Skip to content

Bump next from 15.2.4 to 15.4.7 #144

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 2, 2025
Merged

Bump next from 15.2.4 to 15.4.7 #144

merged 1 commit into from
Sep 2, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 30, 2025

Bumps next from 15.2.4 to 15.4.7.

Release notes

Sourced from next's releases.

v15.4.7

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • fix router handling when setting a location response header #82588

Credits

Huge thanks to @​ztanner for helping!

v15.4.6

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • fix: _error page's req.url can be overwritten to dynamic param on minimal mode (#82347)
  • fix: add ?dpl to fonts in /_next/static/media (#82384)

Credits

Huge thanks to @​devjiwonchoi, @​ijjk, and @​styfle for helping!

v15.4.5

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • Fix API stripping JSON incorrectly (#82062)
  • Fix i18n fallback: false collision (#82158)
  • Revert "Fix tracing of server actions imported by client components (#82167)
  • Ensure setAssetPrefix updates config instance (#82165)
  • Turbopack: update mimalloc (#82166)
  • fix(next/image): fix image-optimizer.ts headers (#82175)
  • fix(next/image): improve and simplify detect-content-type (#82174)

Credits

Huge thanks to @​ijjk, @​sokra, and @​styfle for helping!

v15.4.4

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • Fix dynamicParams false layout case in dev (#82026)
  • Turbopack: fix scope hoisting variable renaming bug (#81640)
  • Upgrade to swc v33 (#81750)
  • Revert "[metadata] use https protocol for schema urls" (#81934)

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump next from 15.2.4 to 15.4.7
02aa5cd 
Bumps [next](https://github.com/vercel/next.js) from 15.2.4 to 15.4.7.
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v15.2.4...v15.4.7)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 15.4.7
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Aug 30, 2025
@kusari-inspector
Copy link

kusari-inspector bot commented Aug 30, 2025

Kusari Inspector

Kusari Analysis Results:

Proceed with these changes

✅ No Flagged Issues Detected
All values appear to be within acceptable risk parameters.

Both dependency and code security analyses support proceeding with this Next.js update. The update from version 15.2.4 to 15.4.7 provides significant security benefits by fixing three important CVEs (CVE-2025-57752, CVE-2025-55173, CVE-2025-57822) related to image optimization and middleware handling. The code analysis confirms zero security issues, secrets, or vulnerabilities are introduced. While some Sharp image processing dependencies have low code review scores, these are indirect dependencies that pose no immediate security threat. The security benefits of patching known vulnerabilities far outweigh the minor maintenance concerns with indirect dependencies.

Expand to see all dependency changes, security advisories, scorecard checks, etc.

Package Dependency Analysis

Package: @img/[email protected]

Dependencies:

Direct:
- @img/[email protected] (requirement: 1.2.0)

Package: @img/[email protected]

Dependencies:

Direct:
- @img/[email protected] (requirement: 1.2.0)

Package: [email protected]

Dependencies:

Direct:
- @next/[email protected] (requirement: 15.4.7)
- @next/[email protected] (requirement: 15.4.7)
- @next/[email protected] (requirement: 15.4.7)
- @next/[email protected] (requirement: 15.4.7)
- @next/[email protected] (requirement: 15.4.7)
- [email protected] (requirement: ^0.34.3)
- @next/[email protected] (requirement: 15.4.7)
- @next/[email protected] (requirement: 15.4.7)
- @next/[email protected] (requirement: 15.4.7)
- @next/[email protected] (requirement: 15.4.7)
Indirect:
- @img/[email protected] via [email protected] → @img/[email protected]
- @img/[email protected] via [email protected] → @img/[email protected]
- @img/[email protected] via [email protected] → @img/[email protected]
- @img/[email protected] via [email protected] → @img/[email protected]
- @img/[email protected] via [email protected] → @img/[email protected]
- @img/[email protected] via [email protected] → @img/[email protected]
- @img/[email protected] via [email protected] → @img/[email protected]
- @img/[email protected] via [email protected] → @img/[email protected]
- @img/[email protected] via [email protected] → @img/[email protected]
- @img/[email protected] via [email protected] → @img/[email protected]
- @img/[email protected] via [email protected] → @img/[email protected]
- @img/[email protected] via [email protected] → @img/[email protected]
- @img/[email protected] via [email protected] → @img/[email protected]
- @img/[email protected] via [email protected] → @img/[email protected]
- @img/[email protected] via [email protected] → @img/[email protected]
- @img/[email protected] via [email protected] → @img/[email protected]
- @img/[email protected] via [email protected] → @img/[email protected]
- @img/[email protected] via [email protected] → @img/[email protected]
- @img/[email protected] via [email protected] → @img/[email protected]
- @img/[email protected] via [email protected] → @img/[email protected]
- @img/[email protected] via [email protected] → @img/[email protected]
- @img/[email protected] via [email protected] → @img/[email protected]

