UI5 / webcomponents-react

85%

main: 85%

LAST BUILD ON BRANCH gh-readonly-queue/main/pr-8021-edede788a6d90f40d107ef1513067c6b06495957

branch: gh-readonly-queue/main/pr-8021-edede788a6d90f40d107ef1513067c6b06495957

CHANGE BRANCH

x

Reset

Sync Branches

• gh-readonly-queue/main/pr-8021-edede788a6d90f40d107ef1513067c6b06495957
• MarcusNotheis-patch-1
• chore/deps-cypress
• chore/gh-action-build
• chore/glob-cve
• chore/js-yaml
• chore/serialize-javascript
• chore/vite
• ci/npm-trusted-publishers
• dependabot/npm_and_yarn/examples/nextjs-app/js-yaml-4.1.1
• dependabot/npm_and_yarn/examples/nextjs-app/multi-c22e25d29b
• dependabot/npm_and_yarn/examples/nextjs-app/next-16.0.10
• dependabot/npm_and_yarn/examples/nextjs-app/next-16.0.9
• dependabot/npm_and_yarn/examples/nextjs-pages/next-16.0.9
• dependabot/npm_and_yarn/examples/react-router-ts/express-4.22.1
• dependabot/npm_and_yarn/examples/react-router-ts/glob-10.5.0
• dependabot/npm_and_yarn/examples/react-router-ts/js-yaml-4.1.1
• dependabot/npm_and_yarn/examples/vite-ts/js-yaml-4.1.1
• dependabot/npm_and_yarn/examples/vite-ts/vite-7.1.11
• dependabot/npm_and_yarn/express-4.22.1
• dependabot/npm_and_yarn/glob-11.1.0
• dependabot/npm_and_yarn/templates/nextjs-app/js-yaml-4.1.1
• dependabot/npm_and_yarn/templates/nextjs-app/next-16.0.10
• dependabot/npm_and_yarn/templates/nextjs-app/next-16.0.7
• dependabot/npm_and_yarn/templates/nextjs-pages/next-16.0.9
• dependabot/npm_and_yarn/vite-7.1.11
• docs/ai-ta-stream-story
• docs/at-min-rows-min-val
• docs/dialog-f6
• docs/op-navigation-actions
• docs/post-migration-adjustments
• docs/templates-examples-imports
• docs/url-update
• docs/welcome-remove-outdated
• feat/at-custom-cell-truncation
• feat/at-no-data-component
• feat/code-mod-export-paths
• feat/os-list-active-support
• feat/ui5wc-v2.15.0
• feat/ui5wc-v2.16.0
• feat/wrapper-script-docs
• fix/at-active-style
• fix/at-bottom-border-styles
• fix/at-empty-row
• fix/at-general-a11y
• fix/at-group-expand-a11y
• fix/at-os-delta
• fix/at-pinned-header-height
• fix/at-row-cell-types
• fix/at-scale-width-smart-grow
• fix/at-scroll-sync
• fix/at-scrollbar-styles
• fix/at-types
• fix/at-types2
• fix/at-usef2-icon
• fix/codemod-export-paths-reexports
• fix/op-a11y-attrs-type
• fix/op-section-spacing
• fix/op-stacking-context
• fix/op-tab-selection-border
• fix/op-tabbar-alignment
• fix/op-tabbar-border
• fix/opt-toolbar-alignment
• fix/os-inverted-focus
• fix/react18-ref-type
• fix/scrollbar-browser-specifics
• gh-readonly-queue/main/pr-7926-283cce70f1ff72a7ce6819d05d7330137f4b6d5a
• gh-readonly-queue/main/pr-7927-66d91dbc7c1a1d69ac87898b23bdb601c11fcf68
• gh-readonly-queue/main/pr-7930-66ea48bc4241750d627bd38cdc2162ed466e0385
• gh-readonly-queue/main/pr-7931-4d8bfb377a13c2f455adaa29fcb781a69d8007aa
• gh-readonly-queue/main/pr-7933-e183240a5c5721c2177847c6507c8134ee08e554
• gh-readonly-queue/main/pr-7935-8511f5a552effdbd80345f462a2786581a35701d
• gh-readonly-queue/main/pr-7935-e60ad34af10b8adcf895310c6019e9335b376859
• gh-readonly-queue/main/pr-7936-e60ad34af10b8adcf895310c6019e9335b376859
• gh-readonly-queue/main/pr-7937-6dc1b12d88db88c8540b3c883ac8c1525326cb21
• gh-readonly-queue/main/pr-7938-742b4faeac55d66dc5710c70555dded10a1504c6
• gh-readonly-queue/main/pr-7939-a2525a7f660ffdd692653f1327ceffa22a47f60e
• gh-readonly-queue/main/pr-7940-71e9c38076bf3aa467b7935928b144c1d5a8b5bd
