<!-- Please make sure you have read the submission guidelines before
posting an PR -->
<!--
https://github.com/nrwl/nx/blob/master/CONTRIBUTING.md#-submitting-a-pr
-->
<!-- Please make sure that your commit message follows our format -->
<!-- Example: `fix(nx): must begin with lowercase` -->
<!-- If this is a particularly complex change or feature addition, you
can request a dedicated Nx release for this pull request branch. Mention
someone from the Nx team or the `@nrwl/nx-pipelines-reviewers` and they
will confirm if the PR warrants its own release for testing purposes,
and generate it for you if appropriate. -->
## Current Behavior
<!-- This is the behavior we have today -->
Users migrating from Nx 17 can go up to Nx 20.
## Expected Behavior
<!-- This is the behavior we should expect with the changes in this PR
-->
Users migrating from Nx 19 can go up to Nx 21. Users migrating from Nx
17 or 18 should go to Nx 19 first.. then go to Nx 21.
## Related Issue(s)
<!-- Please link the issue being fixed so it gets closed when this is
merged. -->
Fixes #
There is a critical vulnerability with Next.js. This PR updates both the
v14 and v15 versions to ensure users are on the latest patched versions.
For new projects, it should already be using the latest patch within the
minor version, since we default to `~` range. This will ensure that
existing projects that did not update yet is updated to the secure
versions.
See: https://github.com/advisories/GHSA-f82v-jwr5-mffw
<!-- If this is a particularly complex change or feature addition, you
can request a dedicated Nx release for this pull request branch. Mention
someone from the Nx team or the `@nrwl/nx-pipelines-reviewers` and they
will confirm if the PR warrants its own release for testing purposes,
and generate it for you if appropriate. -->
## Current Behavior
Next.js versions for existing projects may be using vulnerable versions.
## Expected Behavior
Migrate existing Next.js projects to patched and secure versions.
## Related Issue(s)
<!-- Please link the issue being fixed so it gets closed when this is
merged. -->
Fixes #
Closes#30536
<!-- Please make sure you have read the submission guidelines before
posting an PR -->
<!--
https://github.com/nrwl/nx/blob/master/CONTRIBUTING.md#-submitting-a-pr
-->
<!-- Please make sure that your commit message follows our format -->
<!-- Example: `fix(nx): must begin with lowercase` -->
<!-- If this is a particularly complex change or feature addition, you
can request a dedicated Nx release for this pull request branch. Mention
someone from the Nx team or the `@nrwl/nx-pipelines-reviewers` and they
will confirm if the PR warrants its own release for testing purposes,
and generate it for you if appropriate. -->
## Current Behavior
The current version of eslint-config-next (v14.2.16) has peer dependency
conflicts with the latest versions of ESLint (v9.x). This issue causes
npm install to fail in projects using eslint-config-next.
## Expected Behavior
`npm install` should succeed without dependency conflicts.
## Related Issue(s)
Fixes#30536
---------
Co-authored-by: Nicholas Cunningham <ndcunningham@gmail.com>
