[PR #322] Bump next from 15.5.2 to 15.5.14 in /landing #591

New Issue

GiteaMirror · 2026-03-22T12:54:20-05:00

GiteaMirror commented

2026-03-22 12:54:20 -05:00

📋 Pull Request Information

Original PR: https://github.com/feeddeck/feeddeck/pull/322
Author: @dependabot[bot]
Created: 3/21/2026
Status: 🔄 Open

Base: main ← Head: dependabot/npm_and_yarn/landing/next-15.5.14

📝 Commits (1)

579263e Bump next from 15.5.2 to 15.5.14 in /landing

📊 Changes

2 files changed (+41 additions, -41 deletions)

View changed files

📝 landing/package-lock.json (+40 -40)
📝 landing/package.json (+1 -1)

📄 Description

Bumps next from 15.5.2 to 15.5.14.

Release notes

Sourced from next's releases.

v15.5.14

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

feat(next/image): add lru disk cache and images.maximumDiskCacheSize (#91660)

Fix(pages-router): restore Content-Length and ETag for /_next/data/ JSON responses (#90304)

Credits

Huge thanks to @styfle and @lllomh for helping!

v15.5.13

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

fix: patch http-proxy to prevent request smuggling in rewrites (See: CVE-2026-29057)

Credits

Huge thanks to @ztanner for helping!

v15.5.12

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

fix unlock in publish-native

This is a re-release of v15.5.11 applying the turbopack changes.

v15.5.11

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

Tracing: Fix memory leak in span map (#85529)

fix: ensure LRU cache items have minimum size of 1 to prevent unbounded growth (#89134)

Turbopack: fix NFT tracing of sharp 0.34 (#82340)

Turbopack: support pattern into exports field (#82757)

NFT tracing fixes (#84155 and #85323)

Turbopack: validate CSS without computing all paths (#83810)

feat: implement LRU cache with invocation ID scoping for minimal mode response cache (#89129)

Credits

Huge thanks to @timneutkens, @mischnic, @ztanner, and @wyattjoh for helping!

