Jiseoup/showmycodePublic
EN|KO
  • 코드
  • 커밋
  • 풀 리퀘스트
← 목록으로
Closed

chore(deps): bump next from 16.2.1 to 16.2.9

#32
dependabot[bot]dependabot[bot] · 2026년 6월 22일dependabot/npm_and_yarn/next-16.2.9 → main
dependencies
개요커밋변경된 파일

Bumps next from 16.2.1 to 16.2.9.

<details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vercel/next.js/releases">next's releases</a>.</em></p> <blockquote> <h2>v16.2.9</h2> <p>Empty release to ensure <code>next@latest</code> points at a stable release. Next.js only allows publishing with Trusted Publishing enabled. In order to fix NPM dist-tags, we have to release a new version. Updating dist-tags is not possible with Trusted Publishing.</p> <h2>v16.2.8</h2> <p>Release with no changes in an attempt to fix <code>next@latest</code> pointing at a prerelease version.</p> <h2>v16.2.7</h2> <blockquote> <p>[!NOTE] This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>Backport documentation fixes for v16.2 (<a href="https://redirect.github.com/vercel/next.js/issues/93804">#93804</a>)</li> <li>[backport] Patch <code>playwright-core</code> to resolve <code>_finishedPromise</code> on <code>requestFailed</code> (<a href="https://redirect.github.com/vercel/next.js/issues/93920">#93920</a>)</li> <li>[backport] Fix dev mode hydration failure when page is served from HTTP cache (<a href="https://redirect.github.com/vercel/next.js/issues/93492">#93492</a>)</li> <li>[backport] Fix catch-all <code>router.query</code> corruption with <code>basePath</code> + <code>rewrites</code> (<a href="https://redirect.github.com/vercel/next.js/issues/93917">#93917</a>)</li> <li>[backport] Encode non-ASCII characters in cache tags at construction (<a href="https://redirect.github.com/vercel/next.js/issues/93918">#93918</a>)</li> <li>[backport] Fix server action forwarding loop with middleware rewrites (<a href="https://redirect.github.com/vercel/next.js/issues/93919">#93919</a>)</li> <li>[backport] Turbopack: switch from base40 to base38 hash encoding (<a href="https://redirect.github.com/vercel/next.js/issues/93932">#93932</a>)</li> <li>[ci] Disable hanging node 24 typescript tests on 16.2 backport branch (<a href="https://redirect.github.com/vercel/next.js/issues/94164">#94164</a>)</li> <li>[backport] Fix &quot;type: module&quot; in project dir when using standalone or adapters (<a href="https://redirect.github.com/vercel/next.js/issues/94050">#94050</a>)</li> <li>[backport] Propagate adapter preferred regions (<a href="https://redirect.github.com/vercel/next.js/issues/94200">#94200</a>)</li> <li>[16.2.x] Don't drop <code>FormData</code> entries (<a href="https://redirect.github.com/vercel/next.js/issues/94240">#94240</a>)</li> <li>[backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolution (<a href="https://redirect.github.com/vercel/next.js/issues/94284">#94284</a>)</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/eps1lon"><code>@​eps1lon</code></a>, <a href="https://github.com/icyJoseph"><code>@​icyJoseph</code></a>, <a href="https://github.com/unstubbable"><code>@​unstubbable</code></a>, <a href="https://github.com/mischnic"><code>@​mischnic</code></a>, <a href="https://github.com/bgw"><code>@​bgw</code></a>, <a href="https://github.com/timneutkens"><code>@​timneutkens</code></a>, and <a href="https://github.com/lukesandberg"><code>@​lukesandberg</code></a> for helping!</p> <h2>v16.2.6</h2> <blockquote> <p>[!NOTE] This release contains security fixes and backported bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Security Fixes</h3> <p>The following advisories have been addressed:</p> <p><strong>High:</strong></p> <ul> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj">GHSA-8h8q-6873-q5fj: Denial of Service with Server Components</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f">GHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6">GHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - <strong>Incomplete Fix Follow-Up</strong></a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx">GHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv">GHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r">GHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5">GHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n</a></li> </ul> <p><strong>Moderate:</strong></p> <ul> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q">GHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h">GHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh">GHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/vercel/next.js/commit/f37fad940522e000af5498209fd237d863b4fa16"><code>f37fad9</code></a> v16.2.9</li> <li><a href="https://github.com/vercel/next.js/commit/d9aaaedfd8050e58e3c82c1cea412d670750b32b"><code>d9aaaed</code></a> [cd] Allow tagging semver-lower releases as <code>@latest</code> if <code>@latest</code> po… (<a href="https://redirect.github.com/vercel/next.js/issues/94627">#94627</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/6f1680448c81904efcd36704edf01a6b7323abbf"><code>6f16804</code></a> v16.2.8</li> <li><a href="https://github.com/vercel/next.js/commit/0dbc1d5c860bf47c8c4f794e053b93fd02355d4e"><code>0dbc1d5</code></a> [16.2.x][cd] Ensure release can be triggered on old branches (<a href="https://redirect.github.com/vercel/next.js/issues/94598">#94598</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/90e3c811e7a3603a60dfcf627cc65f8b24ad1d5d"><code>90e3c81</code></a> [16.2.x] Align Actions dependencies with Canary (<a href="https://redirect.github.com/vercel/next.js/issues/94339">#94339</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/83f402c69db9faf3f727bea5c85249fe9af9af54"><code>83f402c</code></a> [16.2.x][cd] Stop fetching all tags when searching parent tag (<a href="https://redirect.github.com/vercel/next.js/issues/94334">#94334</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/411c455dcdec630b9e2e83d24e27b0f9e05927b6"><code>411c455</code></a> v16.2.7</li> <li><a href="https://github.com/vercel/next.js/commit/c63224f3d8e8dd0a4ef8635916f92954421e5f1e"><code>c63224f</code></a> [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolut...</li> <li><a href="https://github.com/vercel/next.js/commit/63115c79877c90df4371c2425f3fc5d3a55ac58d"><code>63115c7</code></a> [16.2.x] Don't drop <code>FormData</code> entries (<a href="https://redirect.github.com/vercel/next.js/issues/94240">#94240</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/aef22fdc828226227f618bb982a222e1256ba6f2"><code>aef22fd</code></a> [backport] Propagate adapter preferred regions (<a href="https://redirect.github.com/vercel/next.js/issues/94200">#94200</a>)</li> <li>Additional commits viewable in <a href="https://github.com/vercel/next.js/compare/v16.2.1...v16.2.9">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new releaser for next since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>