Update Next.js version

[MananTank]

---

PR-Codex overview

This PR focuses on updating various dependencies across multiple package.json files, primarily upgrading the next version from 15.3.6 to 15.3.8, and updating @next/eslint-plugin-next and @next/mdx to their latest versions.

Detailed summary

• Updated next from 15.3.6 to 15.3.8 in:
  • packages/ui/package.json
  • apps/wallet-ui/package.json
  • apps/portal/package.json
  • apps/playground-web/package.json
  • apps/nebula/package.json
  • apps/dashboard/package.json
• Updated @next/eslint-plugin-next from 15.3.6 to 15.3.8 in:
  • apps/wallet-ui/package.json
  • apps/playground-web/package.json
  • apps/nebula/package.json
  • apps/dashboard/package.json
• Updated @next/mdx from 15.3.6 to 15.3.8 in apps/portal/package.json
• Updated pnpm-lock.yaml to reflect the changes in dependency versions.

The following files were skipped due to too many changes: pnpm-lock.yaml

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

Summary by CodeRabbit

• Chores
  • Bumped Next.js and related Next packages (minor/patch updates) across multiple apps and packages for stability and consistency.
  • Normalized package manifest formatting across projects; no functional or public API changes introduced.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
docs-v2	Ready	Preview	Comment	Dec 12, 2025 11:18am
nebula	Ready	Preview	Comment	Dec 12, 2025 11:18am
thirdweb_playground	Ready	Preview	Comment	Dec 12, 2025 11:18am
thirdweb-www	Ready	Preview	Comment	Dec 12, 2025 11:18am
wallet-ui	Ready	Preview	Comment	Dec 12, 2025 11:18am

[changeset-bot]

⚠️ No Changeset found

Latest commit: d365efe

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Walkthrough

Bumps Next.js-related packages from 15.3.6 → 15.3.8 across several app and package package.json files; some files include cosmetic reformatting/indentation changes. No application code or public API signatures were modified.

Changes

Cohort / File(s)	Summary
Next.js-related dependency bumps apps/dashboard/package.json, apps/nebula/package.json, apps/playground-web/package.json, apps/portal/package.json, apps/wallet-ui/package.json, packages/ui/package.json	Updated next from 15.3.6 → 15.3.8. Several manifests also updated related @next/* packages (e.g., @next/eslint-plugin-next, @next/mdx) and applied cosmetic reformatting/indentation. No changes to code, control flow, or exported/public API signatures.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

• Verify all intended package.json files were updated consistently to 15.3.8.
• Check related @next/* versions for mismatches across packages.
• Confirm formatting diffs are cosmetic and scripts/other fields are unchanged.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main change: updating Next.js version across multiple package.json files.
Description check	✅ Passed	The PR description largely follows the template with a detailed PR-Codex overview that clearly explains the dependency updates, though it lacks explicit 'Notes for the reviewer' and 'How to test' sections.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch 12-12-update_next.js_version

Warning

Review ran into problems

🔥 Problems

Errors were encountered while retrieving linked issues.

Errors (1)

• TEAM-0000: Entity not found: Issue - Could not find referenced Issue.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[MananTank]

• Update Next.js version #8545 👈 (View in Graphite)
• main

---

How to use the Graphite Merge Queue

Add either label to this PR to merge it via the merge queue:

• merge-queue - adds this PR to the back of the merge queue
• hotfix - for urgent hot fixes, skip the queue and merge this PR next

You must have a Graphite account in order to use the merge queue. Sign up using this link.

An organization admin has enabled the Graphite Merge Queue in this repository.

Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue.

This stack of pull requests is managed by Graphite. Learn more about stacking.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 54.67%. Comparing base (1558b48) to head (d365efe).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #8545   +/-   ##
=======================================
  Coverage   54.67%   54.67%           
=======================================
  Files         921      921           
  Lines       61163    61163           
  Branches     4153     4153           
=======================================
  Hits        33439    33439           
  Misses      27622    27622           
  Partials      102      102           

Flag	Coverage Δ
packages	54.67% <ø> (ø)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	eslint-config-next@​15.3.6 ⏵ 15.3.8	+1			+1
	@​next/​eslint-plugin-next@​15.3.6 ⏵ 15.3.8
	next@​15.3.6 ⏵ 15.3.8	+11	+17		+1
	@​next/​bundle-analyzer@​15.3.6 ⏵ 15.3.8
	@​next/​mdx@​15.3.6 ⏵ 15.3.8

