Update NEXT.js version to 15.5.7 to resolve vulnerability #68
Conversation
There was a problem hiding this comment.
Pull request overview
This PR updates Next.js from version 15.3.3 to 15.5.7 to address a security vulnerability. The update includes all related Next.js packages and their platform-specific binary dependencies.
Key Changes:
- Next.js core package upgraded from 15.3.3 to 15.5.7
- All platform-specific SWC binaries updated to matching version 15.5.7
- Internal dependencies (
@swc/counter,busboy,streamsearch) removed as they're no longer needed by Next.js 15.5.7
Reviewed changes
Copilot reviewed 1 out of 2 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| web/package.json | Updates Next.js dependency version specification from 15.3.3 to 15.5.7 |
| web/pnpm-lock.yaml | Updates lockfile with new Next.js version, all related @next scoped packages, platform-specific binaries, peer dependency version requirements, and removes deprecated internal dependencies |
Files not reviewed (1)
- web/pnpm-lock.yaml: Language not supported
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| "moment": "^2.30.1", | ||
| "moment-timezone": "^0.5.48", | ||
| "next": "15.3.3", | ||
| "next": "15.5.7", |
There was a problem hiding this comment.
The next package is being updated to 15.5.7, but eslint-config-next on line 42 remains at 15.3.3. It's recommended to keep eslint-config-next in sync with the next version to ensure linting rules are compatible with the Next.js version being used. Consider updating eslint-config-next to 15.5.7 as well.
No description provided.