Package: [email protected]

Dependencies:

Direct:
- @img/[email protected] (requirement: 0.34.3)
- @img/[email protected] (requirement: 0.34.3)
- @img/[email protected] (requirement: 0.34.3)
- @img/[email protected] (requirement: 0.34.3)
- @img/[email protected] (requirement: 1.2.0)
- @img/[email protected] (requirement: 0.34.3)
- @img/[email protected] (requirement: 1.2.0)
- @img/[email protected] (requirement: 0.34.3)
- @img/[email protected] (requirement: 1.2.0)
- @img/[email protected] (requirement: 1.2.0)
- @img/[email protected] (requirement: 1.2.0)
- @img/[email protected] (requirement: 0.34.3)
- @img/[email protected] (requirement: 1.2.0)
- @img/[email protected] (requirement: 0.34.3)
- @img/[email protected] (requirement: 1.2.0)
- @img/[email protected] (requirement: 0.34.3)
- @img/[email protected] (requirement: 0.34.3)
- @img/[email protected] (requirement: 1.2.0)
- @img/[email protected] (requirement: 0.34.3)
- @img/[email protected] (requirement: 1.2.0)
- @img/[email protected] (requirement: 0.34.3)
- @img/[email protected] (requirement: 0.34.3)

Package: @img/[email protected]

Dependencies:

Direct:
- @img/[email protected] (requirement: 1.2.0)

Package: @img/[email protected]

Dependencies:

Direct:
- @img/[email protected] (requirement: 1.2.0)

Package: @img/[email protected]

Dependencies:

Direct:
- @img/[email protected] (requirement: 1.2.0)

Package: @img/[email protected]

Dependencies:

Direct:
- @img/[email protected] (requirement: 1.2.0)

Package: @img/[email protected]

Dependencies:

Direct:
- @img/[email protected] (requirement: 1.2.0)

Package: @img/[email protected]

Dependencies:

Direct:
- @img/[email protected] (requirement: 1.2.0)

Package: @img/[email protected]

Dependencies:

Direct:
- @img/[email protected] (requirement: 1.2.0)

