security: pin patched next devDependency for nextjs-webpack-plugin by thomasrockhu-codecov · Pull Request #298 · codecov/codecov-javascript-bundler-plugins
Navigation Menu
- Notifications You must be signed in to change notification settings
- Fork 9
Conversation
Summary
Adds next as a devDependency (^14.2.25) for @codecov/nextjs-webpack-plugin so the workspace resolves a Next 14.x release that includes the middleware authorization bypass fix (GHSA-f82v-jwr5-mffw). Peer range remains 14.x || 15.x.
Test plan
- CI passes for this branch.
Made with Cursor
Pins dev resolution to next ^14.2.25 for the middleware authorization bypass fix (GHSA-f82v-jwr5-mffw) while keeping peer range 14.x || 15.x. Made-with: Cursor
Bundle Report
Changes will decrease total bundle size by 15.91kB (-0.2%) ⬇️. This is within the configured threshold ✅
Detailed changes
| Bundle name | Size | Change |
|---|---|---|
| @codecov/vite-plugin-esm | 6.39kB | 5.15kB (415.5%) ⬆️ |
| @codecov/remix-vite-plugin-esm | 957 bytes | -2.06kB (-68.26%) ⬇️ |
| @codecov/rollup-plugin-esm | 1.3kB | -5.11kB (-79.7%) ⬇️ |
| @codecov/nuxt-plugin-esm | 855 bytes | -2.36kB (-73.37%) ⬇️ |
| @codecov/sveltekit-plugin-esm | 3.03kB | 2.13kB (239.62%) ⬆️ |
| @codecov/webpack-plugin-esm | 3.45kB | -5.43kB (-61.16%) ⬇️ |
| @codecov/solidstart-plugin-esm | 949 bytes | -2.08kB (-68.72%) ⬇️ |
| @codecov/nextjs-webpack-plugin-esm | 1.11kB | -3.74kB (-77.06%) ⬇️ |
| @codecov/astro-plugin-esm | 862 bytes | -2.41kB (-73.62%) ⬇️ |
Affected Assets, Files, and Routes:
view changes for bundle: @codecov/bundle-analyzer-esm
Assets Changed:
| Asset Name | Size Change | Total Size | Change (%) |
|---|---|---|---|
index.d.mts (New) |
2.77kB | 2.77kB | 100.0% 🚀 |
cli.d.mts (New) |
342 bytes | 342 bytes | 100.0% 🚀 |
index.d.cts |
-2.77kB | 0 bytes | -100.0% 🗑️ |
cli.d.cts |
-342 bytes | 0 bytes | -100.0% 🗑️ |
view changes for bundle: @codecov/example-next-15-app-client-array-push
Assets Changed:
| Asset Name | Size Change | Total Size | Change (%) |
|---|---|---|---|
static/SOQHZdCnk9XtEbeGYox1t/_buildManifest.js (New) |
543 bytes | 543 bytes | 100.0% 🚀 |
static/SOQHZdCnk9XtEbeGYox1t/_ssgManifest.js (New) |
77 bytes | 77 bytes | 100.0% 🚀 |
static/90lMxIzeZ1s_Ls5nGwa7l/_buildManifest.js |
-543 bytes | 0 bytes | -100.0% 🗑️ |
static/90lMxIzeZ1s_Ls5nGwa7l/_ssgManifest.js |
-77 bytes | 0 bytes | -100.0% 🗑️ |
view changes for bundle: @codecov/astro-plugin-esm
Assets Changed:
| Asset Name | Size Change | Total Size | Change (%) |
|---|---|---|---|
index.d.mts (New) |
862 bytes | 862 bytes | 100.0% 🚀 |
index.mjs |
-3.27kB | 0 bytes | -100.0% 🗑️ |
view changes for bundle: @codecov/rollup-plugin-esm
Assets Changed:
| Asset Name | Size Change | Total Size | Change (%) |
|---|---|---|---|
index.d.ts (New) |
1.3kB | 1.3kB | 100.0% 🚀 |
index.mjs |
-6.41kB | 0 bytes | -100.0% 🗑️ |
