Closed renovate[bot] closed 4 days ago
Seems you are using me but didn't get OPENAI_API_KEY seted in Variables/Secrets for this repo. you could follow readme for more information
The latest updates on your projects. Learn more about Vercel for Git ↗︎
Name | Status | Preview | Comments | Updated (UTC) |
---|---|---|---|---|
solid-space | ❌ Failed (Inspect) | Oct 13, 2024 3:03am |
Seems you are using me but didn't get OPENAI_API_KEY seted in Variables/Secrets for this repo. you could follow readme for more information
Seems you are using me but didn't get OPENAI_API_KEY seted in Variables/Secrets for this repo. you could follow readme for more information
Seems you are using me but didn't get OPENAI_API_KEY seted in Variables/Secrets for this repo. you could follow readme for more information
Seems you are using me but didn't get OPENAI_API_KEY seted in Variables/Secrets for this repo. you could follow readme for more information
This PR contains the following updates:
14.2.4
->14.2.10
GitHub Vulnerability Alerts
CVE-2024-46982
Impact
By sending a crafted HTTP request, it is possible to poison the cache of a non-dynamic server-side rendered route in the pages router (this does not affect the app router). When this crafted request is sent it could coerce Next.js to cache a route that is meant to not be cached and send a
Cache-Control: s-maxage=1, stale-while-revalidate
header which some upstream CDNs may cache as well.To be potentially affected all of the following must apply:
pages/dashboard.tsx
notpages/blog/[slug].tsx
The below configurations are unaffected:
Patches
This vulnerability was resolved in Next.js v13.5.7, v14.2.10, and later. We recommend upgrading regardless of whether you can reproduce the issue or not.
Workarounds
There are no official or recommended workarounds for this issue, we recommend that users patch to a safe version.
Credits
Release Notes
vercel/next.js (next)
### [`v14.2.10`](https://redirect.github.com/vercel/next.js/compare/v14.2.9...v14.2.10) [Compare Source](https://redirect.github.com/vercel/next.js/compare/v14.2.9...v14.2.10) ### [`v14.2.9`](https://redirect.github.com/vercel/next.js/compare/v14.2.8...v14.2.9) [Compare Source](https://redirect.github.com/vercel/next.js/compare/v14.2.8...v14.2.9) ### [`v14.2.8`](https://redirect.github.com/vercel/next.js/compare/v14.2.7...v14.2.8) [Compare Source](https://redirect.github.com/vercel/next.js/compare/v14.2.7...v14.2.8) ### [`v14.2.7`](https://redirect.github.com/vercel/next.js/compare/v14.2.6...v14.2.7) [Compare Source](https://redirect.github.com/vercel/next.js/compare/v14.2.6...v14.2.7) ### [`v14.2.6`](https://redirect.github.com/vercel/next.js/compare/v14.2.5...v14.2.6) [Compare Source](https://redirect.github.com/vercel/next.js/compare/v14.2.5...v14.2.6) ### [`v14.2.5`](https://redirect.github.com/vercel/next.js/compare/v14.2.4...v14.2.5) [Compare Source](https://redirect.github.com/vercel/next.js/compare/v14.2.4...v14.2.5)Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.