Bump next from 15.1.9 to 15.4.8

[dependabot[bot]]

Bumps next from 15.1.9 to 15.4.8.

Release notes

Sourced from next's releases.

v15.4.8

Please see CVE-2025-66478 for additional details about this release.

v15.3.6

Please see CVE-2025-66478 for additional details about this release.

v15.2.6

Please see CVE-2025-66478 for additional details about this release.

Commits

• 4966847 v15.4.8
• bf8d31c update version script
• bed530f Update React Version for Next.js 15.4.8 (#9)
• 4309d93 update tag
• 17e6873 [backport]: experimental.middlewareClientMaxBodySize (#84722)
• 4da39f2 [backport] fix: unstable_cache should perform blocking revalidation during IS...
• f30d815 v15.4.7
• 1a026e3 fix router handling when setting a location response header (#82588)
• be4aafd v15.4.6
• 91e5b6b Backport "fix: add ?dpl to fonts in /_next/static/media (#82384)" (#82421)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

[github-actions[bot]]

Size changes

📦 Next.js Bundle Analysis for react-dev

This analysis was generated by the Next.js Bundle Analysis action. 🤖

🎉 Global Bundle Size Decreased

Page	Size (compressed)
global	110.18 KB (🟢 -375 B)

Details

The global bundle is the javascript bundle that loads alongside every page. It is in its own category because its impact is much higher - an increase to its size means that every page on your website loads slower, and a decrease means every page loads faster.

Any third party scripts you have added directly to your app using the <script> tag are not accounted for in this analysis

If you want further insight into what is behind the changes, give @next/bundle-analyzer a try!

Six Pages Changed Size

The following pages changed size from the code in this PR compared to its base branch:

Page	Size (compressed)	First Load
/404	130.76 KB (🟡 +2.64 KB)	240.95 KB
/500	130.77 KB (🟡 +2.64 KB)	240.96 KB
/[[...markdownPath]]	133.2 KB (🟡 +2.64 KB)	243.39 KB
/_error	180 B (🟢 -10 B)	110.36 KB
/errors	131.01 KB (🟡 +2.64 KB)	241.2 KB
/errors/[errorCode]	130.99 KB (🟡 +2.64 KB)	241.18 KB

Details

Only the gzipped size is provided here based on an expert tip.

First Load is the size of the global bundle plus the bundle for the individual page. If a user were to show up to your website and land on a given page, the first load size represents the amount of javascript that user would need to download. If next/link is used, subsequent page loads would only need to download that page's bundle (the number in the "Size" column), since the global bundle has already been downloaded.

Any third party scripts you have added directly to your app using the <script> tag are not accounted for in this analysis

Next to the size is how much the size has increased or decreased compared with the base branch of this PR. If this percentage has increased by 10% or more, there will be a red status indicator applied, indicating that special attention should be given to this.