[nodejs] update to nextjs 14.0.4

[smola]

Motivation

Upgrade to nextjs 14.0.4 for support for manual signal handler setup, see #6814

Changes

• Updated package.json and lock file to update to this version.
• Not going through the full upgrade to the very last version right now, since it seems that needs a few more changes to the code / build.

Workflow

1. ⚠️ Create your PR as draft ⚠️
2. Work on you PR until the CI passes
3. Mark it as ready for review
   • Test logic is modified? -> Get a review from RFC owner.
   • Framework is modified, or non obvious usage of it -> get a review from R&P team

🚀 Once your PR is reviewed and the CI green, you can merge it!

🛟 #apm-shared-testing 🛟

Reviewer checklist

• Anything but tests/ or manifests/ is modified ? I have the approval from R&P team
• A docker base image is modified?
  • the relevant build-XXX-image label is present
• A scenario is added, removed or renamed?
  • Get a review from R&P team

[github-actions]

CODEOWNERS have been resolved as:

utils/build/docker/nodejs/nextjs/package-lock.json                      @DataDog/dd-trace-js @DataDog/system-tests-core
utils/build/docker/nodejs/nextjs/package.json                           @DataDog/dd-trace-js @DataDog/system-tests-core

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 9603d2a7d1

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Upgrade Next.js to a patched release

This change pins next to 14.0.4, and the lockfile itself marks that exact version as deprecated due to a known security vulnerability. Because the Node.js Next.js weblog image installs from this lockfile, CI and local test runs will continue using a known-vulnerable framework version until it is bumped. Please move to a patched Next.js release and regenerate the lockfile so the test image no longer ships vulnerable dependencies.

Useful? React with 👍 / 👎.

[BridgeAR]

LGTM since this is indeed an update from 13.5.4 due to the package-lock.json update