Bump the npm_and_yarn group across 1 directory with 7 updates (#40)

[LCSOGthb]

Bumps the npm_and_yarn group with 7 updates in the / directory:

Package	From	To
next	15.5.9	15.5.14

Updates next from 15.5.9 to 15.5.14

• Release notes
• Changelog
• Commits

Updates brace-expansion from 1.1.12 to 1.1.13

• Release notes
• Commits

Updates minimatch from 3.1.2 to 3.1.5

• Changelog
• Commits

Updates ajv from 6.12.6 to 6.14.0

• Release notes
• Commits

Updates flatted from 3.3.3 to 3.4.2

• Commits

Updates picomatch from 2.3.1 to 2.3.2

• Release notes
• Changelog
• Commits

Updates picomatch from 4.0.3 to 4.0.4

• Release notes
• Changelog
• Commits

Updates undici from 7.18.2 to 7.24.4

• Release notes
• Commits

---

updated-dependencies:

• dependency-name: next dependency-version: 15.5.14 dependency-type: direct:production dependency-group: npm_and_yarn
• dependency-name: brace-expansion dependency-version: 1.1.13 dependency-type: indirect dependency-group: npm_and_yarn
• dependency-name: minimatch dependency-version: 3.1.5 dependency-type: indirect dependency-group: npm_and_yarn
• dependency-name: ajv dependency-version: 6.14.0 dependency-type: indirect dependency-group: npm_and_yarn
• dependency-name: flatted dependency-version: 3.4.2 dependency-type: indirect dependency-group: npm_and_yarn
• dependency-name: picomatch dependency-version: 2.3.2 dependency-type: indirect dependency-group: npm_and_yarn
• dependency-name: picomatch dependency-version: 4.0.4 dependency-type: indirect dependency-group: npm_and_yarn
• dependency-name: undici dependency-version: 7.24.4 dependency-type: indirect dependency-group: npm_and_yarn ...

---

Summary by Sourcery

Update frontend dependencies to newer versions.

Build:

• Bump Next.js from 15.5.9 to 15.5.14 in package.json and lockfile.
• Upgrade wrangler from 4.59.3 to 4.80.0 and refresh transitive npm dependencies in package-lock.json.

[netlify]

✅ Deploy Preview for lsngames ready!

Name	Link
🔨 Latest commit	ee8e78b
🔍 Latest deploy log	https://app.netlify.com/projects/lsngames/deploys/6a110568fa460900080bee9e
😎 Deploy Preview	https://deploy-preview-42--lsngames.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
games	Error		May 23, 2026 1:39am

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: ed22dff9-623f-44b3-8f76-dc284354ba65

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• ✅ Review completed - (🔄 Check again to review again)

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch main

✨ Simplify code

• Create PR with simplified code
• Commit simplified code in branch main

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[difflens]

View changes in DiffLens

[difflens]

View changes in DiffLens

[what-the-diff]

PR Summary

• Upgrade of next dependency
  The version of next, which is a tool our developers use to create more beneficial features for our products, has been updated. This means we can take advantage of the latest improvements in efficiency and security.

• Update of wrangler dependency
  The wrangler version has also been updated. wrangler is a tool that helps our team manage and deploy our software. So an upgrade means smoother, more reliable deployments of our updates and new features.

[deepsource-io]

DeepSource Code Review

We reviewed changes in 5e14add...ee8e78b on this pull request. Below is the summary for the review, and you can see the individual issues we found as inline review comments.

See full review on DeepSource ↗

Code Review Summary

Analyzer	Status	Updated (UTC)	Details
JavaScript		May 23, 2026 1:39a.m.	Review ↗
Python		May 23, 2026 1:39a.m.	Review ↗
Rust		May 23, 2026 1:39a.m.	Review ↗
Secrets		May 23, 2026 1:39a.m.	Review ↗
Ruby		May 23, 2026 1:39a.m.	Review ↗
Shell		May 23, 2026 1:39a.m.	Review ↗
Scala		May 23, 2026 1:39a.m.	Review ↗
SQL		May 23, 2026 1:39a.m.	Review ↗
Terraform		May 23, 2026 1:39a.m.	Review ↗
Code coverage		May 23, 2026 1:39a.m.	Review ↗
Swift		May 23, 2026 1:39a.m.	Review ↗
C & C++		May 23, 2026 1:39a.m.	Review ↗
C#		May 23, 2026 1:39a.m.	Review ↗
Ansible		May 23, 2026 1:39a.m.	Review ↗

---

Important

AI Review is run only on demand for your team. We're only showing results of static analysis review right now. To trigger AI Review, comment @deepsourcebot review on this thread.

