deps: bump the dependencies-minor group across 1 directory with 3 updates

[dependabot]

Bumps the dependencies-minor group with 3 updates in the / directory: next, zod and eslint-config-next.

Updates next from 15.3.0 to 15.3.1

Release notes

Sourced from next's releases.

v15.3.1

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• chore: Backport SWC-based RC optimization (#78260)
• fix: bump [email protected] (#78164)

Credits

Huge thanks to @​kdy1 and @​styfle for helping!

v15.3.1-canary.13

Core Changes

• @next/mdx: Use stable turbopack config options: #78261
• Upgrade React from b04254fd-20250415 to 4a36d3ea-20250416: #78297

Misc Changes

• Turbopack: fix duplicate unsupported edge import modules: #78236
• Turbopack: Include Next.js version in panic handler report: #78263

Credits

Huge thanks to @​wbinnssmith and @​mischnic for helping!

v15.3.1-canary.12

Core Changes

• fix: alternate bundler support for dropping client pages in AMP: #77601
• [errors] refactor default global-error into a separate file: #78182
• [metadata] render streaming metadata on the top level: #77620
• [metadata] skip head cache in default slot: #78206

Misc Changes

• Docs IA 2.0: Move Production Checklist under Guides: #78240
• Docs: Fix nav item lettercasing for multi-zones: #78250
• [docs] fix function signature of og image: #78277
• Turbopack: dedupe additional traced references: #78241
• Update Turbopack development test manifest: #78274
• [test] Improve coverage for fetch errors in Edge runtime: #78257
• Update Turbopack production test manifest: #78273

Credits

Huge thanks to @​delbaoliveira, @​ScriptedAlchemy, @​huozhi, @​mischnic, and @​eps1lon for helping!

... (truncated)

Commits

• fa536cf v15.3.1
• 256e6f0 update learn allow branch
• 84e103b chore: Backport SWC-based RC optimization (#78260)
• a9e7a24 fix: bump [email protected] (#78149) (#78164)
• db5c9b6 [test] Activity has types and supports react-server (#78196)
• See full diff in compare view

Updates zod from 3.24.2 to 3.24.3

Release notes

Sourced from zod's releases.

v3.24.3

Main feature: massive tsc performance improvement in .extend() courtesy of @​Andarist: #4150

Commits:

• de1f090c98b40884aafc4f324010ab484da2be1e Switch to featured sponsors (#4001)
• eea05ae3dab628e7a834397414e5145e935e418b Fix headers (#4003)
• 446644f1095667f9bd6c1704ddbd35854d5ef132 Tweak feature layout (#4008)
• 1d6e1cb842ece3b2d4d583da126bc22f26367623 docs(README): add GQLoom to tools and integrations section (#3995)
• e2b9a5f9ac67d13ada61cd8e4b1385eb850c7592 Update feature (#4009)
• 0b5d29e5d9524ab9d5f08c12651a3385462298d1 Feature Mintlify (#4014)
• 47dbb2dbf3e611db08e84d6c13f66f19427c8172 Update mintlify feature (#4015)
• 69d8436f36db10d256c01da333754ea1e33d1708 Add Clerk fellowship mention (#4020)
• 850871defc2c98928f1c7e8e05e93d4a84ed3c5f Fix table format
• f204123863a3524a5659ec696ffd38952e20e4ac WIP (#4028)
• 5041dfa3521ec98066e60f97681adf9604b66e52 WIP (#4045)
• cb2b8577665d7ce2214d20b10b49c4be7deef7a0 docs: add TanStack Form to Ecosystem/Form integrations (#4055)
• 099fe85fbb5b6f8434f22ee3dbfc8a6d26b54019 docs: add oRPC to Ecosystem (#4042)
• b999b4bf340480d64bc7fef1ca5ab56b29430eca docs: Remove outdated doc 'avoid coercions that throw uncaught errors' (#4005)
• 19c6d2e2c497b2d2498cc3f9db142965617e7c2c docs: update README_KO (#4025)
• 1061293a18c8a698b082c8a4e2a65ebd3333d543 WIP (#4060)
• 07ff0da057f4df2aab299a454735d8398b4c0b54 Update link
• 4c7d8e503a324e7a9873d4c17af2a19738c63364 Update Fern art/link (#4062)
• 91dcd30ff85f92bc2140c26d7b1294e394ff0ea4 removed unnecessary console logs (#4059)
• 859ad2495e3d24559d3c8e33a00cf56e2dbaa16a Update alt tag for Retool and Stainless URL (#4071)
• 220aeda3b63460ab02b2187e460665a4bcb2572e Fix images
• b865062bf3fe086a26a8b8a52116653f570eb9bc update readme.md with zod-csv library (#4021)
• 0615af80451fe42da3c04c76b5c4b2b4a5260267 Fix formatting
• 12e58668345116601453392e2c8237acde7a5b39 Add zod 4 beta anno (#4081)
• faac697f27ba56023d5384564fc594f98c589915 Fix CI
• 8cca93b7cc3f8c5fa17303bbb82d5c531ec24f33 Fix CI
• d114394027b76c56e389d00292f5f92f137e5553 Added FullProduct.dev to 'Powered by Zod' in Ecosystem section (#4131)
• a801ddd380196778e45a59920f167bfab8f32106 Fix broken logo link (#3974)
• 8fc309a8000493a86d60a8a31cb9d73850f427dc Add packages/docs
• bfd0913f08d77b0e6d1633bc0f21b56712e37720 Remove packages/docs
• 3e602d43124220ae0001ae761f76ff117cc2f741 Optimize extendShape (#4150)
• 06db7f855f49f75acc7d53ec0d7c4cd3b4dcaa17 3.24.3
• a18d25b297d1a47dca8f1701afb18079c05e1e4c add back packages/docs