• gh-readonly-queue/main/pr-7941-b4a1e8037e7b682d1cec66116677e907d5b67e49
• gh-readonly-queue/main/pr-7942-398c6491af5d9de6fabb30f3ff85f729b015e1e2
• gh-readonly-queue/main/pr-7943-bfb916db2350f12332d8e8d9136910d4d21de35e
• gh-readonly-queue/main/pr-7944-4bc4f61bd9c4c4f01fb4fa2e3c2673dba34693ab
• gh-readonly-queue/main/pr-7946-b722ccfc31a992795f7c971d24765fa18eef971d
• gh-readonly-queue/main/pr-7946-bfbee040aeb88a6dc4298059fb74bf95d89591c9
• gh-readonly-queue/main/pr-7946-ebf8ca899a8ba9f2a5f50c714e56edd748686a1b
• gh-readonly-queue/main/pr-7947-59d78f1434ca9622f5abe4b53830fd1671bb137f
• gh-readonly-queue/main/pr-7947-b722ccfc31a992795f7c971d24765fa18eef971d
• gh-readonly-queue/main/pr-7948-15d6d82877cb25185052c73a015ca0cf7d3cea29
• gh-readonly-queue/main/pr-7950-b722ccfc31a992795f7c971d24765fa18eef971d
• gh-readonly-queue/main/pr-7950-bdf765abfd6260fcaa88bf32127e5d86148e15df
• gh-readonly-queue/main/pr-7950-e775f5285b979afe7845e7f7869e573a837347bb
• gh-readonly-queue/main/pr-7951-1b2b05046fe8d5c036439722023db7c3f051a7c8
• gh-readonly-queue/main/pr-7953-c338dc1fdfc32e7e5958e10765ca421768f1861f
• gh-readonly-queue/main/pr-7954-d44c079a82ec0e3fadc968345a5926ff8f3ed4b0
• gh-readonly-queue/main/pr-7955-c18fd0d0419e29f2540d603b84dca320cfaad4bd
• gh-readonly-queue/main/pr-7956-8090be3a1c38761b2ee687ca632b6eca2d6ac7aa
• gh-readonly-queue/main/pr-7957-5fac9c8b90e49fbf4e7d8f5760efbd57609af36c
• gh-readonly-queue/main/pr-7958-3bbecc809f9d84abd1a5cfc490bd03c4ce706a11
• gh-readonly-queue/main/pr-7959-8f388ce0eea1cbb66bf474c8c80bf98b45e050c1
• gh-readonly-queue/main/pr-7962-2ad49938f2d00f690b736caa9bd9e4304f4fa8ea
• gh-readonly-queue/main/pr-7963-9e97c72c10bb1efe4b9a3408934531507424e962
• gh-readonly-queue/main/pr-7965-f71f4b1ee5ee669fcba62af119e12dfaf6392367
• gh-readonly-queue/main/pr-7966-2b673c1d87a9182e87e034d7e6fb236acaa73a04
• gh-readonly-queue/main/pr-7967-05eb6e5cbc504e9e18abea954fd37fdda752cfc5
• gh-readonly-queue/main/pr-7968-f2c8252301af84851900bc33d1b349fbb65c1dcd
• gh-readonly-queue/main/pr-7969-91561ca7fe0ba23a36fde490cda4aa8bd8f02833
• gh-readonly-queue/main/pr-7970-0badbcb30341dc0d2eb246b4568e29eb6cba7cdc
• gh-readonly-queue/main/pr-7971-31a2de72ec47c985c4f11cfc8b59dddb19d167db
• gh-readonly-queue/main/pr-7973-116873cd918204b656554c66e71f3e161d553a83
• gh-readonly-queue/main/pr-7974-2b218f942ff885afae3a8b7e901b86cc3bc841d6
• gh-readonly-queue/main/pr-7975-79eccd90d441f6f7b9c984389294fb33042f3548
• gh-readonly-queue/main/pr-7975-8c280d9b8eb016b03dd80314e779a39939bbb53a
• gh-readonly-queue/main/pr-7977-8054eafed90b5cd2b201985ea91a63d889d5ba6f
• gh-readonly-queue/main/pr-7978-99bb975bcbc298d08a1f6958fe3cdfe44b20fedc
• gh-readonly-queue/main/pr-7979-0c058c121b78ba2ca9fad7e403e18fb95bc90b95
• gh-readonly-queue/main/pr-7983-1673eb6303bdfc69d7e1c3d20ce634445f910f2f
• gh-readonly-queue/main/pr-7984-79eccd90d441f6f7b9c984389294fb33042f3548
• gh-readonly-queue/main/pr-7985-117425d45158dbd8c9e1850825e068f49a26a3bc
• gh-readonly-queue/main/pr-7986-be253617b986f7f33ed3c0c2f4c5d1f978830e2d
• gh-readonly-queue/main/pr-7987-fe80c2e9888c7e0a736328b3b7a6f21cd0f52f3f
• gh-readonly-queue/main/pr-7990-db804ee1bd0b72a5b28c56d168150771df563ace
• gh-readonly-queue/main/pr-7991-2de9b7135fcf384a9fbc59fa3a2d000b0713d45d
• gh-readonly-queue/main/pr-7992-e6b8b76ee61fe2eb83eac5ea581a11a2b385c287
• gh-readonly-queue/main/pr-7993-1033b3e66334fb872130190f1790d7ea004a3c77