[kilo-code-bot]

Code Review Summary

Status: No Issues Found | Recommendation: Merge

Files Reviewed (2 files)

• package.json - dependency version updates
• package-lock.json - generated lockfile (skipped per review guidelines)

---

_{Reviewed by laguna-m.1-20260312:free · 195,308 tokens}

[sourcery-ai]

Reviewer's guide (collapsed on small PRs)

Reviewer's Guide

This PR updates the main Next.js runtime dependency and the Wrangler dev tool to newer patch/minor versions, and refreshes the lockfile to pull in the latest compatible transitive packages (including glob/matching, schema validation, and HTTP client libraries).

File-Level Changes

Change	Details	Files
Update Next.js app runtime to latest 15.5.x and refresh related lockfile entries.	Bump direct dependency next from 15.5.9 to 15.5.14 in package.json. Update package-lock.json to resolve Next.js and its transitive dependencies to versions compatible with 15.5.14, including small patch updates like picomatch, minimatch, ajv, flatted, brace-expansion, and undici.	package.json package-lock.json
Update Wrangler dev tooling and regenerate lockfile.	Bump devDependency wrangler from 4.59.3 to 4.80.0 in package.json. Refresh package-lock.json entries for wrangler and any of its transitive dependencies to align with version 4.80.0.	package.json package-lock.json

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[difflens]

View changes in DiffLens

[devin-ai-integration]

Devin Review found 1 potential issue.

[devin-ai-integration]

🚩 package-lock.json not updated alongside package.json

The PR bumps version ranges in package.json but the diff does not include changes to package-lock.json. Since package-lock.json exists in the repo, it should ideally be regenerated to reflect the new minimum versions. With the caret ranges, the lockfile may still pin older versions (e.g., next@15.5.9 or wrangler@4.59.3) until someone runs npm install. This means the version bump in package.json may have no practical effect on CI or deployments that rely on the lockfile.

---

Was this helpful? React with 👍 or 👎 to provide feedback.

[gemini-code-assist]

Code Review

This pull request updates the next and wrangler dependencies to versions 15.5.14 and 4.80.0, respectively, along with a comprehensive update of the lockfile. Feedback highlights a potential compatibility issue where the new wrangler version introduces a transitive dependency on undici requiring Node.js >=20.18.1, which may conflict with existing environment configurations. Additionally, it is recommended to update eslint-config-next to maintain parity with the next package and to explicitly add zod to the project's dependencies if it was previously relied upon via miniflare's hoisting.

[gemini-code-assist]

The update to wrangler@^4.80.0 introduces a transitive dependency on undici@7.24.4 (via miniflare), which requires Node.js >=20.18.1. This conflicts with wrangler's own engine requirement of >=20.3.0. This discrepancy may cause installation failures or runtime errors in environments using older Node.js 20 versions (e.g., CI/CD runners or local dev environments on 20.10.0). It is recommended to verify that your environment meets the undici requirement.

[gemini-code-assist]

The next package is being updated to ^15.5.14, but eslint-config-next (line 20) remains pinned at 15.3.4. It is a best practice to keep these two packages in sync to ensure that the ESLint rules are compatible with the version of Next.js being used. Consider updating eslint-config-next to match the new Next.js version.

[gemini-code-assist]

The update to miniflare (version 4.20260401.0) removes zod from its direct dependencies. If the project source code relies on zod being available via hoisting from miniflare, this change will break the build. If zod is used in the project, it should be explicitly added to the dependencies or devDependencies in package.json.

[sourcery-ai]

Hey - I've left some high level feedback:

• Since next is being bumped to 15.5.x, consider updating eslint-config-next to the corresponding 15.5.x range as well to keep lint rules aligned with the framework version and avoid subtle mismatches.
• The wrangler jump from 4.59.x to 4.80.x can include config/CLI behaviour changes; it may be worth briefly scanning the Wrangler release notes for any required updates to your wrangler.toml or deployment scripts that rely on the CLI.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- Since `next` is being bumped to 15.5.x, consider updating `eslint-config-next` to the corresponding 15.5.x range as well to keep lint rules aligned with the framework version and avoid subtle mismatches.
- The `wrangler` jump from 4.59.x to 4.80.x can include config/CLI behaviour changes; it may be worth briefly scanning the Wrangler release notes for any required updates to your `wrangler.toml` or deployment scripts that rely on the CLI.

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}