Commits

d7b012d v15.5.14
2b05251 [backport] feat(next/image): add lru disk cache and `images.maximumDiskCacheS...
f88cee9 Backport: Fix(pages-router): restore Content-Length and ETag for /_next/data/...
cfd5f53 v15.5.13
15f2891 [backport]: fix: patch http-proxy to prevent request smuggling in rewrites (#...
d23f41c v15.5.12
8e75765 fix unlock in publish-native
6cef992 [backport] normalize CRLF line endings in jscodeshift tests on Windows (#8800...
7a94645 Apply needs for publishRelease
bbfd4e3 v15.5.11
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/feeddeck/feeddeck/pull/322 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 3/21/2026 **Status:** 🔄 Open **Base:** `main` ← **Head:** `dependabot/npm_and_yarn/landing/next-15.5.14` --- ### 📝 Commits (1) - [`579263e`](https://github.com/feeddeck/feeddeck/commit/579263ef844a024dc4ec525c819472d05ff36196) Bump next from 15.5.2 to 15.5.14 in /landing ### 📊 Changes **2 files changed** (+41 additions, -41 deletions) <details> <summary>View changed files</summary> 📝 `landing/package-lock.json` (+40 -40) 📝 `landing/package.json` (+1 -1) </details> ### 📄 Description Bumps [next](https://github.com/vercel/next.js) from 15.5.2 to 15.5.14. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vercel/next.js/releases">next's releases</a>.</em></p> <blockquote> <h2>v15.5.14</h2> <blockquote> <p>[!NOTE] This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>feat(next/image): add lru disk cache and images.maximumDiskCacheSize (<a href="https://redirect.github.com/vercel/next.js/issues/91660">#91660</a>)</li> <li>Fix(pages-router): restore Content-Length and ETag for /_next/data/ JSON responses (<a href="https://redirect.github.com/vercel/next.js/issues/90304">#90304</a>)</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/styfle"><code>@styfle</code></a> and <a href="https://github.com/lllomh"><code>@lllomh</code></a> for helping!</p> <h2>v15.5.13</h2> <blockquote> <p>[!NOTE] This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>fix: patch http-proxy to prevent request smuggling in rewrites (See: <a href="https://github.com/vercel/next.js/security/advisories/GHSA-ggv3-7p47-pfv8">CVE-2026-29057</a>)</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/ztanner"><code>@ztanner</code></a> for helping!</p> <h2>v15.5.12</h2> <blockquote> <p>[!NOTE] This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <ul> <li>fix unlock in publish-native</li> </ul> <p>This is a re-release of <a href="https://github.com/vercel/next.js/releases/tag/v15.5.11">v15.5.11</a> applying the turbopack changes.</p> <h2>v15.5.11</h2> <blockquote> <p>[!NOTE] This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>Tracing: Fix memory leak in span map (<a href="https://redirect.github.com/vercel/next.js/issues/85529">#85529</a>)</li> <li>fix: ensure LRU cache items have minimum size of 1 to prevent unbounded growth (<a href="https://redirect.github.com/vercel/next.js/issues/89134">#89134</a>)</li> <li>Turbopack: fix NFT tracing of sharp 0.34 (<a href="https://redirect.github.com/vercel/next.js/issues/82340">#82340</a>)</li> <li>Turbopack: support pattern into exports field (<a href="https://redirect.github.com/vercel/next.js/issues/82757">#82757</a>)</li> <li>NFT tracing fixes (<a href="https://redirect.github.com/vercel/next.js/issues/84155">#84155</a> and <a href="https://redirect.github.com/vercel/next.js/issues/85323">#85323</a>)</li> <li>Turbopack: validate CSS without computing all paths (<a href="https://redirect.github.com/vercel/next.js/issues/83810">#83810</a>)</li> <li>feat: implement LRU cache with invocation ID scoping for minimal mode response cache (<a href="https://redirect.github.com/vercel/next.js/issues/89129">#89129</a>)</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/timneutkens"><code>@timneutkens</code></a>, <a href="https://github.com/mischnic"><code>@mischnic</code></a>, <a href="https://github.com/ztanner"><code>@ztanner</code></a>, and <a href="https://github.com/wyattjoh"><code>@wyattjoh</code></a> for helping!</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/vercel/next.js/commit/d7b012d787c01e0435f8cdf2a47211891668d13b"><code>d7b012d</code></a> v15.5.14</li> <li><a href="https://github.com/vercel/next.js/commit/2b0525123245da5b1b9d1abedc636c5fd3ee1d07"><code>2b05251</code></a> [backport] feat(next/image): add lru disk cache and `images.maximumDiskCacheS...</li> <li><a href="https://github.com/vercel/next.js/commit/f88cee9604f0ec8ab869a2f94ced984194277b9e"><code>f88cee9</code></a> Backport: Fix(pages-router): restore Content-Length and ETag for /_next/data/...</li> <li><a href="https://github.com/vercel/next.js/commit/cfd5f533b08df3038476dcd54f1d6d660d85f069"><code>cfd5f53</code></a> v15.5.13</li> <li><a href="https://github.com/vercel/next.js/commit/15f28911fd272041707dbf6b7c07d62642593be8"><code>15f2891</code></a> [backport]: fix: patch http-proxy to prevent request smuggling in rewrites (#...</li> <li><a href="https://github.com/vercel/next.js/commit/d23f41c42506005fe6978e076a1ccbf8979e4925"><code>d23f41c</code></a> v15.5.12</li> <li><a href="https://github.com/vercel/next.js/commit/8e75765a6544dc0e6b20aefeade7d33190ffcb7c"><code>8e75765</code></a> fix unlock in publish-native</li> <li><a href="https://github.com/vercel/next.js/commit/6cef992286e3050aeca46e0d506dc5bad4368fd2"><code>6cef992</code></a> [backport] normalize CRLF line endings in jscodeshift tests on Windows (<a href="https://redirect.github.com/vercel/next.js/issues/8800">#8800</a>...</li> <li><a href="https://github.com/vercel/next.js/commit/7a9464553ac72f5b3f3acf17174a61b7b8a210a5"><code>7a94645</code></a> Apply needs for publishRelease</li> <li><a href="https://github.com/vercel/next.js/commit/bbfd4e313d4bc9024ec340d9de419a0e4357f898"><code>bbfd4e3</code></a> v15.5.11</li> <li>Additional commits viewable in <a href="https://github.com/vercel/next.js/compare/v15.5.2...v15.5.14">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=next&package-manager=npm_and_yarn&previous-version=15.5.2&new-version=15.5.14)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/feeddeck/feeddeck/network/alerts). </details> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

GiteaMirror added the pull-request label 2026-03-22 12:54:20 -05:00

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/feeddeck#591