Skip to content

Bump the nextjs group across 1 directory with 2 updates#2

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/nextjs-bfdbdee2c1
Closed

Bump the nextjs group across 1 directory with 2 updates#2
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/nextjs-bfdbdee2c1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 6, 2026
edited
Loading

Bumps the nextjs group with 2 updates in the / directory: next and eslint-config-next.

Updates next from 15.5.16 to 16.2.6

Release notes

Sourced from next's releases.

v16.2.6

This release contains security fixes for the following advisories:

High:

Moderate:

Low:

v16.2.5

This release contains security fixes for the following advisories:

High:

Moderate:

Low:

v16.2.4

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • chore: Bump reqwest to 0.13.2 (Fixes Google Fonts with Turbopack for Windows on ARM64) (#92713)

... (truncated)

Commits
  • ee6e79b v16.2.6
  • afa053d Turbopack: Match proxy matchers with webpack implementation (#93594)
  • 97a154e Turbopack: Fix middleware matcher suffix (#93590)
  • 83899bc [backport] Disable build caches for production/staging/force-preview deploys ...
  • 7b222b9 [backport][test] Pin package manager to patch versions (#93595)
  • a8dc24f [backport] Turbopack: more strict vergen setup (#93587)
  • 766148f v16.2.5
  • 0dd9483 fix: add explicit checks for RSC header (#83) (#98)
  • d166096 fix proxy matching for segment prefetch URLs (#89) (#96)
  • 9d50c0b Strip next-resume header from incoming requests (#92)
  • Additional commits viewable in compare view

Updates eslint-config-next from 15.5.16 to 16.2.6

Release notes

Sourced from eslint-config-next's releases.

v16.2.6

This release contains security fixes for the following advisories:

High:

Moderate:

Low:

v16.2.5

This release contains security fixes for the following advisories:

High:

Moderate:

Low:

v16.2.4

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • chore: Bump reqwest to 0.13.2 (Fixes Google Fonts with Turbopack for Windows on ARM64) (#92713)

... (truncated)

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 6, 2026
@astrohyo
Copy link
Copy Markdown
Owner

astrohyo commented May 7, 2026

@dependabot rebase

@dependabot dependabot Bot changed the title Bump the nextjs group with 2 updates Bump the nextjs group across 1 directory with 2 updates May 7, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/nextjs-bfdbdee2c1 branch from 82d12e9 to 234e672 Compare May 7, 2026 21:55
@astrohyo
Copy link
Copy Markdown
Owner

astrohyo commented May 7, 2026

@dependabot rebase

@dependabot
Bump the nextjs group across 1 directory with 2 updates
302619d 
Bumps the nextjs group with 2 updates in the / directory: [next](https://github.com/vercel/next.js) and [eslint-config-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next).


Updates `next` from 15.5.16 to 16.2.6
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v15.5.16...v16.2.6)

Updates `eslint-config-next` from 15.5.16 to 16.2.6
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/commits/v16.2.6/packages/eslint-config-next)

---
updated-dependencies:
- dependency-name: eslint-config-next
  dependency-version: 16.2.5
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: nextjs
- dependency-name: next
  dependency-version: 16.2.5
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: nextjs
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/nextjs-bfdbdee2c1 branch from 234e672 to 302619d Compare May 7, 2026 22:02
@astrohyo
Copy link
Copy Markdown
Owner

astrohyo commented May 7, 2026

Closing this until the Next 16 migration is handled intentionally. Local verification showed this is not just a package bump: next lint fails under Next 16, the build reports the new Turbopack/webpack config requirement, and the related ESLint upgrade has peer/engine constraints. This should come back as a focused framework migration PR.

@astrohyo astrohyo closed this May 7, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 7, 2026

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@astrohyo astrohyo deleted the dependabot/npm_and_yarn/nextjs-bfdbdee2c1 branch May 7, 2026 22:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@astrohyo