https://github.com/vercel/next.js/commit/7df92b868a1105b602d7b9fc74a78cd8ac902885 test: add flaky turbopack integration tests to manifest (#56309 https://redirect.github.com/vercel/next.js/issues/56309)
- eeb9b33 https://github.com/vercel/next.js/commit/eeb9b3325d6c21107463532b9ae99f48b0cd524f fix: Invalid URL (404) provided on server actions error (#56323 https://redirect.github.com/vercel/next.js/issues/56323)
- 3172cfe https://github.com/vercel/next.js/commit/3172cfedc8b759fec89fda373c86b86931fc02f1 fix: support both decoded and encoded url requests of conventioned files (
56 https://redirect.github.com/vercel/next.js/issues/56...
- a2f9ef5 https://github.com/vercel/next.js/commit/a2f9ef5a34418d562581f54353ed51491a019484 fix(next/client): keep hash when navigating from app to pages router (
56223 https://redirect.github.com/vercel/next.js/issues/56223)
- a970f28 https://github.com/vercel/next.js/commit/a970f284398d4125c04908d42704b2ab98b9d98b Add code freeze GitHub actions for releasing (#56325 https://redirect.github.com/vercel/next.js/issues/56325)
- Additional commits viewable in compare view https://github.com/vercel/next.js/compare/v13.4.19...v13.5.4
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot show
ignore conditions will show all of the ignore conditions of the specified dependency - @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page https://github.com/Kevin-Kwan/portfolio-next/network/alerts.
You can view, comment on, or merge this pull request online at:
https://github.com/Kevin-Kwan/portfolio-next/pull/2 Commit Summary
- db498c4 https://github.com/Kevin-Kwan/portfolio-next/pull/2/commits/db498c47fc35407837ce28b02a497e736fa235e8 Bump zod and next
File Changes
(2 files https://github.com/Kevin-Kwan/portfolio-next/pull/2/files)
- M package-lock.json https://github.com/Kevin-Kwan/portfolio-next/pull/2/files#diff-053150b640a7ce75eff69d1a22cae7f0f94ad64ce9a855db544dda0929316519 (252)
- M package.json https://github.com/Kevin-Kwan/portfolio-next/pull/2/files#diff-7ae45ad102eab3b6d7e7896acd08c427a9b25b346470d7bc6507b6481575d519 (2)
Patch Links:
- https://github.com/Kevin-Kwan/portfolio-next/pull/2.patch
- https://github.com/Kevin-Kwan/portfolio-next/pull/2.diff
— Reply to this email directly, view it on GitHub https://github.com/Kevin-Kwan/portfolio-next/pull/2, or unsubscribe https://github.com/notifications/unsubscribe-auth/AML6B23PUOJNH3QDXCD55ATX6C5WBAVCNFSM6AAAAAA5WSZCTCVHI2DSMVQWIX3LMV43ASLTON2WKOZRHEZTCMJUGIZDCMY . You are receiving this because you are subscribed to this thread.Message ID: @.***>
Removes zod. It's no longer used after updating ancestor dependency next. These dependencies need to be updated together.
Removes
zod
Updates
next
from 13.4.19 to 13.5.4Release notes
Sourced from next's releases.
... (truncated)
Commits
1e8dca4
v13.5.49e24d6f
v13.5.4-canary.11281ae41
Fix build output logging order (#56335)d7626ff
Revert "misc: shortcut styled-jsx in external resolution (#56291)" (#56334)db48052
v13.5.4-canary.107df92b8
test: add flaky turbopack integration tests to manifest (#56309)eeb9b33
fix: Invalid URL (404) provided on server actions error (#56323)3172cfe
fix: support both decoded and encoded url requests of conventioned files (#56...a2f9ef5
fix(next/client): keep hash when navigating from app to pages router (#56223)a970f28
Add code freeze GitHub actions for releasing (#56325)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show