Dependency Graph

graph TD
  NPM__img_sharp_linuxmusl_arm64_0_34_3 -->|DIRECT| NPM__img_sharp_libvips_linuxmusl_arm64_1_2_0
  NPM__img_sharp_linux_x64_0_34_3 -->|DIRECT| NPM__img_sharp_libvips_linux_x64_1_2_0
  NPM__img_sharp_darwin_x64_0_34_3 -->|DIRECT| NPM__img_sharp_libvips_darwin_x64_1_2_0
  NPM__img_sharp_linux_arm64_0_34_3 -->|DIRECT| NPM__img_sharp_libvips_linux_arm64_1_2_0
  NPM_next_15_4_7 -->|INDIRECT| NPM__img_sharp_linuxmusl_arm64_0_34_3
  NPM_next_15_4_7 -->|INDIRECT| NPM__img_sharp_linux_x64_0_34_3
  NPM_next_15_4_7 -->|INDIRECT| NPM__img_sharp_win32_ia32_0_34_3
  NPM_next_15_4_7 -->|INDIRECT| NPM__img_sharp_darwin_x64_0_34_3
  NPM_next_15_4_7 -->|INDIRECT| NPM__img_sharp_libvips_linux_arm_1_2_0
  NPM_next_15_4_7 -->|INDIRECT| NPM__img_sharp_wasm32_0_34_3
  NPM_next_15_4_7 -->|INDIRECT| NPM__img_sharp_libvips_linux_x64_1_2_0
  NPM_next_15_4_7 -->|INDIRECT| NPM__img_sharp_linux_arm64_0_34_3
  NPM_next_15_4_7 -->|DIRECT| NPM__next_env_15_4_7
  NPM_next_15_4_7 -->|INDIRECT| NPM__img_sharp_libvips_linux_arm64_1_2_0
  NPM_next_15_4_7 -->|INDIRECT| NPM__img_sharp_libvips_linux_ppc64_1_2_0
  NPM_next_15_4_7 -->|DIRECT| NPM__next_swc_win32_arm64_msvc_15_4_7
  NPM_next_15_4_7 -->|DIRECT| NPM__next_swc_linux_x64_musl_15_4_7
  NPM_next_15_4_7 -->|INDIRECT| NPM__img_sharp_libvips_linuxmusl_arm64_1_2_0
  NPM_next_15_4_7 -->|INDIRECT| NPM__img_sharp_win32_arm64_0_34_3
  NPM_next_15_4_7 -->|INDIRECT| NPM__img_sharp_libvips_linux_s390x_1_2_0
  NPM_next_15_4_7 -->|DIRECT| NPM__next_swc_darwin_arm64_15_4_7
  NPM_next_15_4_7 -->|INDIRECT| NPM__img_sharp_linux_arm_0_34_3
  NPM_next_15_4_7 -->|DIRECT| NPM__next_swc_darwin_x64_15_4_7
  NPM_next_15_4_7 -->|INDIRECT| NPM__img_sharp_libvips_darwin_x64_1_2_0
  NPM_next_15_4_7 -->|INDIRECT| NPM__img_sharp_darwin_arm64_0_34_3
  NPM_next_15_4_7 -->|INDIRECT| NPM__img_sharp_linux_s390x_0_34_3
  NPM_next_15_4_7 -->|DIRECT| NPM_sharp_0_34_3
  NPM_next_15_4_7 -->|INDIRECT| NPM__img_sharp_libvips_darwin_arm64_1_2_0
  NPM_next_15_4_7 -->|INDIRECT| NPM__img_sharp_linuxmusl_x64_0_34_3
  NPM_next_15_4_7 -->|INDIRECT| NPM__img_sharp_libvips_linuxmusl_x64_1_2_0
  NPM_next_15_4_7 -->|DIRECT| NPM__next_swc_linux_arm64_gnu_15_4_7
  NPM_next_15_4_7 -->|DIRECT| NPM__next_swc_linux_arm64_musl_15_4_7
