chore: upgrate nextJS version to avoid vulnerabilities

[aimensahnoun]

TL;DR

Upgraded Next.js from version 14.2.16 to 14.2.35.

What changed?

This PR updates the Next.js dependency from version 14.2.16 to 14.2.35 in both package.json and package-lock.json files. The update includes changes to the @next/env package and all platform-specific SWC compiler packages.

How to test?

1. Pull the changes and run npm install
2. Start the development server with npm run dev
3. Verify that the application runs correctly
4. Test key functionality to ensure nothing was broken by the Next.js update

Why make this change?

This update provides the latest bug fixes, security patches, and performance improvements from the Next.js team. Keeping dependencies up-to-date is important for maintaining application security and stability.

Summary by CodeRabbit

• Chores
  • Updated Next.js dependency to the latest patch version, ensuring compatibility with the latest framework improvements and security updates.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Updates the Next.js dependency version in package.json from "14.2.16" to "14.2.35". No code changes or control flow modifications are present.

Changes

Cohort / File(s)	Summary
Dependency version update package.json	Bumps Next.js version from "14.2.16" to "14.2.35"

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

• Verify the version bump is intentional and aligns with project requirements
• Confirm CI/test suite passes with the new Next.js version

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly summarizes the main change: upgrading Next.js to avoid vulnerabilities, which matches the pull request's primary objective.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch 12-12-chore_upgrate_nextjs_version_to_avoid_vulnerabilities

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 2efaae6 and 1a90e66.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

**/*

⚙️ CodeRabbit configuration file

**/*: - Only comment on issues that would block merging — ignore minor or stylistic concerns.

• Restrict feedback to errors, security risks, or functionality-breaking problems.
• Do not post comments on code style, formatting, or non-critical improvements.
• Keep reviews short: flag only issues that make the PR unsafe to merge.
• Limit review comments to 3–5 items maximum, unless additional blockers exist.
• Group similar issues into a single comment instead of posting multiple notes.
• Skip repetition — if a pattern repeats, mention it once at a summary level only.
• Do not add general suggestions; focus strictly on merge-blocking concerns.
• If there are no critical problems, respond with minimal approval (e.g., 'Looks good'). Do not add additional review.
• Avoid line-by-line commentary unless it highlights a critical bug or security hole.
• Highlight only issues that could cause runtime errors, data loss, or severe maintainability issues.
• Ignore minor optimization opportunities — focus solely on correctness and safety.
• Provide a top-level summary of critical blockers rather than detailed per-line notes.
• Comment only when the issue must be resolved before merge — otherwise, remain silent.
• When in doubt, err on the side of fewer comments — brevity and blocking issues only.
• Avoid posting any refactoring issues

Files:

• package.json

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: Lint
• GitHub Check: Build

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[aimensahnoun]

• chore: upgrate nextJS version to avoid vulnerabilities #177 👈 (View in Graphite)
• main

This stack of pull requests is managed by Graphite. Learn more about stacking.

[greptile-apps]

Greptile Overview

Greptile Summary

Updated Next.js from 14.2.16 to 14.2.35, bringing 19 patch releases worth of bug fixes and security improvements.

Key Changes:

• Next.js core package and @next/env upgraded to 14.2.35
• All platform-specific SWC compiler packages updated to 14.2.33 (as specified by Next.js 14.2.35)
• No changes to other dependencies or configuration
• Minimal Next.js config ensures low risk of compatibility issues
• @next/third-parties v15.1.7 is compatible with Next.js 14.x

Compatibility:

• Node.js requirement: >=18.17.0 (unchanged)
• All peer dependencies satisfied
• No breaking changes expected in patch version updates

Confidence Score: 5/5

• This PR is safe to merge with minimal risk - standard patch version upgrade with proper dependency resolution
• This is a straightforward patch version upgrade (14.2.16 → 14.2.35) that follows semantic versioning conventions. The package-lock.json shows all dependencies are properly resolved, including the correct SWC compiler versions (14.2.33) that Next.js 14.2.35 requires. The project has a minimal Next.js configuration, reducing the risk of compatibility issues. Patch updates typically include only bug fixes and security patches without breaking changes.
• No files require special attention

Important Files Changed

File Analysis

Filename	Score	Overview
package.json	5/5	Updated next from 14.2.16 to 14.2.35 - straightforward version bump with no other changes
package-lock.json	5/5	Updated next core package, @next/env, and all SWC compiler packages to match version 14.2.35 requirements

Sequence Diagram

sequenceDiagram
    participant Dev as Developer
    participant PM as Package Manager
    participant NPM as NPM Registry
    participant Next as Next.js Core
    participant SWC as SWC Compilers

    Dev->>PM: Update package.json (next: 14.2.35)
    Dev->>PM: Run npm install
    PM->>NPM: Fetch next@14.2.35
    NPM->>PM: Return next@14.2.35 package
    PM->>NPM: Fetch @next/env@14.2.35
    NPM->>PM: Return @next/env@14.2.35
    PM->>NPM: Fetch SWC compilers (14.2.33)
    Note over PM,NPM: Platform-specific SWC packages<br/>darwin-arm64, linux-x64, etc.
    NPM->>PM: Return SWC packages@14.2.33
    PM->>PM: Update package-lock.json
    PM->>Next: Install Next.js 14.2.35
    Next->>SWC: Link to SWC 14.2.33 compilers
    PM-->>Dev: Installation complete
    Dev->>Next: npm run dev / npm run build
    Next->>SWC: Compile TypeScript/JSX
    SWC-->>Next: Compiled output
    Next-->>Dev: Application ready

Loading

[greptile-apps]

_{1 file reviewed, no comments}

_{Edit Code Review Agent Settings | Greptile}