Upgrade to patch security vulnerability

[ctate]

This repository is listed on Vercel Templates.

This PR upgrades dependencies to patch a security vulnerability.

Action required

Please review the changes and run a quick test. If everything looks correct, you can merge this PR.
If you prefer to upgrade manually, feel free to close this and apply your own fix.

Thank you.

[vercel]

@ctate is attempting to deploy a commit to the cbexample Team on Vercel.

A member of the Team first needs to authorize it.

[gemini-code-assist]

Summary of Changes

Hello @ctate, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request focuses on enhancing the project's security posture by performing a significant upgrade of the Next.js framework and its underlying dependencies. The primary goal is to patch a known security vulnerability, ensuring the application remains robust and protected against potential threats. This update also aligns the project with more recent versions of its core technologies, which may bring performance improvements and access to new features.

Highlights

• Next.js Upgrade: The core Next.js framework has been upgraded from version 13.4.10 to 14.2.34 to address a security vulnerability.
• Dependency Updates: Several associated dependencies, including @next/swc-* packages, @swc/helpers, caniuse-lite, and graceful-fs, have been updated to their latest secure versions.
• Node.js Engine Requirement: The minimum required Node.js version for the project has been updated from >=16.8.0 to >=18.17.0.
• Dependency Refactoring: Some dependencies like glob-to-regexp, watchpack, and zod have been removed from the package-lock.json as direct dependencies, indicating a potential internal refactoring or removal within the new Next.js version.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request upgrades next to version 14 to patch a security vulnerability. This is a major version upgrade, so thorough testing is recommended. I've left a critical comment in package.json with required follow-up changes to devDependencies and Node.js version requirements. Please also review the Next.js 14 Upgrade Guide for breaking changes and check if the next/image workaround in pages/index.js is still needed.

[gemini-code-assist]

With the upgrade to Next.js v14, two other changes are critical for compatibility:

1. Update eslint-config-next: Your devDependencies should be updated to match the new Next.js version to avoid linting issues.

   - "eslint-config-next": "^13.4.10",
   + "eslint-config-next": "14.2.34",

2. Specify Node.js version: Next.js 14 requires Node.js v18.17.0 or later. Please add an engines field to package.json to prevent build failures in environments with older Node.js versions.

   "engines": {
     "node": ">=18.17.0"
   }