  NPM_next_15_4_7 -->|DIRECT| NPM__next_swc_linux_x64_gnu_15_4_7
  NPM_next_15_4_7 -->|DIRECT| NPM__next_swc_win32_x64_msvc_15_4_7
  NPM_next_15_4_7 -->|INDIRECT| NPM__img_sharp_linux_ppc64_0_34_3
  NPM_next_15_4_7 -->|INDIRECT| NPM__img_sharp_win32_x64_0_34_3
  NPM__img_sharp_linux_arm_0_34_3 -->|DIRECT| NPM__img_sharp_libvips_linux_arm_1_2_0
  NPM__img_sharp_darwin_arm64_0_34_3 -->|DIRECT| NPM__img_sharp_libvips_darwin_arm64_1_2_0
  NPM__img_sharp_linux_s390x_0_34_3 -->|DIRECT| NPM__img_sharp_libvips_linux_s390x_1_2_0
  NPM_sharp_0_34_3 -->|DIRECT| NPM__img_sharp_linuxmusl_arm64_0_34_3
  NPM_sharp_0_34_3 -->|DIRECT| NPM__img_sharp_linux_x64_0_34_3
  NPM_sharp_0_34_3 -->|DIRECT| NPM__img_sharp_win32_ia32_0_34_3
  NPM_sharp_0_34_3 -->|DIRECT| NPM__img_sharp_darwin_x64_0_34_3
  NPM_sharp_0_34_3 -->|DIRECT| NPM__img_sharp_libvips_linux_arm_1_2_0
  NPM_sharp_0_34_3 -->|DIRECT| NPM__img_sharp_wasm32_0_34_3
  NPM_sharp_0_34_3 -->|DIRECT| NPM__img_sharp_libvips_linux_x64_1_2_0
  NPM_sharp_0_34_3 -->|DIRECT| NPM__img_sharp_linux_arm64_0_34_3
  NPM_sharp_0_34_3 -->|DIRECT| NPM__img_sharp_libvips_linux_arm64_1_2_0
  NPM_sharp_0_34_3 -->|DIRECT| NPM__img_sharp_libvips_linux_ppc64_1_2_0
  NPM_sharp_0_34_3 -->|DIRECT| NPM__img_sharp_libvips_linuxmusl_arm64_1_2_0
  NPM_sharp_0_34_3 -->|DIRECT| NPM__img_sharp_win32_arm64_0_34_3
  NPM_sharp_0_34_3 -->|DIRECT| NPM__img_sharp_libvips_linux_s390x_1_2_0
  NPM_sharp_0_34_3 -->|DIRECT| NPM__img_sharp_linux_arm_0_34_3
  NPM_sharp_0_34_3 -->|DIRECT| NPM__img_sharp_libvips_darwin_x64_1_2_0
  NPM_sharp_0_34_3 -->|DIRECT| NPM__img_sharp_darwin_arm64_0_34_3
  NPM_sharp_0_34_3 -->|DIRECT| NPM__img_sharp_linux_s390x_0_34_3
  NPM_sharp_0_34_3 -->|DIRECT| NPM__img_sharp_libvips_darwin_arm64_1_2_0
  NPM_sharp_0_34_3 -->|DIRECT| NPM__img_sharp_linuxmusl_x64_0_34_3
  NPM_sharp_0_34_3 -->|DIRECT| NPM__img_sharp_libvips_linuxmusl_x64_1_2_0
  NPM_sharp_0_34_3 -->|DIRECT| NPM__img_sharp_linux_ppc64_0_34_3
  NPM_sharp_0_34_3 -->|DIRECT| NPM__img_sharp_win32_x64_0_34_3
  NPM__img_sharp_linuxmusl_x64_0_34_3 -->|DIRECT| NPM__img_sharp_libvips_linuxmusl_x64_1_2_0
  NPM__img_sharp_linux_ppc64_0_34_3 -->|DIRECT| NPM__img_sharp_libvips_linux_ppc64_1_2_0
Loading