View full report

[coderabbitai]

Actionable comments posted: 5

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 1558b48 and 319aa22.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (6)

• apps/dashboard/package.json (1 hunks)
• apps/nebula/package.json (1 hunks)
• apps/playground-web/package.json (1 hunks)
• apps/portal/package.json (1 hunks)
• apps/wallet-ui/package.json (1 hunks)
• packages/ui/package.json (1 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

**/*.{js,jsx,ts,tsx,json}

📄 CodeRabbit inference engine (AGENTS.md)

Biome governs formatting and linting; its rules live in biome.json. Run pnpm fix & pnpm lint before committing, ensure there are no linting errors

Files:

• apps/portal/package.json
• apps/dashboard/package.json
• apps/wallet-ui/package.json
• apps/nebula/package.json
• packages/ui/package.json
• apps/playground-web/package.json

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (8)

• GitHub Check: E2E Tests (pnpm, esbuild)
• GitHub Check: E2E Tests (pnpm, vite)
• GitHub Check: Unit Tests
• GitHub Check: Size
• GitHub Check: Build Packages
• GitHub Check: E2E Tests (pnpm, webpack)
• GitHub Check: Lint Packages
• GitHub Check: Analyze (javascript)

🔇 Additional comments (1)

packages/ui/package.json (1)

28-28: Security patch bump to next@15.3.8 addresses React Server Components vulnerabilities (CVE-2025-55184, CVE-2025-55183, CVE-2025-67779).

Appropriate for App Router apps. No other @next/* tooling versions in this manifest to keep in sync.

[github-actions]

size-limit report 📦

Path	Size
@thirdweb-dev/nexus (esm)	105.66 KB (0%)
@thirdweb-dev/nexus (cjs)	319.47 KB (0%)

[graphite-app]

Merge activity

• Dec 12, 11:05 AM UTC: MananTank added this pull request to the Graphite merge queue.
• Dec 12, 11:19 AM UTC: Merged by the Graphite merge queue.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

apps/dashboard/package.json (1)

55-113: Consider moving prettier to devDependencies (if not required at runtime).
Keeping it in "dependencies" increases the runtime install surface for the app; if it’s only used by tooling, devDependencies is the more typical placement.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 2c55d38 and d365efe.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (6)

• apps/dashboard/package.json (1 hunks)
• apps/nebula/package.json (1 hunks)
• apps/playground-web/package.json (1 hunks)
• apps/portal/package.json (3 hunks)
• apps/wallet-ui/package.json (2 hunks)
• packages/ui/package.json (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (5)

• packages/ui/package.json
• apps/wallet-ui/package.json
• apps/nebula/package.json
• apps/portal/package.json
• apps/playground-web/package.json

🧰 Additional context used

📓 Path-based instructions (1)

**/*.{js,jsx,ts,tsx,json}

📄 CodeRabbit inference engine (AGENTS.md)

Biome governs formatting and linting; its rules live in biome.json. Run pnpm fix & pnpm lint before committing, ensure there are no linting errors

Files:

• apps/dashboard/package.json

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (8)

• GitHub Check: Unit Tests
• GitHub Check: E2E Tests (pnpm, webpack)
• GitHub Check: E2E Tests (pnpm, esbuild)
• GitHub Check: Size
• GitHub Check: Lint Packages
• GitHub Check: E2E Tests (pnpm, vite)
• GitHub Check: Build Packages
• GitHub Check: Analyze (javascript)

🔇 Additional comments (3)

apps/dashboard/package.json (3)

2-113: Next.js + @next/ patch versions are aligned (15.3.8).*
This matches the intended coordinated upgrade across Next-related tooling.

---

1-132: Please ensure repo-level pnpm fix / pnpm lint is clean after manifest changes.
Biome governs JSON formatting/linting here; worth double-checking CI parity.

---

119-125: The bundle analyzer is correctly gated and cannot be accidentally enabled during dev. The next.config.ts file loads withBundleAnalyzer only when NODE_ENV === "production" (line 226), and even then, it requires process.env.ANALYZE === "true" (line 229). Since "dev": "next dev --turbopack" runs in development mode and does not set the ANALYZE variable, the analyzer will not be active during normal development. The "build:analyze" script correctly sets ANALYZE=true before building, allowing the analyzer to run only in that specific context.