build(deps): bump next from 15.5.2 to 15.5.9 in /docs

[dependabot]

Bumps next from 15.5.2 to 15.5.9.

Release notes

Sourced from next's releases.

v15.5.9

Please see the Next.js Security Update for information about this security patch.

v15.5.7

Please see CVE-2025-66478 for additional details about this release.

Commits

• c5de33e v15.5.9
• dd23399 Backport facebook/react#35351 for 15.5.8 (#87086)
• 7526cd6 v15.5.8
• 1e9ec41 Update React Version (#41)
• 16141e5 Update React Version (#30)
• e01e589 Backport Next.js changes to v15.5.8 (#23)
• b2706db lock binaries
• 3eaf68b v15.5.7
• 8367ce5 update version script
• 9115040 Update React Version for Next.js 15.5.7 (#10)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Summary by CodeRabbit

• Chores
  • Updated Next.js framework dependency to version 15.5.9, incorporating the latest performance improvements and stability enhancements.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[changeset-bot]

⚠️ No Changeset found

Latest commit: ca55b0a

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Walkthrough

Updated the Next.js dependency version in the docs package from 15.2.8 to 15.5.9. This is a routine version bump with no changes to other dependencies, scripts, or configuration files.

Changes

Cohort / File(s)	Summary
Dependency Version Update docs/package.json	Bumped Next.js from 15.2.8 to 15.5.9

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~1 minute

Possibly related PRs

• Security Fixes and Package updates 22 Mar 2025 #951: Previous Next.js version bump (15.1.2 → 15.2.3) in docs/package.json
• fix: RSC vulnerability #1648: Prior Next.js update to 15.2.8 in docs/package.json
• Aug 1 2025 - Security Fixes #1283: Earlier Next.js version modification in docs/package.json

Poem

🐰 Hops of joy for version bounds,
Next.js climbs to 15.5 rounds,
Patched and polished, smooth and fast,
One small bump, a gentle cast! ✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: bumping the Next.js dependency from 15.5.2 to 15.5.9 in the /docs directory, which aligns perfectly with the file modification.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch dependabot/npm_and_yarn/docs/next-15.5.9

---

📜 Recent review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1a80d9b and ca55b0a.

⛔ Files ignored due to path filters (2)

• docs/package-lock.json is excluded by !**/package-lock.json
• docs/pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (1)

• docs/package.json (1 hunks)

🧰 Additional context used

🧠 Learnings (1)

📓 Common learnings

Learnt from: kotAPI
Repo: rad-ui/ui PR: 640
File: .github/workflows/build-rad-ui.yml:5-5
Timestamp: 2024-12-14T02:25:41.034Z
Learning: In the `rad-ui/ui` repository, the `security-fixes` branch only updates dependencies, so linting and Chromatic workflows are not required for this branch.

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: coverage

🔇 Additional comments (1)

docs/package.json (1)

32-32: Approve: Security update to Next.js 15.5.9.

The version bump to 15.5.9 addresses security vulnerabilities mentioned in the PR (including CVE-2025-66478 from v15.5.7). The exact version pinning is good for reproducibility, and the change is minimal and focused.

Please verify the following before merging:

1. Breaking changes: Confirm that the jump from 15.2.8 to 15.5.9 introduces no breaking changes affecting the docs app. You can check the Next.js upgrade guide and release notes for v15.3, v15.4, and v15.5.

2. Build & runtime verification: Ensure the docs app builds and runs successfully with Next.js 15.5.9:

   cd docs && pnpm install && pnpm build && pnpm start

3. Dependency compatibility: Verify that @next/mdx@^15.2.0 (which uses a caret range) is compatible with Next.js 15.5.9. If issues arise, the range may need to be updated to ^15.5.0.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Coverage

This report compares the PR with the base branch. "Δ" shows how the PR affects each metric.

Metric	PR	Δ
Statements	83.79%	+0.00%
Branches	60.43%	+0.00%
Functions	66.39%	+0.00%
Lines	82.44%	+0.00%

Coverage improved or stayed the same. Great job!

Run npm run coverage locally for detailed reports and target untested areas to raise these numbers.