Skip to content

Bump @nx/next from 19.5.7 to 22.0.1 #4925

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
dependabot wants to merge 1 commit into from

Bump @nx/next from 19.5.7 to 22.0.1

e48ab57
Select commit
Loading
Failed to load commit list.
Closed

Bump @nx/next from 19.5.7 to 22.0.1 #4925

Bump @nx/next from 19.5.7 to 22.0.1
e48ab57
Select commit
Loading
Failed to load commit list.
Codacy Production / Codacy Static Code Analysis required action Nov 17, 2025 in 0s

35 new security issues (0 max.).

Annotations

Check warning on line 23585 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L23585 

Insecure dependency npm/minimatch@3.0.4 (CVE-2022-3517: nodejs-minimatch: ReDoS via the braceExpand function) (update to 3.0.5)

Check warning on line 23777 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L23777 

Insecure dependency npm/semver@7.3.4 (CVE-2022-25883: nodejs-semver: Regular expression denial of service) (update to 7.5.2)

Check notice on line 29888 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L29888 

Insecure dependency npm/brace-expansion@2.0.1 (CVE-2025-5889: brace-expansion: juliangruber brace-expansion index.js expand redos) (update to 2.0.2)

Check failure on line 30891 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L30891 

Insecure dependency npm/cipher-base@1.0.4 (CVE-2025-9287: cipher-base: Cipher-base hash manipulation) (update to 1.0.5)

Check failure on line 33877 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L33877 

Insecure dependency npm/elliptic@6.6.0 (GHSA-vjh7-7g9h-fjfh: Elliptic's private key extraction in ECDSA upon signing a malformed input (e.g. a string)) (update to 6.6.1)

Check warning on line 34427 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L34427 

Insecure dependency npm/esbuild@0.21.5 (GHSA-67mh-4wv8-2f99: esbuild enables any website to send any requests to the development server and read the response) (update to 0.25.0)

Check notice on line 44758 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L44758 

Insecure dependency npm/tmp@0.0.33 (CVE-2025-54798: tmp: tmp Symbolic Link Write Vulnerability) (update to 0.2.4)

Check notice on line 44963 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L44963 

Insecure dependency npm/fast-redact@3.5.0 (CVE-2025-57319: fast-redact: fast-redact prototype pollution) (no fix available)

Check notice on line 49838 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L49838 

Insecure dependency npm/ip@1.1.5 (CVE-2023-42282: nodejs-ip: arbitrary code execution via the isPublic() function) (update to 1.1.9)

Check warning on line 49838 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L49838 

Insecure dependency npm/ip@1.1.5 (CVE-2024-29415: node-ip: Incomplete fix for CVE-2023-42282) (no fix available)

Check failure on line 53625 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L53625 

Insecure dependency npm/koa@2.11.0 (CVE-2025-25200: Inefficient Regular Expression Complexity in koa) (update to 2.15.4)

Check warning on line 53625 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L53625 

Insecure dependency npm/koa@2.11.0 (CVE-2025-32379: koa: XSS at ctx.redirect() function in Koajs) (update to 2.16.1)

Check notice on line 53625 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L53625 

Insecure dependency npm/koa@2.11.0 (CVE-2025-8129: koa: KoaJS Koa HTTP Header response.js back redirect) (update to 2.16.2)

Check warning on line 58001 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L58001 

Insecure dependency npm/image-size@1.1.1 (GHSA-m5qc-5hw7-8vg7: image-size Denial of Service via Infinite Loop during Image Processing) (update to 1.2.1)

Check notice on line 58769 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L58769 

Insecure dependency npm/min-document@2.19.0 (CVE-2025-57352: min-document: min-document prototype pollution) (update to 2.19.1)

Check failure on line 59295 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L59295 

Insecure dependency npm/mockery@2.1.0 (CVE-2022-37614: mockery is vulnerable to prototype pollution) (no fix available)

Check warning on line 59346 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L59346 

Insecure dependency npm/moment@2.29.1 (CVE-2022-31129: moment: inefficient parsing algorithm resulting in DoS) (update to 2.29.4)

Check warning on line 59759 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L59759 

Insecure dependency npm/next@15.4.6 (CVE-2025-57822: Next.js Improper Middleware Redirect Handling Leads to SSRF) (update to 15.4.7)

Check notice on line 64437 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L64437 

Insecure dependency npm/on-headers@1.0.2 (CVE-2025-7339: on-headers: on-headers vulnerable to http response header manipulation) (update to 1.1.0)

Check warning on line 65068 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L65068 

Insecure dependency npm/minimist@0.0.10 (CVE-2020-7598: nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload) (update to 0.2.1)

Check failure on line 65480 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L65480 

Insecure dependency npm/pbkdf2@3.1.2 (CVE-2025-6545: pbkdf2: pbkdf2 silently returns predictable key material) (update to 3.1.3)

Check failure on line 65480 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L65480 

Insecure dependency npm/pbkdf2@3.1.2 (CVE-2025-6547: pbkdf2: pbkdf2 silently returns static keys) (update to 3.1.3)

Check warning on line 72546 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L72546 

Insecure dependency npm/ssh2@0.8.9 (CVE-2020-26301: nodejs-ssh2: Command injection by calling vulnerable method with untrusted input) (update to 1.4.0)

Check notice on line 77379 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L77379 

Insecure dependency npm/utile@0.3.0 (NSWG-ECO-445: Out-of-bounds Read) (no fix available)

Check warning on line 78473 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L78473 

Insecure dependency npm/vue-template-compiler@2.6.12 (CVE-2024-6783: vue-template-compiler vulnerable to client-side Cross-Site Scripting (XSS)) (update to 3.0.0)
View more details on Codacy Production