• gh-readonly-queue/main/pr-7994-683a08d6ddca193f99e43959d58cbab585dadfb0
• gh-readonly-queue/main/pr-7995-64c3c4ca3c24693d1b7f07cd3c0ad4026a4c07a9
• gh-readonly-queue/main/pr-7996-c2a440607e6a6410f19dec8ae3456cd29a071c77
• gh-readonly-queue/main/pr-7997-679633a9fc5301ec358b3a26de411b4dd8750517
• gh-readonly-queue/main/pr-7998-8976d39f0eb6dc252135a05544b3d03f65c11449
• gh-readonly-queue/main/pr-8000-9c0b4f0197957cd50454fd80e8d50bcd4cfc5d89
• gh-readonly-queue/main/pr-8006-85d82a07137b965046c32f4a360528e7da5c180b
• gh-readonly-queue/main/pr-8007-4e40f3df1d7f487bc9c84f234a98c7445891fa54
• gh-readonly-queue/main/pr-8009-3161f01c1fd7c007af083289caa233cb09186d7e
• gh-readonly-queue/main/pr-8010-2529bd4074b1b9f5300930befd2bfbb99b3b3753
• gh-readonly-queue/main/pr-8014-29503fcb6a11d68f81e42e84ae673497e5c58c01
• gh-readonly-queue/main/pr-8014-ffbcc6d83cc667741c86197d86ecd38fd7ec6792
• gh-readonly-queue/main/pr-8016-a33b9ce3be71942758c360196ac9d8a4b7a6ce85
• gh-readonly-queue/main/pr-8016-ffbcc6d83cc667741c86197d86ecd38fd7ec6792
• gh-readonly-queue/main/pr-8017-cfb262501916c676aae51d534af2b5cbd4c34b85
• gh-readonly-queue/main/pr-8018-7b94853833dba3b88209728903c7094ee42a198f
• gh-readonly-queue/main/pr-8029-2ce54243caab0ec285bcf50250fa622ae18d898b
• main
• refactor/export-map-internal-types
• refactor/modals-remove-workaround
• refactor/subcomp-structure-unify
• renovate/actions-checkout-5.0.x
• renovate/actions-checkout-6.0.x
• renovate/actions-checkout-6.x
• renovate/actions-setup-node-6.x
• renovate/actions-stale-10.1.x
• renovate/actions-stale-10.x
• renovate/chromaui-action-13.1.x
• renovate/chromaui-action-13.2.x
• renovate/chromaui-action-13.3.x
• renovate/chromaui-action-13.x
• renovate/cypress-io-github-action-6.10.x
• renovate/eslint-compat-2.x
• renovate/examples-all-minor-patch
• renovate/examples-ui5-webcomponents-react
• renovate/execa-9.6.x
• renovate/fsfe-reuse-action-6.x
• renovate/github-codeql-action-3.30.x
• renovate/github-codeql-action-4.30.x
• renovate/github-codeql-action-4.31.x
• renovate/github-codeql-action-4.x
• renovate/glob-12.x
• renovate/glob-13.x
• renovate/jamesives-github-pages-deploy-action-4.7.x
• renovate/major-github-artifact-actions
• renovate/major-lerna-monorepo
• renovate/major-nextjs-monorepo
• renovate/major-react-monorepo
• renovate/major-semantic-release-monorepo
• renovate/major-storybook-monorepo
• renovate/node-22.21.x
• renovate/node-22.x
• renovate/node-24.11.x
• renovate/node-24.x
• renovate/npm-glob-vulnerability
• renovate/npm-next-vulnerability
• renovate/npm-vite-vulnerability
• renovate/patch-examples-all-minor-patch
• renovate/patch-examples-ui5-webcomponents-react
• renovate/patch-package-8.0.x
• renovate/patch-react-monorepo
• renovate/patch-rimraf
• renovate/patch-root-all-minor-patch
• renovate/patch-root-ui5-webcomponents
• renovate/patch-storybook-monorepo
• renovate/patch-tanstack-virtual-monorepo
• renovate/patch-typescript
• renovate/react-monorepo
• renovate/recharts-3.x
• renovate/rimraf
• renovate/root-all-minor-patch
• renovate/root-ui5-webcomponents
• renovate/sap-project-piper-action-1.22.x
• renovate/sap-project-piper-action-1.23.x
• renovate/sap-project-piper-action-1.25.x
• renovate/sap-project-piper-action-1.x
• renovate/typescript
• renovate/ui5-web-components
• test/op-auto-resize
• test/op-ci
• webcomponents-2.17