Commits

• a18d25b add back packages/docs
• 06db7f8 3.24.3
• 3e602d4 Optimize extendShape (#4150)
• bfd0913 Remove packages/docs
• 8fc309a Add packages/docs
• a801ddd Fix broken logo link (#3974)
• d114394 Added FullProduct.dev to 'Powered by Zod' in Ecosystem section (#4131)
• 8cca93b Fix CI
• faac697 Fix CI
• 12e5866 Add zod 4 beta anno (#4081)
• Additional commits viewable in compare view

Updates eslint-config-next from 15.3.0 to 15.3.1

Release notes

Sourced from eslint-config-next's releases.

v15.3.1

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• chore: Backport SWC-based RC optimization (#78260)
• fix: bump [email protected] (#78164)

Credits

Huge thanks to @​kdy1 and @​styfle for helping!

v15.3.1-canary.13

Core Changes

• @next/mdx: Use stable turbopack config options: #78261
• Upgrade React from b04254fd-20250415 to 4a36d3ea-20250416: #78297

Misc Changes

• Turbopack: fix duplicate unsupported edge import modules: #78236
• Turbopack: Include Next.js version in panic handler report: #78263

Credits

Huge thanks to @​wbinnssmith and @​mischnic for helping!

v15.3.1-canary.12

Core Changes

• fix: alternate bundler support for dropping client pages in AMP: #77601
• [errors] refactor default global-error into a separate file: #78182
• [metadata] render streaming metadata on the top level: #77620
• [metadata] skip head cache in default slot: #78206

Misc Changes

• Docs IA 2.0: Move Production Checklist under Guides: #78240
• Docs: Fix nav item lettercasing for multi-zones: #78250
• [docs] fix function signature of og image: #78277
• Turbopack: dedupe additional traced references: #78241
• Update Turbopack development test manifest: #78274
• [test] Improve coverage for fetch errors in Edge runtime: #78257
• Update Turbopack production test manifest: #78273

Credits

Huge thanks to @​delbaoliveira, @​ScriptedAlchemy, @​huozhi, @​mischnic, and @​eps1lon for helping!

... (truncated)

Commits

• fa536cf v15.3.1
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
arcjet-js-example	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Apr 18, 2025 3:42am

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	eslint-config-next@​15.3.0 ⏵ 15.3.1
	next@​15.3.0 ⏵ 15.3.1	+1		+1
	zod@​3.24.2 ⏵ 3.24.3

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert (click for details)
Warn		[email protected] has a License Policy Violation. License: CC-BY-SA-4.0 (package/dist/compiled/glob/LICENSE) Source: package-lock.json Source: package.json ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.