Skip to content

fix(deps)(deps): bump next from 15.0.5 to 15.5.18 in the next-and-react group across 1 directory#517

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot-npm_and_yarn-next-and-react-c3f9736618
Open

fix(deps)(deps): bump next from 15.0.5 to 15.5.18 in the next-and-react group across 1 directory#517
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot-npm_and_yarn-next-and-react-c3f9736618

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Mar 16, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps the next-and-react group with 1 update in the / directory: next.

Updates next from 15.0.5 to 15.5.18

Release notes

Sourced from next's releases.

v15.5.18

This release contains security fixes for the following advisories:

High:

Moderate:

Low:

v15.5.16

This release contains security fixes for the following advisories:

High:

Moderate:

Low:

v15.5.15

Please refer the following changelogs for more information about this security release:

https://vercel.com/changelog/summary-of-cve-2026-23869

v15.5.14

[!NOTE]

... (truncated)

Commits
  • 9ff92ce v15.5.18
  • 00ebe23 [backport] Disable build caches for production/staging/force-preview deploys ...
  • 62c97ab v15.5.17
  • 423623a Turbopack: Match proxy matchers with webpack implementation (#93594)
  • fa78739 Turbopack: Fix middleware matcher suffix (#93590)
  • 36e62c6 [backport] Turbopack: more strict vergen setup (#93588)
  • 36589b5 [backport][test] Pin package manager to patch versions (#93596)
  • ad6fd4e v15.5.16
  • 79d7dff Ignore malformed CSP nonce headers (#103)
  • c4f6908 router-server: guard upgrade proxy against absolute-url SSRF (#77) (#102)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for next since your current version.

@dependabot @github

dependabot Bot commented on behalf of github Mar 16, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: npm. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Mar 16, 2026
@vercel

vercel Bot commented Mar 16, 2026
edited
Loading

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
interviewoptimiser Ready Ready Preview, Comment May 18, 2026 3:38am

@coderabbitai

coderabbitai Bot commented Mar 16, 2026

Copy link
Copy Markdown

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: f0881da1-67fd-4c71-94a0-4b8bbb50698a

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch dependabot-npm_and_yarn-next-and-react-c3f9736618
📝 Coding Plan
  • Generate coding plan for human review comments

Comment @coderabbitai help to get the list of available commands and usage tips.

cubic-dev-ai[bot]
cubic-dev-ai Bot reviewed Mar 16, 2026
View reviewed changes

@cubic-dev-ai cubic-dev-ai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 1 file

@dependabot dependabot Bot force-pushed the dependabot-npm_and_yarn-next-and-react-c3f9736618 branch from 8ad8d03 to 9df5793 Compare March 30, 2026 03:07
@dependabot dependabot Bot changed the title fix(deps)(deps): bump next from 15.0.5 to 15.5.12 in the next-and-react group fix(deps)(deps): bump next from 15.0.5 to 15.5.15 in the next-and-react group across 1 directory Apr 27, 2026
@dependabot dependabot Bot force-pushed the dependabot-npm_and_yarn-next-and-react-c3f9736618 branch from 9df5793 to 24e4af6 Compare April 27, 2026 03:07
@dependabot
fix(deps)(deps): bump next
e3c4502 
Bumps the next-and-react group with 1 update in the / directory: [next](https://github.com/vercel/next.js).


Updates `next` from 15.0.5 to 15.5.18
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v15.0.5...v15.5.18)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 15.5.12
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: next-and-react
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title fix(deps)(deps): bump next from 15.0.5 to 15.5.15 in the next-and-react group across 1 directory fix(deps)(deps): bump next from 15.0.5 to 15.5.18 in the next-and-react group across 1 directory May 18, 2026
@dependabot dependabot Bot force-pushed the dependabot-npm_and_yarn-next-and-react-c3f9736618 branch from 24e4af6 to e3c4502 Compare May 18, 2026 03:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants