chore(deps): bump the dependencies group with 6 updates by dependabot[bot] · Pull Request #104 · CaseyHoover/FullStackSkeleton

dependabot · 2026-05-08T05:27:44Z

Bumps the dependencies group with 6 updates:

Package	From	To
@types/node	`25.6.0`	`25.6.2`
turbo	`2.9.9`	`2.9.10`
@sentry/node	`10.51.0`	`10.52.0`
@sentry/nextjs	`10.51.0`	`10.52.0`
next	`16.2.5`	`16.2.6`
@next/eslint-plugin-next	`16.2.5`	`16.2.6`

Updates @types/node from 25.6.0 to 25.6.2

Commits

See full diff in compare view

Updates turbo from 2.9.9 to 2.9.10

Release notes

Sourced from turbo's releases.

Turborepo v2.9.10

What's Changed

Changelog

release(turborepo): 2.9.9-canary.4 by @github-actions[bot] in vercel/turborepo#12716

release(turborepo): 2.9.9 by @github-actions[bot] in vercel/turborepo#12719

fix: Respect SCM env vars in turbo query affected by @anthonyshew in vercel/turborepo#12722

ci: Package VSCode extension in release workflow by @anthonyshew in vercel/turborepo#12723

fix: Avoid some raw create-turbo example telemetry by @anthonyshew in vercel/turborepo#12725

fix: Escape graph HTML payloads by @anthonyshew in vercel/turborepo#12726

fix: Prevent OTEL token injection to spoofed origins by @anthonyshew in vercel/turborepo#12727

fix: Retry HTTP status failures by @anthonyshew in vercel/turborepo#12728

fix: Validate microfrontend proxy Host header by @anthonyshew in vercel/turborepo#12730

fix: Redact task hash env debug logs by @anthonyshew in vercel/turborepo#12733

fix: Filter microfrontend proxy environments by @anthonyshew in vercel/turborepo#12732

fix: Preserve FSEvents mount points for device-relative paths by @anthonyshew in vercel/turborepo#12729

fix: Validate proxy Host headers by @anthonyshew in vercel/turborepo#12731

fix: Resolve TypeScript .js extension imports to .ts files in boundaries by @maschwenk in vercel/turborepo#12644

fix: Use random temp path for repo downloads by @anthonyshew in vercel/turborepo#12736

release(turborepo): 2.9.10-canary.1 by @github-actions[bot] in vercel/turborepo#12734

fix: Reject OTel endpoints with userinfo by @anthonyshew in vercel/turborepo#12737

fix: Authenticate local devtools WebSocket by @anthonyshew in vercel/turborepo#12738

fix: Handle clipboard exec errors by @anthonyshew in vercel/turborepo#12739

fix: Restrict Vercel token reuse to trusted API origins by @anthonyshew in vercel/turborepo#12740

fix: Keep workspace config discovery inside root by @anthonyshew in vercel/turborepo#12741

fix: Hardening for daemon IPC endpoints by @anthonyshew in vercel/turborepo#12742

fix: Enforce cache filesystem boundaries by @anthonyshew in vercel/turborepo#12743

Full Changelog: vercel/turborepo@v2.9.9...v2.9.10

Turborepo v2.9.10-canary.1

What's Changed

Changelog

fix: Preserve lockfiles during dry-run conversion by @anthonyshew in vercel/turborepo#12717

ci: Fix LSP workflow container matrix by @anthonyshew in vercel/turborepo#12718

release(turborepo): 2.9.9-canary.4 by @github-actions[bot] in vercel/turborepo#12716

release(turborepo): 2.9.9 by @github-actions[bot] in vercel/turborepo#12719

fix: Respect SCM env vars in turbo query affected by @anthonyshew in vercel/turborepo#12722

ci: Package VSCode extension in release workflow by @anthonyshew in vercel/turborepo#12723

fix: Avoid some raw create-turbo example telemetry by @anthonyshew in vercel/turborepo#12725

fix: Escape graph HTML payloads by @anthonyshew in vercel/turborepo#12726

fix: Prevent OTEL token injection to spoofed origins by @anthonyshew in vercel/turborepo#12727

fix: Retry HTTP status failures by @anthonyshew in vercel/turborepo#12728

fix: Validate microfrontend proxy Host header by @anthonyshew in vercel/turborepo#12730

fix: Redact task hash env debug logs by @anthonyshew in vercel/turborepo#12733

fix: Filter microfrontend proxy environments by @anthonyshew in vercel/turborepo#12732

... (truncated)

Commits

70495e5 publish 2.9.10 to registry
a50e863 fix: Enforce cache filesystem boundaries (#12743)
13a9a8b fix: Hardening for daemon IPC endpoints (#12742)
86c0365 fix: Keep workspace config discovery inside root (#12741)
18a3a22 fix: Restrict Vercel token reuse to trusted API origins (#12740)
3305766 fix: Handle clipboard exec errors (#12739)
8276be8 fix: Authenticate local devtools WebSocket (#12738)
a6efc3f fix: Reject OTel endpoints with userinfo (#12737)
b1001c1 release(turborepo): 2.9.10-canary.1 (#12734)
106698c fix: Use random temp path for repo downloads (#12736)
Additional commits viewable in compare view

Updates @sentry/node from 10.51.0 to 10.52.0

Release notes

Sourced from @sentry/node's releases.

