build(deps): bump next from 14.2.7 to 14.2.10

[dependabot]

Bumps next from 14.2.7 to 14.2.10.

Release notes

Sourced from next's releases.

v14.2.10

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Remove invalid fallback revalidate value (vercel/next.js#69990)
• Revert server action optimization (vercel/next.js#69925)
• Add ability to customize Cache-Control (#69802)

Credits

Huge thanks to @​huozhi and @​ijjk for helping!

v14.2.9

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Revert "Fix esm property def in flight loader (#66990)" (#69749)
• Disable experimental.optimizeServer by default to fix failed server action (#69788)
• Fix middleware fallback: false case (#69799)
• Fix status code for /_not-found route (#64058) (#69808)
• Fix metadata prop merging (#69807)
• create-next-app: fix font file corruption when using import alias (#69806)

Credits

Huge thanks to @​huozhi, @​ztanner, @​ijjk, and @​lubieowoce for helping!

v14.2.8

What's Changed

[!NOTE]
This release is backporting bug fixes and minor improvements. It does not include all pending features/changes on canary.

Support esmExternals in app directory

• Support esm externals in app router (#65041)
• Turbopack: Allow client components from foreign code in app routes (#64751)
• Turbopack: add support for esm externals in app dir (#64918)
• other related PRs: #66990 #66727 #66286 #65519

Reading cookies set in middleware in components and actions

• initialize ALS with cookies in middleware (#65008)
• fix middleware cookie initialization (#65820)
• ensure cookies set in middleware can be read in a server action (#67924)
• fix: merged middleware cookies should preserve options (#67956)

... (truncated)

Commits

• 937651f v14.2.10
• 7ed7f12 Remove invalid fallback revalidate value (#69990)
• 99de057 Revert server action optimization (#69925)
• 24647b9 Add ability to customize Cache-Control (#69802)
• 6fa8982 v14.2.9
• 7998745 test: lock ts type check (#69889)
• 4bd3849 create-next-app: fix font file corruption when using import alias (#69806)
• 3756801 test: check most possible combination of CNA flags
• 9a72ad6 unpin CNA tests from 14.2.3
• 747d365 Fix metadata prop merging (#69807)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/@next/env	14.2.10	🟢 4.3	Details Check Score Reason Code-Review 🟢 8 Found 24/30 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts ⚠️ 0 binaries present in source code Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities ⚠️ 0 176 existing vulnerabilities detected
npm/@next/swc-darwin-arm64	14.2.10	🟢 4.3	Details Check Score Reason Code-Review 🟢 8 Found 24/30 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts ⚠️ 0 binaries present in source code Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities ⚠️ 0 176 existing vulnerabilities detected
npm/@next/swc-darwin-x64	14.2.10	🟢 4.3	Details Check Score Reason Code-Review 🟢 8 Found 24/30 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts ⚠️ 0 binaries present in source code Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities ⚠️ 0 176 existing vulnerabilities detected
npm/@next/swc-linux-arm64-gnu	14.2.10	🟢 4.3	Details Check Score Reason Code-Review 🟢 8 Found 24/30 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts ⚠️ 0 binaries present in source code Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities ⚠️ 0 176 existing vulnerabilities detected
npm/@next/swc-linux-arm64-musl	14.2.10	🟢 4.3	Details Check Score Reason Code-Review 🟢 8 Found 24/30 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts ⚠️ 0 binaries present in source code Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities ⚠️ 0 176 existing vulnerabilities detected
npm/@next/swc-linux-x64-gnu	14.2.10	🟢 4.3	Details Check Score Reason Code-Review 🟢 8 Found 24/30 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts ⚠️ 0 binaries present in source code Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities ⚠️ 0 176 existing vulnerabilities detected
npm/@next/swc-linux-x64-musl	14.2.10	🟢 4.3	Details Check Score Reason Code-Review 🟢 8 Found 24/30 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts ⚠️ 0 binaries present in source code Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities ⚠️ 0 176 existing vulnerabilities detected
npm/@next/swc-win32-arm64-msvc	14.2.10	🟢 4.3	Details Check Score Reason Code-Review 🟢 8 Found 24/30 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts ⚠️ 0 binaries present in source code Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities ⚠️ 0 176 existing vulnerabilities detected
npm/@next/swc-win32-ia32-msvc	14.2.10	🟢 4.3	Details Check Score Reason Code-Review 🟢 8 Found 24/30 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts ⚠️ 0 binaries present in source code Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities ⚠️ 0 176 existing vulnerabilities detected
npm/@next/swc-win32-x64-msvc	14.2.10	🟢 4.3	Details Check Score Reason Code-Review 🟢 8 Found 24/30 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts ⚠️ 0 binaries present in source code Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities ⚠️ 0 176 existing vulnerabilities detected
npm/next	14.2.10	🟢 4.3	Details Check Score Reason Code-Review 🟢 8 Found 24/30 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts ⚠️ 0 binaries present in source code Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities ⚠️ 0 176 existing vulnerabilities detected
npm/next	^14.2.10	🟢 4.3	Details Check Score Reason Code-Review 🟢 8 Found 24/30 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts ⚠️ 0 binaries present in source code Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities ⚠️ 0 176 existing vulnerabilities detected

Scanned Manifest Files

package-lock.json

• [email protected]
• @next/[email protected]
• @next/[email protected]
• @next/[email protected]
• @next/[email protected]
• @next/[email protected]
• @next/[email protected]
• @next/[email protected]
• @next/[email protected]
• @next/[email protected]
• @next/[email protected]
• [email protected]
• @next/[email protected]
• @next/[email protected]
• @next/[email protected]
• @next/[email protected]
• @next/[email protected]
• @next/[email protected]
• @next/[email protected]
• @next/[email protected]
• @next/[email protected]
• @next/[email protected]

package.json

• next@^14.2.10
• next@^14.2.2

[netlify]

✅ Deploy Preview for splendorous-snickerdoodle-0e3599 ready!

Name	Link
🔨 Latest commit	88e24de
🔍 Latest deploy log	https://app.netlify.com/sites/splendorous-snickerdoodle-0e3599/deploys/66ea732d8ab7c90008aa00f8
😎 Deploy Preview	https://deploy-preview-147--splendorous-snickerdoodle-0e3599.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
Lighthouse	1 paths audited Performance: 73 Accessibility: 91 Best Practices: 92 SEO: 91 PWA: - View the detailed breakdown and full score reports

---

To edit notification comments on pull requests, go to your Netlify site configuration.