Dependency Changes Introduced

Status Package Change Version Latest Version Advisories License
⚠️ Flagged @img/sharp-libvips-linux-x64 updated 1.0.4 → 1.2.0 1.2.1 None LGPL-3.0-or-later (weak copyleft)
⚠️ Flagged @img/sharp-wasm32 updated 0.33.5 → 0.34.3 0.34.3 None Apache-2.0 AND LGPL-3.0-or-later AND MIT (weak copyleft)
⚠️ Flagged @img/sharp-win32-ia32 updated 0.33.5 → 0.34.3 0.34.3 None Apache-2.0 AND LGPL-3.0-or-later (weak copyleft)
⚠️ Flagged @emnapi/runtime updated 1.4.3 → 1.5.0 1.5.0 None MIT (permissive)
⚠️ Flagged @img/sharp-linuxmusl-x64 updated 0.33.5 → 0.34.3 0.34.3 None Apache-2.0 (permissive)
⚠️ Flagged @img/sharp-libvips-linuxmusl-x64 updated 1.0.4 → 1.2.0 1.2.1 None LGPL-3.0-or-later (weak copyleft)
⚠️ Flagged @img/sharp-linux-ppc64 added 0.34.3 0.34.3 None Apache-2.0 (permissive)
⚠️ Flagged @img/sharp-darwin-x64 updated 0.33.5 → 0.34.3 0.34.3 None Apache-2.0 (permissive)
⚠️ Flagged sharp updated 0.33.5 → 0.34.3 0.34.3 None Apache-2.0 (permissive)
⚠️ Flagged @img/sharp-linux-arm updated 0.33.5 → 0.34.3 0.34.3 None Apache-2.0 (permissive)
⚠️ Flagged @img/sharp-libvips-linux-s390x updated 1.0.4 → 1.2.0 1.2.1 None LGPL-3.0-or-later (weak copyleft)
⚠️ Flagged @img/sharp-libvips-linuxmusl-arm64 updated 1.0.4 → 1.2.0 1.2.1 None LGPL-3.0-or-later (weak copyleft)
⚠️ Flagged @img/sharp-libvips-darwin-arm64 updated 1.0.4 → 1.2.0 1.2.1 None LGPL-3.0-or-later (weak copyleft)
⚠️ Flagged @img/sharp-libvips-linux-arm64 updated 1.0.4 → 1.2.0 1.2.1 None LGPL-3.0-or-later (weak copyleft)
⚠️ Flagged @img/sharp-darwin-arm64 updated 0.33.5 → 0.34.3 0.34.3 None Apache-2.0 (permissive)
⚠️ Flagged @img/sharp-libvips-linux-arm updated 1.0.5 → 1.2.0 1.2.1 None LGPL-3.0-or-later (weak copyleft)
⚠️ Flagged @img/sharp-linux-arm64 updated 0.33.5 → 0.34.3 0.34.3 None Apache-2.0 (permissive)
⚠️ Flagged @img/sharp-win32-arm64 added 0.34.3 0.34.3 None Apache-2.0 AND LGPL-3.0-or-later (weak copyleft)
⚠️ Flagged @img/sharp-libvips-darwin-x64 updated 1.0.4 → 1.2.0 1.2.1 None LGPL-3.0-or-later (weak copyleft)
⚠️ Flagged @img/sharp-linuxmusl-arm64 updated 0.33.5 → 0.34.3 0.34.3 None Apache-2.0 (permissive)
⚠️ Flagged @img/sharp-linux-x64 updated 0.33.5 → 0.34.3 0.34.3 None Apache-2.0 (permissive)
⚠️ Flagged @img/sharp-linux-s390x updated 0.33.5 → 0.34.3 0.34.3 None Apache-2.0 (permissive)
⚠️ Flagged @img/sharp-libvips-linux-ppc64 added 1.2.0 1.2.1 None LGPL-3.0-or-later (weak copyleft)
⚠️ Flagged @img/sharp-win32-x64 updated 0.33.5 → 0.34.3 0.34.3 None Apache-2.0 AND LGPL-3.0-or-later (weak copyleft)
✅ Safe @next/swc-linux-x64-gnu updated 15.2.4 → 15.4.7 15.5.2 None MIT (permissive)
✅ Safe @next/swc-linux-arm64-gnu updated 15.2.4 → 15.4.7 15.5.2 None MIT (permissive)
✅ Safe @next/swc-win32-arm64-msvc updated 15.2.4 → 15.4.7 15.5.2 None MIT (permissive)
✅ Safe @next/swc-darwin-arm64 updated 15.2.4 → 15.4.7 15.5.2 None MIT (permissive)
✅ Safe @next/swc-win32-x64-msvc updated 15.2.4 → 15.4.7 15.5.2 None MIT (permissive)
✅ Safe @next/swc-linux-x64-musl updated 15.2.4 → 15.4.7 15.5.2 None MIT (permissive)
✅ Safe next updated 15.2.4 → 15.4.7 15.5.2 None MIT (permissive)
✅ Safe @next/swc-darwin-x64 updated 15.2.4 → 15.4.7 15.5.2 None MIT (permissive)
✅ Safe @next/swc-linux-arm64-musl updated 15.2.4 → 15.4.7 15.5.2 None MIT (permissive)
✅ Safe @next/env updated 15.2.4 → 15.4.7 15.5.2 None MIT (permissive)
⚠️ Flagged @swc/counter removed 0.1.3 Unknown None Unknown

Scorecard Checks

@img/sharp-libvips-linux-x64:

No security scorecard data available for this package. ⚠️ No security data available for newly added/updated dependency.

@img/sharp-wasm32:

  • Maintained: 10/10
  • Code Review: 1/10 ⚠️ Project does not require human code review before all pull requests (aka merge requests) are merged.

@img/sharp-win32-ia32:

  • Maintained: 10/10
  • Code Review: 1/10 ⚠️ Project does not require human code review before all pull requests (aka merge requests) are merged.

