Bump bn.js, next, @storybook/addon-essentials and @storybook/react

[dependabot]

Bumps bn.js to 5.2.3 and updates ancestor dependencies bn.js, next, @storybook/addon-essentials and @storybook/react. These dependencies need to be updated together.

Updates bn.js from 4.12.0 to 5.2.3

Release notes

Sourced from bn.js's releases.

v5.2.1

• fix: serious issue in .toString(16) (#295)

v5.2.0

• fix: Buffer not using global in browser (#260)
• fix: LE constructor for HEX (#265)

v5.1.3

• Add support for defined but not implemented Symbol.for (#252)

v5.1.2

• Fix BN v5/v4 interoperability issue (#249)

v5.1.1

• Temporary workaround for BN#_move (#236)
• Add eslintrc instead config in package.json (#237)

v5.1.0

• Benchmark for BigInt (#226)
• Add documentation for max/min (#232)
• Update BN#inspect for Symbols (#225)
• Improve performance of toArrayLike (#222)
• temporary disable jumboMulTo in BN#mulTo (#221)
• optimize toBitArray function (#212)
• fix iaddn sign issue (#216)

v5.0.0

• travis: update node versions (#205)
• Refactor buffer constructor (#200)
• lib: fix for negative numbers: imuln, modrn, idivn (#185)
• bn: fix Red#imod (#178)
• check unexpected high bits for invalid characters (#173)
• document support very large integers (#158)
• only define toBuffer if Buffer is defined (#172)
• lib: better validation of string input (#151)
• tests: reject decimal input in constructor (#91)
• bn: make .strip() an internal method (#105)
• lib: deprecate .modn() introduce .modrn() (#112 #129 #130)
• bn: don't accept invalid characters (#141)
• package: use files insteadof .npmignore (#152)
• bn: improve allocation speed for buffers (#167)
• toJSON to default to interoperable hex (length % 2) (#164)

Changelog

Sourced from bn.js's changelog.

5.2.3 / 2026-02-19

• fix: imaskn state (#317)

5.2.2 / 2025-04-25

• fix: imuln/muln with zero (#313)

5.2.1 / 2022-02-23

• fix: serious issue in .toString(16) (#295)

5.2.0 / 2021-02-23

• fix: Buffer not using global in browser (#260)
• Fix LE constructor for HEX (#265)

5.1.3 / 2020-08-14

• Add support for defined but not implemented Symbol.for (#252)

5.1.2 / 2020-05-20

• Fix BN v5/v4 interoperability issue (#249)

5.1.1 / 2019-12-24

• Temporary workaround for BN#_move (#236)
• Add eslintrc instead config in package.json (#237)

5.1.0 / 2019-12-23

• Benchmark for BigInt (#226)
• Add documentation for max/min (#232)
• Update BN#inspect for Symbols (#225)
• Improve performance of toArrayLike (#222)
• temporary disable jumboMulTo in BN#mulTo (#221)
• optimize toBitArray function (#212)
• fix iaddn sign issue (#216)

5.0.0 / 2019-07-04

... (truncated)

Commits

• ea6c072 5.2.3
• 33df26b fix imaskn state (#317)
• 6db7c38 5.2.2
• c7e1a53 Fix imuln/muln with zero (#313)
• 4cc0bfa docs: mention the max plain JS number argument value (#307)
• 5df40f8 Document length unit in toBuffer(...) input (#299)
• 7078ea8 5.2.1
• 042ab62 Fix serious issue in .toString(16) (#295)
• db57519 Fix a few typos in readme (#285)
• 4187ca2 readme: add Scout APM to new Sponsors section
• Additional commits viewable in compare view

Updates next from 10.2.3 to 16.1.6

Release notes

Sourced from next's releases.

v16.1.6

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Upgrade to swc 54 (#88207)
• implement LRU cache with invocation ID scoping for minimal mode response cache (#88509)
• tweak LRU sentinel key (#89123)

Credits

Huge thanks to @​mischnic, @​wyattjoh, and @​ztanner for helping!

v16.1.5

Please refer the following changelogs for more information about this security release:

https://vercel.com/changelog/summaries-of-cve-2025-59471-and-cve-2025-59472 https://vercel.com/changelog/summary-of-cve-2026-23864

v16.1.4

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Only filter next config if experimental flag is enabled (#88733)

Credits

Huge thanks to @​mischnic for helping!

v16.1.3

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Fix linked list bug in LRU deleteFromLru (#88652)
• Fix relative same host redirects in node middleware (#88253)

Credits

Huge thanks to @​acdlite and @​ijjk for helping!

v16.1.2

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

... (truncated)

Commits

• adf8c61 v16.1.6
• 098c0c0 [backport][ci] Make gh auth status optional when triggering a release (#89100)
• a43df32 Backport/docs fixes jan 25 16.1.x (#89124)
• d6d5734 tweak LRU sentinel cache key (#89123)
• 4324698 backport: implement LRU cache with invocation ID scoping for minimal mode res...
• 23c4649 [backport] Upgrade to swc 54 (#88207) (#89103)
• acba4a6 v16.1.5
• e1d1fc6 Add maximum size limit for postponed body parsing (#88175)
• 500ec83 fetch(next/image): reduce maximumResponseBody from 300MB to 50MB (#88588)
• 1caaca3 feat(next/image)!: add images.maximumResponseBody config (#88183)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by vercel-release-bot, a new releaser for next since your current version.

Updates @storybook/addon-essentials from 6.3.9 to 6.5.16

Commits

• See full diff in compare view

Updates @storybook/react from 6.3.9 to 6.5.16

Changelog

Sourced from @​storybook/react's changelog.

• MDX: Upgrade csf-mdx libraries (#18300)
• security: update x-default-browser (#18157)

6.5.0-rc.1 (May 18, 2022)

Bug Fixes

• CLI: Improve webpack version and add detection of nextjs (#18220)
• ArgsTable: Gracefully handle conditional args failures (#18248)
• Controls: Fix reset button broken for !undefined URL values (#18231)
• Vue3: Add support for TSX in single file components (#18038)

6.5.0-rc.0 (May 17, 2022)

Features

• Addon-a11y: Show % of users in toolbar menu (#18003)

Bug Fixes

• Web-components: Clean Lit Expression comments in story source (#18108)
• Vue: Map args correctly in CSF3 implicit render function (#18209)
• Vue3: Fix CSF3 implicit render function when storyStoreV7 is enabled (#18208

Maintenance

• CLI: Don't throw is Ctrl + C was pressed when selecting a package in the build command (#18195)
• Build: Cleanup noise from unit tests (#18196)

Dependency Upgrades

• Fixed PnP compatibility for bundled components package (#18015)

6.5.0-beta.8 (May 11, 2022)

Bug Fixes

• Composition: Fix metadata.json incorrectly overriding main.js refs versions (#18185)

Maintenance

• Examples: Set channelOptions to disallow function serialization (#18071)

Dependency Upgrades

• Upgrade to telejson 6 (#18164)

6.5.0-beta.7 (May 9, 2022)

Features

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.