You didn't change a single dependency and yet your build is suddenly failing. It is a frustrating situation that often points to a critical update in your underlying environment.
A remote code execution vulnerability in Next.js 15.x and 16.x App Router has been identified and it requires immediate patching to secure your applications. Additionally, Composer 2.9 has landed on Upsun PHP images.
Here is the breakdown:
- Security patches are now required for specific Next.js versions to prevent remote execution.
- Composer 2.9 is being shipped as is to ensure environments stay current.
- Fresh dependencies are essential for maintaining a secure and functional workflow.
- You have options to resolve build failures and get back to shipping code.
If you are seeing errors or want to understand how these updates impact your specific setup, check out our technical breakdown:
Composer 2.9 lands on Upsun PHP Images: Here’s what you need to know - Upsun Developer
Remote code execution vulnerability in Next.js 15.x and 16.x App Router requires immediate patching. Learn how to secure your applications.
developer.upsun.com
Top comments (0)