UI5 / webcomponents-react / 20195115396
85%
main: 85%

LAST BUILD BRANCH: renovate/major-react-monorepo
DEFAULT BRANCH: main
Ran
Jobs 7
Files 231
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 84.91%. Remained the same
20195115396

push

github

web-flow 
chore(deps): update dependency next to v16.0.10 [security] (#8028)

This PR contains the following updates:

| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
| [next](https://nextjs.org)
([source](https://redirect.github.com/vercel/next.js)) | [`16.0.9` ->
`16.0.10`](https://renovatebot.com/diffs/npm/next/16.0.9/16.0.10) |
![age](https://developer.mend.io/api/mc/badges/age/npm/next/16.0.10?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/next/16.0.9/16.0.10?slim=true)
|

### GitHub Vulnerability Alerts

####
[GHSA-5j59-xgg2-r9c4](https://redirect.github.com/vercel/next.js/security/advisories/GHSA-5j59-xgg2-r9c4)

It was found that the fix
addressing [CVE-2025-55184](https://redirect.github.com/advisories/GHSA-2m3v-v2m8-q956) in
React Server Components was incomplete and did not fully prevent
denial-of-service attacks in all payload types. This affects React
package versions 19.0.2, 19.1.3, and 19.2.2 and frameworks that use the
affected packages, including Next.js 13.x, 14.x, 15.x and 16.x using the
App Router. The issue is tracked upstream as
[CVE-2025-67779](https://www.cve.org/CVERecord?id=CVE-2025-67779).

A malicious HTTP request can be crafted and sent to any Server Function
endpoint that, when deserialized, can enter an infinite loop within the
React Server Components runtime. This can cause the server process to
hang and consume CPU, resulting in denial of service in unpatched
environments.

---

### Release Notes

<details>
<summary>vercel/next.js (next)</summary>

###
[`v16.0.10`](https://redirect.github.com/vercel/next.js/compare/v16.0.9...v16.0.10)

[Compare
Source](https://redirect.github.com/vercel/next.js/compare/v16.0.9...v16.0.10)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no
schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasin... (continued)

3263 of 4169 branches covered (78.27%)

Branch coverage included in aggregate %.

5740 of 6434 relevant lines covered (89.21%)

118754.5 hits per line

Jobs
ID Job ID Ran Files Coverage
1 main/src/webComponents - 20195115396.1 157
8.43
 GitHub Action Run
2 main/src/components - 20195115396.2 157
85.95
 GitHub Action Run
3 cypress-commands - 20195115396.3 157
10.0
 GitHub Action Run
4 main/src/internal - 20195115396.4 157
10.15
 GitHub Action Run
5 charts - 20195115396.5 215
21.38
 GitHub Action Run
6 base - 20195115396.6 162
11.56
 GitHub Action Run
7 compat - 20195115396.7 168
13.32
 GitHub Action Run
Source Files on build 20195115396