Update Next.js to 16.2.4

[ghost-of-high-heart]

This PR updates next from version 16.2.1 to 16.2.4.

Note

This update resolves the following security advisories:

• GHSA-q4gf-8mx6-v5v3: Next.js has a Denial of Service with Server Components

Release History

The history covers 3 releases. The latest version was published 18 days ago (25 days after the current version).

16.2.4

Published 18 days ago

Note

This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• chore: Bump reqwest to 0.13.2 (Fixes Google Fonts with Turbopack for Windows on ARM64) (#​92713)
• Turbopack: fix filesystem watcher config not applying follow_symlinks(false) (#​92631)
• Scope Safari ?ts= cache-buster to CSS/font assets only (Pages Router) (#​92580)
• Compiler: Support boolean and number primtives in next.config defines (#​92731)
• turbo-tasks: Fix recomputation loop by allowing cell cleanup on error during recomputation (#​92725)
• Turbopack: shorter error for ChunkGroupInfo::get_index_of (#​92814)
• Turbopack: shorter error message for ModuleBatchesGraph::get_entry_index (#​92828)
• Adding more system info to the 'initialize project' trace (#​92427)

Credits

Huge thanks to @​Badbird5907, @​lukesandberg, @​andrewimm, @​sokra, and @​mischnic for helping!

16.2.3

Published 25 days ago

Note

This release is backporting security and bug fixes. For more information about the fixed security vulnerability, please see https://vercel.com/changelog/summary-of-cve-2026-23869. The release does not include all pending features/changes on canary.

Core Changes

• Ensure app-page reports stale ISR revalidation errors via onRequestError (#​92282)
• Fix [Bug]: manifest.ts breaks HMR in Next.js 16.2 (#​91981 through #​92273)
• Deduplicate output assets and detect content conflicts on emit (#​92292)
• Fix styled-jsx race condition: styles lost due to concurrent rendering (#​92459)
• turbo-tasks-backend: stability fixes for task cancellation and error handling (#​92254)

Credits

Huge thanks to @​icyJoseph, @​sokra, @​wbinnssmith, @​eps1lon and @​ztanner for helping!

16.2.2

Published 1 month ago

Note

This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• backport: Move expanded adapters docs to API reference (#​92115) (#​92129)
• Backport: TypeScript v6 deprecations for baseUrl and moduleResolution (#​92130)
• [create-next-app] Skip interactive prompts when CLI flags are provided (#​91840)
• next.config.js: Accept an option for serverFastRefresh (#​91968)
• Turbopack: enable server HMR for app route handlers (#​91466)
• Turbopack: exclude metadata routes from server HMR (#​92034)
• Fix CI for glibc linux builds
• Backport: disable bmi2 in qfilter #​92177
• [backport] Fix CSS HMR on Safari (#​92174)

Credits

Huge thanks to @​nextjs-bot, @​icyJoseph, @​ijjk, @​gaojude, @​wbinnssmith, @​lukesandberg, and @​bgw for helping!

16.2.1 (Current Version)

Published 1 month ago

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
swiss-maps	Ready	Preview, Comment	May 4, 2026 6:12am