10.52.0

Important Changes

Beta release of the official Hono Sentry SDK

This release marks the beta release of the @sentry/hono Sentry SDK. For details on how to use it, check out the Sentry Hono SDK docs. Please reach out on GitHub if you have any feedback or concerns.

feat(browser): Add ingest_settings to v2 log envelope payload (#20453)

Inference of user data (e.g. IP address, browser name/version) on log events is now gated behind the sendDefaultPii option. Previously, this data was always inferred by default.

Other Changes

docs(hono): Add new docs link and move to BETA release (#20666)

feat(browser): Add ingest_settings to v2 metrics envelope payload (#20454)

feat(browser): Migrate spotlight event processor to ignoreSpans (#20595)

feat(cloudflare): Capture request body via httpServerIntegration (#20614)

feat(cloudflare): Support rpc trace propagation for WorkerEntrypoint (#20523)

feat(cloudflare): Support tracing for queue producer (#20529)

feat(core): Apply request data to segment spans in span streaming (#20654)

feat(core): Migrate Vercel AI event processor to span streaming (#20608)

feat(deno): Add processSegmentSpan to Deno context integration (#20613)

feat(http): Portable node:http client instrumentation (#20393)

feat(nitro): Add unstorage tracing channel instrumentation (#20615)

feat(node-core): Add processSegmentSpan to node context integration (#20678)

feat(node): Use diagnostics_channel for redis >= 5.12.0 (#20573)

feat(node): Vendor ioredis, redis instrumentations (#20510)

feat(replay): Reset replay id from DSC on session expiry/refresh (#20129)

fix: Bump fast-xml-parser to fix vulnerability (#20644)

fix: Bump vite versions to fix vulnerability (#20646)

fix(core): Drain buffers in flush() when there is no transport (#20207)

fix(core): Guard against undefined chained in copyProps (#20637)

fix(deps): Bump rollup-plugin-license to fix lodash vulnerabilities (#20636)

fix(deps): Bump transitive deps for medium security fixes (#20683)

fix(hono): Do not capture 3xx and 4xx errors and add tests (#20640)

fix(nextjs): Skip build modification when SRI is enabled (#20694)

fix(opentelemetry): Respect OTEL_SERVICE_NAME, OTEL_RESOURCE_ATTRIBUTES (#20509)

chore: Remove bundle-analyzer-scenarios dev packages (#20680)

chore(deps): Bump @hono/node-server from 1.19.10 to 1.19.13 (#20117)

chore(deps): Bump @nestjs packages to fix path-to-regexp ReDoS (#20642)

chore(deps): Bump axios from 1.15.0 to 1.15.2 (#20665)

chore(deps): Bump ip-address from 10.1.0 to 10.2.0 (#20695)

chore(deps): Bump simple-git from 3.33.0 to 3.36.0 (#20696)

chore(deps): Bump vulnerable testem version (#20634)

... (truncated)

Changelog

Sourced from @sentry/node's changelog.

10.52.0

Important Changes

Beta release of the official Hono Sentry SDK

This release marks the beta release of the @sentry/hono Sentry SDK. For details on how to use it, check out the Sentry Hono SDK docs. Please reach out on GitHub if you have any feedback or concerns.

feat(browser): Add ingest_settings to v2 log envelope payload (#20453)

Inference of user data (e.g. IP address, browser name/version) on log events is now gated behind the sendDefaultPii option. Previously, this data was always inferred by default.

Other Changes

docs(hono): Add new docs link and move to BETA release (#20666)

feat(browser): Add ingest_settings to v2 metrics envelope payload (#20454)

feat(browser): Migrate spotlight event processor to ignoreSpans (#20595)

feat(cloudflare): Capture request body via httpServerIntegration (#20614)

feat(cloudflare): Support rpc trace propagation for WorkerEntrypoint (#20523)

feat(cloudflare): Support tracing for queue producer (#20529)

feat(core): Apply request data to segment spans in span streaming (#20654)

feat(core): Migrate Vercel AI event processor to span streaming (#20608)

feat(deno): Add processSegmentSpan to Deno context integration (#20613)

feat(http): Portable node:http client instrumentation (#20393)

feat(nitro): Add unstorage tracing channel instrumentation (#20615)

feat(node-core): Add processSegmentSpan to node context integration (#20678)

feat(node): Use diagnostics_channel for redis >= 5.12.0 (#20573)

feat(node): Vendor ioredis, redis instrumentations (#20510)

feat(replay): Reset replay id from DSC on session expiry/refresh (#20129)

fix: Bump fast-xml-parser to fix vulnerability (#20644)

fix: Bump vite versions to fix vulnerability (#20646)

fix(core): Drain buffers in flush() when there is no transport (#20207)

fix(core): Guard against undefined chained in copyProps (#20637)

fix(deps): Bump rollup-plugin-license to fix lodash vulnerabilities (#20636)

