[Snyk] Security upgrade next from 15.3.0 to 16.1.5

[m1981]

Snyk has created this PR to fix 2 vulnerabilities in the pnpm dependencies of this project.

Snyk changed the following file(s):

• package.json

⚠️ Warning

Failed to update the pnpm-lock.yaml, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Allocation of Resources Without Limits or Throttling SNYK-JS-NEXT-15104645	696
	Allocation of Resources Without Limits or Throttling SNYK-JS-NEXT-15105315	696

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Allocation of Resources Without Limits or Throttling

---

Important

Upgrade next to 16.1.5 in package.json to fix high-severity vulnerabilities, with manual pnpm-lock.yaml update needed.

• Dependencies:
  • Upgrade next from 15.3.0 to 16.1.5 in package.json to fix vulnerabilities SNYK-JS-NEXT-15104645 and SNYK-JS-NEXT-15105315.
• Warnings:
  • pnpm-lock.yaml update failed; requires manual update before merging.
• Security:
  • Addresses high-severity vulnerabilities related to resource allocation without limits or throttling.

^{This description was created by for cc619e5. You can customize this summary. It will automatically update as commits are pushed.}

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
mychat	Error		Feb 2, 2026 0:02am

[ellipsis-dev]

Important

Looks good to me! 👍

Reviewed everything up to cc619e5 in 8 seconds. Click for details.

• Reviewed 13 lines of code in 1 files
• Skipped 0 files when reviewing.
• Skipped posting 0 draft comments. View those below.
• Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.

Workflow ID: wflow_Cdjc1RMyBF8LHnwU

^{You can customize by changing your verbosity settings, reacting with 👍 or 👎, replying to comments, or adding code review rules.}

[augmentcode]

🤖 Augment PR Summary

Summary: Upgrades next from ^15.3.0 to ^16.1.5 to address Snyk-reported vulnerabilities.


Changes: Updates the Next.js version range in package.json (lockfile update is still needed per the PR note).

_{🤖 Was this summary useful? React with 👍 or 👎}

[augmentcode]

Review completed. 2 suggestions posted.

Comment augment review to trigger a new review at any time.

[augmentcode]

Next.js 16 requires Node.js 20.9+ and the v16 upgrade guide also expects moving to React 19.2; with react/react-dom pinned to 18.2.0 (and @types/next at ^9.0.0), this single next bump is likely to cause install/build failures.

_{🤖 Was this useful? React with 👍 or 👎, or 🚀 if it prevented an incident/outage.}

[augmentcode]

The PR description notes pnpm-lock.yaml wasn’t updated; if your CI/build uses a frozen lockfile, this change is likely to fail dependency installation.

_{🤖 Was this useful? React with 👍 or 👎, or 🚀 if it prevented an incident/outage.}