Upgrade NEXT.js version to 16.0.10 and react to resolve vulnerability

[gauravwarale]

Upgrade NEXT.js version to 16.0.10 and react to resolve vulnerability

[JoshMDiaz]

Why do we need this?

[ryankshaw]

ya we should not need this. I'm going to push a commit to this PR to fix it if that's ok?

[JoshMDiaz]

Can you keep the ^?

Suggested change

	"react": "19.2.3",
	"react": "^19.2.3",
	"react-dom": "^19.2.3",

[JoshMDiaz]

Same here for these

[Copilot]

Pull request overview

This PR upgrades Next.js from 16.0.7 to 16.0.10 and React/React DOM from 19.2.1 to 19.2.3 to address a security vulnerability. The changes include version pinning for type definitions and the addition of pnpm overrides to ensure consistent type versions across all dependencies.

Key Changes:

• Next.js upgraded from 16.0.7 to 16.0.10 (patch release)
• React and React DOM upgraded from ^19.2.1 to 19.2.3 (exact pinning)
• Type definitions (@types/react and @types/react-dom) pinned to specific versions with pnpm overrides

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated 3 comments.

File	Description
web/package.json	Updates Next.js to 16.0.10, pins React/React-DOM to 19.2.3, pins type definitions, and adds pnpm overrides configuration
web/pnpm-lock.yaml	Reflects all dependency resolution changes from package.json updates, including transitive dependency updates and modified peer dependency constraints

Files not reviewed (1)

• web/pnpm-lock.yaml: Language not supported

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[ryankshaw]

I pushed a commit to this that removes the overrides and pnpm installs from scratch. if that looks good to you, this looks good to me