chore(deps): bump next from 16.2.4 to 16.2.5 in /packages/layout/examples/preview

[dependabot]

Bumps next from 16.2.4 to 16.2.5.

Release notes

Sourced from next's releases.

v16.2.5

This release contains security fixes for the following advisories:

High:

• GHSA-8h8q-6873-q5fj: Denial of Service with Server Components
• GHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes
• GHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components
• GHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection
• GHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades
• GHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n

Moderate:

• GHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces
• GHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input
• GHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API
• GHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses

Low:

• GHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting
• GHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned

Commits

• 766148f v16.2.5
• 0dd9483 fix: add explicit checks for RSC header (#83) (#98)
• d166096 fix proxy matching for segment prefetch URLs (#89) (#96)
• 9d50c0b Strip next-resume header from incoming requests (#92)
• df7ab5a fix: skip internal param normalization in unsupported environments
• ed41d1d Move htmlescape to shared/lib (#91)
• b4c6705 Ignore malformed CSP nonce headers
• 5b194ee router-server: guard upgrade proxy against absolute-url SSRF (#77)
• cb171d7 Fix i18n middleware matching for default-locale data routes (#82)
• 89e9954 [16.x] Type hardening and performance improvements (#80)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for next since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[netlify]

✅ Deploy Preview for v11-carbon-react ready!

Name	Link
🔨 Latest commit	dfe601e
🔍 Latest deploy log	https://app.netlify.com/projects/v11-carbon-react/deploys/6a0218ef3f44100007947886
😎 Deploy Preview	https://deploy-preview-22226--v11-carbon-react.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
🤖 Make changes	Run an agent on this branch

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[netlify]

✅ Deploy Preview for v11-carbon-web-components ready!

Name	Link
🔨 Latest commit	dfe601e
🔍 Latest deploy log	https://app.netlify.com/projects/v11-carbon-web-components/deploys/6a0218f05f3eb70008f764fa
😎 Deploy Preview	https://deploy-preview-22226--v11-carbon-web-components.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
🤖 Make changes	Run an agent on this branch

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[netlify]

✅ Deploy Preview for carbon-elements ready!

Name	Link
🔨 Latest commit	dfe601e
🔍 Latest deploy log	https://app.netlify.com/projects/carbon-elements/deploys/6a0218f06d269e00096442a8
😎 Deploy Preview	https://deploy-preview-22226--carbon-elements.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
🤖 Make changes	Run an agent on this branch

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 95.12%. Comparing base (9cdf860) to head (dfe601e).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main   #22226   +/-   ##
=======================================
  Coverage   95.12%   95.12%           
=======================================
  Files         549      549           
  Lines       45650    45650           
  Branches     6560     6585   +25     
=======================================
  Hits        43426    43426           
  Misses       2094     2094           
  Partials      130      130           

Flag	Coverage Δ
main-packages	89.22% <ø> (ø)
web-components	97.90% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[dependabot]

A newer version of next exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.