Build # 20159981546

Build Type

push

github

Committed by web-flow

Commit Message

chore(deps): update dependency next to v16.0.9 [security] (#8021)

This PR contains the following updates:

| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
| [next](https://nextjs.org)
([source](https://redirect.github.com/vercel/next.js)) | [`16.0.7` ->
`16.0.9`](https://renovatebot.com/diffs/npm/next/16.0.7/16.0.9) |
![age](https://developer.mend.io/api/mc/badges/age/npm/next/16.0.9?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/next/16.0.7/16.0.9?slim=true)
|

### GitHub Vulnerability Alerts

####
[GHSA-mwv6-3258-q52c](https://redirect.github.com/vercel/next.js/security/advisories/GHSA-mwv6-3258-q52c)

A vulnerability affects certain React packages for versions 19.0.0,
19.0.1, 19.1.0, 19.1.1, 19.1.2, 19.2.0, and 19.2.1 and frameworks that
use the affected packages, including Next.js 15.x and 16.x using the App
Router. The issue is tracked upstream as
[CVE-2025-55184](https://www.cve.org/CVERecord?id=CVE-2025-55184).

A malicious HTTP request can be crafted and sent to any App Router
endpoint that, when deserialized, can cause the server process to hang
and consume CPU. This can result in denial of service in unpatched
environments.

####
[GHSA-w37m-7fhw-fmv9](https://redirect.github.com/vercel/next.js/security/advisories/GHSA-w37m-7fhw-fmv9)

A vulnerability affects certain React packages for versions 19.0.0,
19.0.1, 19.1.0, 19.1.1, 19.1.2, 19.2.0, and 19.2.1 and frameworks that
use the affected packages, including Next.js 15.x and 16.x using the App
Router. The issue is tracked upstream as
[CVE-2025-55183](https://www.cve.org/CVERecord?id=CVE-2025-55183).

A malicious HTTP request can be crafted and sent to any App Router
endpoint that can return the compiled source code of [Server
Functions](https://react.dev/reference/rsc/server-functions). This could
reveal business logic, but would not expose secrets ... (continued)

Run Details

3264 of 4169 branches covered (78.29%)

Branch coverage included in aggregate %.

5741 of 6434 relevant lines covered (89.23%)

118867.03 hits per line