chore(deps): upgrade nextjs 15

[mtlaso]

Summary by CodeRabbit

• Chores
  • Updated Next.js framework dependency to a newer canary release, which may include performance and stability improvements.
  • Removed several experimental feature flags to simplify runtime behavior.
  • Adjusted TypeScript configuration: switched JSX runtime to the newer setting and expanded included type declarations to cover additional build artifacts.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Review	Updated (UTC)
bocal	Ignored	Preview	Dec 17, 2025 7:44am

[coderabbitai]

Walkthrough

Updated Next.js canary dependency from 15.4.2-canary.27 to 15.6.0-canary.60, removed three experimental configuration flags (clientSegmentCache, devtoolSegmentExplorer, turbopackPersistentCaching) from the experimental block, and changed TypeScript JSX mode to react-jsx while adding .next/dev/types/**/*.ts to the include array.

Changes

Cohort / File(s)	Summary
Next.js Configuration Update next.config.ts	Removed three experimental flags: clientSegmentCache, devtoolSegmentExplorer, and turbopackPersistentCaching from the experimental configuration block.
Dependency Version Bump package.json	Updated next dependency from 15.4.2-canary.27 → 15.6.0-canary.60.
TypeScript Configuration Update tsconfig.json	Changed "jsx" from "preserve" → "react-jsx", expanded include to add ".next/dev/types/**/*.ts", and reformatted the include array.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

• Check compatibility of react-jsx with project React/renderer setup and build pipeline.
• Verify the removed experimental flags are not relied upon anywhere (runtime checks, feature gates, docs).
• Confirm the added .next/dev/types/**/*.ts path resolves and doesn't conflict with other type declarations.

Possibly related PRs

• feat: utiliser nouvelle fonctionnalites de nextjs #237: Previously added the same experimental flags (clientSegmentCache, devtoolSegmentExplorer, turbopackPersistentCaching) that this PR removes.
• chore(deps): bump next #246: Earlier bump of the next canary dependency; related to the version progression updated here.
• feat: ajout ppr et skeletons #107: Modified Next.js experimental configuration in next.config.ts with different experimental flags — related configuration changes.

Poem

🐰 A tidy hop through config and code,
Flags tucked away down a quieter road,
Canary upgraded, JSX anew,
Types find corners they once never knew,
A rabbit cheers — build happy and true!

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately reflects the main changes: upgrading Next.js version and updating configuration. It's concise, clear, and directly related to the primary changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch nextjs-update-sec

---

📜 Recent review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 156acd8 and bdd1410.

📒 Files selected for processing (1)

• tsconfig.json (2 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• tsconfig.json

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 648d09c and 156acd8.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (3)

• next.config.ts (0 hunks)
• package.json (1 hunks)
• tsconfig.json (1 hunks)

💤 Files with no reviewable changes (1)

• next.config.ts

🧰 Additional context used

🧠 Learnings (1)

📓 Common learnings

Learnt from: mtlaso
Repo: mtlaso/bocal PR: 297
File: src/app/[locale]/layout.tsx:61-65
Timestamp: 2025-12-17T07:26:49.098Z
Learning: In Next.js 16 with cacheComponents: true enabled, next-intl requires wrapping components that access request-scoped data (like locale from params or call setRequestLocale) in Suspense boundaries. This includes wrapping BaseLayout in Suspense in the root layout at src/app/[locale]/layout.tsx when using next-intl with cacheComponents, even though it renders the root <html> and <body> structure.

🪛 GitHub Actions: Create/Delete Branch for Pull Request

tsconfig.json

[error] 1-1: File content differs from formatting output. Formatting check reported a mismatch for tsconfig.json during 'biome ci .' run.

🔇 Additional comments (2)

tsconfig.json (2)

18-18: LGTM! JSX setting aligns with React 19.

The change from "preserve" to "react-jsx" is appropriate for React 19, as it uses the automatic JSX runtime without requiring explicit React imports.

---

36-36: LGTM! Development types path addition.

Adding ".next/dev/types/**/*.ts" enables TypeScript to include Next.js 15 development-mode type definitions, improving the development experience.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Use the patched version 15.6.0-canary.60, but only for non-production environments.

The version 15.6.0-canary.60 includes fixes for security vulnerabilities including CVE-2025-55184 (high-severity Denial of Service) and CVE-2025-55183 (medium-severity Source Code Exposure), as well as the earlier CVE-2025-55182 (CVSS 10.0 RCE). However, only stable releases are suitable for production. If you are using PPR (Partial Pre-Rendering), stay in the current Next.js 15 canary you are using, otherwise consider upgrading to a stable 15.x release once available. Be aware that Next.js 15 includes breaking changes from prior versions.

🤖 Prompt for AI Agents

package.json lines 51: the current change pins "next" to the canary
15.6.0-canary.60 which should only be used for non-production; update
package.json so production installs use a stable 15.x release (e.g., set "next"
to the intended stable 15.x version or leave as a production-safe range), move
15.6.0-canary.60 into a separate dev-only entry (e.g., devDependencies or a
named "next-canary" field), and adjust CI/build scripts to select the canary
only when NODE_ENV or an explicit flag indicates non-production or when your app
requires PPR—if you must keep the canary for PPR, document that in README and
gate its use behind an environment variable so production never installs the
canary.

[github-actions]

Vercel Preview URL 🚀 : https://bocal-kkadfs46w-euuuuhs-projects.vercel.app
Neon branch 🐘 : https://console.neon.tech/app/projects/frosty-hall-86222769/branches/br-frosty-dew-a4m3g6dp