@emnapi/runtime:

  • Maintained: 10/10
  • Code Review: 0/10 ⚠️ Project does not require human code review before all pull requests (aka merge requests) are merged.

@img/sharp-linuxmusl-x64:

  • Maintained: 10/10
  • Code Review: 1/10 ⚠️ Project does not require human code review before all pull requests (aka merge requests) are merged.

@img/sharp-libvips-linuxmusl-x64:

No security scorecard data available for this package. ⚠️ No security data available for newly added/updated dependency.

@img/sharp-linux-ppc64:

  • Maintained: 10/10
  • Code Review: 1/10 ⚠️ Project does not require human code review before all pull requests (aka merge requests) are merged.

@img/sharp-darwin-x64:

  • Maintained: 10/10
  • Code Review: 1/10 ⚠️ Project does not require human code review before all pull requests (aka merge requests) are merged.

sharp:

  • Maintained: 10/10
  • Code Review: 1/10 ⚠️ Project does not require human code review before all pull requests (aka merge requests) are merged.

@img/sharp-linux-arm:

  • Maintained: 10/10
  • Code Review: 1/10 ⚠️ Project does not require human code review before all pull requests (aka merge requests) are merged.

@img/sharp-libvips-linux-s390x:

No security scorecard data available for this package. ⚠️ No security data available for newly added/updated dependency.

@img/sharp-libvips-linuxmusl-arm64:

No security scorecard data available for this package. ⚠️ No security data available for newly added/updated dependency.

@img/sharp-libvips-darwin-arm64:

No security scorecard data available for this package. ⚠️ No security data available for newly added/updated dependency.

@img/sharp-libvips-linux-arm64:

No security scorecard data available for this package. ⚠️ No security data available for newly added/updated dependency.

@img/sharp-darwin-arm64:

  • Maintained: 10/10
  • Code Review: 1/10 ⚠️ Project does not require human code review before all pull requests (aka merge requests) are merged.

@img/sharp-libvips-linux-arm:

No security scorecard data available for this package. ⚠️ No security data available for newly added/updated dependency.

@img/sharp-linux-arm64:

  • Maintained: 10/10
  • Code Review: 1/10 ⚠️ Project does not require human code review before all pull requests (aka merge requests) are merged.

@img/sharp-win32-arm64:

  • Maintained: 10/10
  • Code Review: 1/10 ⚠️ Project does not require human code review before all pull requests (aka merge requests) are merged.

@img/sharp-libvips-darwin-x64:

No security scorecard data available for this package. ⚠️ No security data available for newly added/updated dependency.

@img/sharp-linuxmusl-arm64:

  • Maintained: 10/10
  • Code Review: 1/10 ⚠️ Project does not require human code review before all pull requests (aka merge requests) are merged.

@img/sharp-linux-x64:

  • Maintained: 10/10
  • Code Review: 1/10 ⚠️ Project does not require human code review before all pull requests (aka merge requests) are merged.

@img/sharp-linux-s390x:

  • Maintained: 10/10
  • Code Review: 1/10 ⚠️ Project does not require human code review before all pull requests (aka merge requests) are merged.

@img/sharp-libvips-linux-ppc64:

No security scorecard data available for this package. ⚠️ No security data available for newly added/updated dependency.

@img/sharp-win32-x64:

  • Maintained: 10/10
  • Code Review: 1/10 ⚠️ Project does not require human code review before all pull requests (aka merge requests) are merged.
Files where issues may be found

Dependency Files:

  • yarn.lock

@kusari-inspector rerun - Trigger a re-analysis of this PR
@kusari-inspector feedback [your message] - Send feedback to our AI and team
See Kusari's documentation for setup and configuration.
Commit: 02aa5cd, performed at: 2025-08-30T06:41:23Z

Found this helpful? Give it a 👍 or 👎 reaction!

@funnelfiasco funnelfiasco merged commit 3100d0b into main Sep 2, 2025
3 checks passed
@funnelfiasco funnelfiasco deleted the dependabot/npm_and_yarn/next-15.4.7 branch September 2, 2025 17:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mihaimaruseac mihaimaruseac mihaimaruseac approved these changes

@funnelfiasco funnelfiasco funnelfiasco approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mihaimaruseac @funnelfiasco