Skip to content

chore(deps)(deps): bump next from 16.0.11 to 16.2.3#284

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot-npm_and_yarn-next-16.2.3
Closed

chore(deps)(deps): bump next from 16.0.11 to 16.2.3#284
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot-npm_and_yarn-next-16.2.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 8, 2026

Copy link
Copy Markdown
Contributor

Bumps next from 16.0.11 to 16.2.3.

Release notes

Sourced from next's releases.

v16.2.3

[!NOTE] This release is backporting security and bug fixes. For more information about the fixed security vulnerability, please see https://vercel.com/changelog/summary-of-cve-2026-23869. The release does not include all pending features/changes on canary.

Core Changes

  • Ensure app-page reports stale ISR revalidation errors via onRequestError (#92282)
  • Fix [Bug]: manifest.ts breaks HMR in Next.js 16.2 (#91981 through #92273)
  • Deduplicate output assets and detect content conflicts on emit (#92292)
  • Fix styled-jsx race condition: styles lost due to concurrent rendering (#92459)
  • turbo-tasks-backend: stability fixes for task cancellation and error handling (#92254)

Credits

Huge thanks to @​icyJoseph, @​sokra, @​wbinnssmith, @​eps1lon and @​ztanner for helping!

v16.2.2

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • backport: Move expanded adapters docs to API reference (#92115) (#92129)
  • Backport: TypeScript v6 deprecations for baseUrl and moduleResolution (#92130)
  • [create-next-app] Skip interactive prompts when CLI flags are provided (#91840)
  • next.config.js: Accept an option for serverFastRefresh (#91968)
  • Turbopack: enable server HMR for app route handlers (#91466)
  • Turbopack: exclude metadata routes from server HMR (#92034)
  • Fix CI for glibc linux builds
  • Backport: disable bmi2 in qfilter #92177
  • [backport] Fix CSS HMR on Safari (#92174)

Credits

Huge thanks to @​nextjs-bot, @​icyJoseph, @​ijjk, @​gaojude, @​wbinnssmith, @​lukesandberg, and @​bgw for helping!

v16.2.1

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • docs: post release amends (#91715)
  • docs: fix broken Activity Patterns demo link in preserving UI state guide (#91698)
  • Fix adapter outputs for dynamic metadata routes (#91680)
  • Turbopack: fix webpack loader runner layer (#91727)
  • Fix server actions in standalone mode with cacheComponents (#91711)
  • turbo-persistence: remove Unmergeable mmap advice (#91713)
  • Fix layout segment optimization: move app-page imports to server-utility transition (#91701)
  • Turbopack: lazy require metadata and handle TLA (#91705)
  • [turbopack] Respect {eval:true} in worker_threads constructors (#91666)

... (truncated)

Commits
  • d5f649b v16.2.3
  • 2873928 [16.x] Avoid consuming cyclic models multiple times (#75)
  • d7c7765 [backport]: Ensure app-page reports stale ISR revalidation errors via onReque...
  • c573e8c fix(server-hmr): metadata routes overwrite page runtime HMR handler (#92273)
  • 57b8f65 next-core: deduplicate output assets and detect content conflicts on emit (#9...
  • f158df1 Fix styled-jsx race condition: styles lost due to concurrent rendering (#92459)
  • 356d605 turbo-tasks-backend: stability fixes for task cancellation and error handling...
  • 3b77a6e Fix DashMap read-write self-deadlock in task_cache causing hangs (#92210)
  • b2f208a Backport: new view-transitions guide, update and fixes (#92264)
  • 52faae3 v16.2.2
  • Additional commits viewable in compare view

@dependabot @github

dependabot Bot commented on behalf of github May 8, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: area:libs. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

Bumps [next](https://github.com/vercel/next.js) from 16.0.11 to 16.2.3.
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v16.0.11...v16.2.3)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 16.2.3
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot-npm_and_yarn-next-16.2.3 branch from 54fdd1b to 0b7250b Compare May 8, 2026 02:46
@github-actions github-actions Bot mentioned this pull request May 8, 2026
@github-actions

github-actions Bot commented May 8, 2026

Copy link
Copy Markdown

Dependency Manager Review

Status: Needs maintainer review

Risk level: High

Reason:

  • This is a framework dependency update (next 16.0.11 -> 16.2.3), which is treated as high risk for auto-merge policy.
  • The release notes indicate security/backport context and runtime behavior fixes, so this should receive explicit maintainer validation before merge.

Recommended next action:

  • Review Next.js release notes/changelog impact for this repo.
  • Run/confirm full CI and Cloudflare frontend build/typegen checks.
  • Merge after maintainer sign-off.

Auto-merge was not enabled for this PR.

Note

🔒 Integrity filter blocked 9 items

The following items were blocked because they don't meet the GitHub integrity level.

  • #236 search_pull_requests: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
  • #235 search_pull_requests: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
  • #229 search_pull_requests: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
  • #217 search_pull_requests: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
  • #216 search_pull_requests: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
  • #211 search_pull_requests: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
  • #210 search_pull_requests: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
  • #208 search_pull_requests: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
  • #203 search_pull_requests: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".

To allow these resources, lower min-integrity in your GitHub frontmatter:

tools:
  github:
    min-integrity: approved  # merged | approved | unapproved | none

Generated by Helix AI Dependency Manager for issue #284 ·

@dependabot @github

dependabot Bot commented on behalf of github May 9, 2026

Copy link
Copy Markdown
Contributor Author

Looks like next is up-to-date now, so this is no longer needed.

@dependabot dependabot Bot closed this May 9, 2026
@dependabot dependabot Bot deleted the dependabot-npm_and_yarn-next-16.2.3 branch May 9, 2026 01:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant