chore(deps): bump next from 14.2.35 to 16.1.7 in /dev-packages/e2e-tests/test-applications/nextjs-orpc#19858
Conversation
Bumps [next](https://github.com/vercel/next.js) from 14.2.35 to 16.1.7. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v14.2.35...v16.1.7) --- updated-dependencies: - dependency-name: next dependency-version: 16.1.7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
dependabot
Bot
deleted the
dependabot/npm_and_yarn/dev-packages/e2e-tests/test-applications/nextjs-orpc/next-16.1.7
branch
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
| "@orpc/server": "latest", | ||
| "@orpc/client": "latest", | ||
| "next": "14.2.35", | ||
| "next": "16.1.7", |
There was a problem hiding this comment.
Next.js 16 bumped without updating React to 19
High Severity
next is bumped from 14.2.35 to 16.1.7 (a two-major-version jump) but react and react-dom remain at 18.3.1, and @types/react/@types/react-dom remain at 18.x. Every other Next.js 16 test application in this repo uses react 19.1.0, react-dom 19.1.0, and @types/react/@types/react-dom at ^19. Next.js 16 internally bundles React 19 canary for server components, meaning the installed React 18 will likely conflict, causing build or runtime failures in this e2e test application. The eslint-config-next at ^14.2.4 is also stale for Next.js 16.
Additional Locations (1)
1 participant
Bumps next from 14.2.35 to 16.1.7.
Release notes
Sourced from next's releases.
... (truncated)
Commits
bdf3e35v16.1.7dc98c04[backport]: fix: patch http-proxy to prevent request smuggling in rewrites (#...9023c0a[backport] Disallow Server Action submissions from privacy-sensitive contexts...36a97b9Allow blocking cross-site dev-only websocket connections from privacy-sensiti...93c3993[backport]: feat(next/image): add lru disk cache and `images.maximumDiskCache...c68d62dBackport documentation fixes for 16.1.x (#90655)5214ac1[backport]: ensure maxPostponedStateSize is always respected (#90060) (#90471)c95e357Backport/docs fixes 16.1.x (#90125)cba6144[backport] Apply server actions transform tonode_modulesin route handlers...3db9063[backport] [Cache Components] Prevent streaming fetch calls from hanging in d...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.