view changes for bundle: @codecov/sveltekit-plugin-esm
Assets Changed:
| Asset Name | Size Change | Total Size | Change (%) |
|---|---|---|---|
index.mjs (New) |
3.03kB | 3.03kB | 100.0% 🚀 |
index.d.cts |
-891 bytes | 0 bytes | -100.0% 🗑️ |
view changes for bundle: @codecov/nuxt-plugin-esm
Assets Changed:
| Asset Name | Size Change | Total Size | Change (%) |
|---|---|---|---|
index.d.ts (New) |
855 bytes | 855 bytes | 100.0% 🚀 |
index.mjs |
-3.21kB | 0 bytes | -100.0% 🗑️ |
view changes for bundle: @codecov/remix-vite-plugin-esm
Assets Changed:
| Asset Name | Size Change | Total Size | Change (%) |
|---|---|---|---|
index.d.cts (New) |
957 bytes | 957 bytes | 100.0% 🚀 |
index.mjs |
-3.02kB | 0 bytes | -100.0% 🗑️ |
view changes for bundle: @codecov/example-next-app-client-array-push
Assets Changed:
| Asset Name | Size Change | Total Size | Change (%) |
|---|---|---|---|
static/i5Di7VAkNnnLaNES5OnaN/_buildManifest.js (New) |
224 bytes | 224 bytes | 100.0% 🚀 |
static/i5Di7VAkNnnLaNES5OnaN/_ssgManifest.js (New) |
77 bytes | 77 bytes | 100.0% 🚀 |
static/QTO9WiNxPtd6lUjBdMqpL/_buildManifest.js |
-224 bytes | 0 bytes | -100.0% 🗑️ |
static/QTO9WiNxPtd6lUjBdMqpL/_ssgManifest.js |
-77 bytes | 0 bytes | -100.0% 🗑️ |
view changes for bundle: @codecov/example-astro-5-app-server-esm
Assets Changed:
| Asset Name | Size Change | Total Size | Change (%) |
|---|---|---|---|
manifest_xmLqZNzd.mjs (New) |
3.37kB | 3.37kB | 100.0% 🚀 |
manifest_DSGL0gAn.mjs |
-3.37kB | 0 bytes | -100.0% 🗑️ |
view changes for bundle: @codecov/webpack-plugin-esm
Assets Changed:
| Asset Name | Size Change | Total Size | Change (%) |
|---|---|---|---|
index.d.ts (New) |
3.45kB | 3.45kB | 100.0% 🚀 |
index.mjs |
-8.89kB | 0 bytes | -100.0% 🗑️ |
view changes for bundle: @codecov/solidstart-plugin-esm
Assets Changed:
| Asset Name | Size Change | Total Size | Change (%) |
|---|---|---|---|
index.d.mts (New) |
949 bytes | 949 bytes | 100.0% 🚀 |
index.mjs |
-3.03kB | 0 bytes | -100.0% 🗑️ |
view changes for bundle: @codecov/nextjs-webpack-plugin-esm
Assets Changed:
| Asset Name | Size Change | Total Size | Change (%) |
|---|---|---|---|
index.d.ts (New) |
1.11kB | 1.11kB | 100.0% 🚀 |
index.mjs |
-4.86kB | 0 bytes | -100.0% 🗑️ |
view changes for bundle: @codecov/example-astro-app-server-esm
Assets Changed:
| Asset Name | Size Change | Total Size | Change (%) |
|---|---|---|---|
manifest_M_ZWIeZi.mjs (New) |
3.34kB | 3.34kB | 100.0% 🚀 |
manifest_DhlY6ZhK.mjs |
-3.34kB | 0 bytes | -100.0% 🗑️ |
view changes for bundle: @codecov/vite-plugin-esm
Assets Changed:
| Asset Name | Size Change | Total Size | Change (%) |
|---|---|---|---|
index.mjs (New) |
6.39kB | 6.39kB | 100.0% 🚀 |
index.d.cts |
-1.24kB | 0 bytes | -100.0% 🗑️ |
Made-with: Cursor # Conflicts: # pnpm-lock.yaml
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
1 participant