fix(deps): Bump transitive deps for medium security fixes (#20683)

fix(hono): Do not capture 3xx and 4xx errors and add tests (#20640)

fix(nextjs): Skip build modification when SRI is enabled (#20694)

fix(opentelemetry): Respect OTEL_SERVICE_NAME, OTEL_RESOURCE_ATTRIBUTES (#20509)

chore: Remove bundle-analyzer-scenarios dev packages (#20680)

chore(deps): Bump @hono/node-server from 1.19.10 to 1.19.13 (#20117)

chore(deps): Bump @nestjs packages to fix path-to-regexp ReDoS (#20642)

chore(deps): Bump axios from 1.15.0 to 1.15.2 (#20665)

chore(deps): Bump ip-address from 10.1.0 to 10.2.0 (#20695)

chore(deps): Bump simple-git from 3.33.0 to 3.36.0 (#20696)

... (truncated)

Commits

4b911e0 release: 10.52.0
781f31c Merge pull request #20707 from getsentry/prepare-release/10.52.0
11a64f6 meta(changelog): Update changelog for 10.52.0
e185818 feat(node-core): Add processSegmentSpan to node context integration (#20678)
7e49571 feat(node): use diagnostics_channel for redis >= 5.12.0 (#20573)
a8ab715 feat(replay): Reset replay id from DSC on session expiry/refresh (#20129)
7efc03f feat(core): Apply request data to segment spans in span streaming (#20654)
01d0a70 feat(core): Migrate Vercel AI event processor to span streaming (#20608)
12cd3e5 fix(nextjs): Skip build modification when SRI is enabled (#20694)
f1f534c fix(deps): Bump transitive deps for medium security fixes (#20683)
Additional commits viewable in compare view

Updates @sentry/nextjs from 10.51.0 to 10.52.0

Release notes

Sourced from @sentry/nextjs's releases.

10.52.0

Important Changes

Beta release of the official Hono Sentry SDK

This release marks the beta release of the @sentry/hono Sentry SDK. For details on how to use it, check out the Sentry Hono SDK docs. Please reach out on GitHub if you have any feedback or concerns.

feat(browser): Add ingest_settings to v2 log envelope payload (#20453)

Inference of user data (e.g. IP address, browser name/version) on log events is now gated behind the sendDefaultPii option. Previously, this data was always inferred by default.

Other Changes

docs(hono): Add new docs link and move to BETA release (#20666)

feat(browser): Add ingest_settings to v2 metrics envelope payload (#20454)

feat(browser): Migrate spotlight event processor to ignoreSpans (#20595)

feat(cloudflare): Capture request body via httpServerIntegration (#20614)

feat(cloudflare): Support rpc trace propagation for WorkerEntrypoint (#20523)

feat(cloudflare): Support tracing for queue producer (#20529)

feat(core): Apply request data to segment spans in span streaming (#20654)

feat(core): Migrate Vercel AI event processor to span streaming (#20608)

feat(deno): Add processSegmentSpan to Deno context integration (#20613)

feat(http): Portable node:http client instrumentation (#20393)

feat(nitro): Add unstorage tracing channel instrumentation (#20615)

feat(node-core): Add processSegmentSpan to node context integration (#20678)

feat(node): Use diagnostics_channel for redis >= 5.12.0 (#20573)

feat(node): Vendor ioredis, redis instrumentations (#20510)

feat(replay): Reset replay id from DSC on session expiry/refresh (#20129)

fix: Bump fast-xml-parser to fix vulnerability (#20644)

fix: Bump vite versions to fix vulnerability (#20646)

fix(core): Drain buffers in flush() when there is no transport (#20207)

fix(core): Guard against undefined chained in copyProps (#20637)

fix(deps): Bump rollup-plugin-license to fix lodash vulnerabilities (#20636)

fix(deps): Bump transitive deps for medium security fixes (#20683)

fix(hono): Do not capture 3xx and 4xx errors and add tests (#20640)

fix(nextjs): Skip build modification when SRI is enabled (#20694)

fix(opentelemetry): Respect OTEL_SERVICE_NAME, OTEL_RESOURCE_ATTRIBUTES (#20509)

chore: Remove bundle-analyzer-scenarios dev packages (#20680)

chore(deps): Bump @hono/node-server from 1.19.10 to 1.19.13 (#20117)

chore(deps): Bump @nestjs packages to fix path-to-regexp ReDoS (#20642)

chore(deps): Bump axios from 1.15.0 to 1.15.2 (#20665)

chore(deps): Bump ip-address from 10.1.0 to 10.2.0 (#20695)

chore(deps): Bump simple-git from 3.33.0 to 3.36.0 (#20696)

chore(deps): Bump vulnerable testem version (#20634)

... (truncated)

Changelog

Sourced from @sentry/nextjs's changelog.

10.52.0

Important Changes

Beta release of the official Hono Sentry SDK

This release marks the beta release of the @sentry/hono Sentry SDK. For details on how to use it, check out the Sentry Hono SDK docs. Please reach out on GitHub if you have any feedback or concerns.

feat(browser): Add ingest_settings to v2 log envelope payload (#20453)

Inference of user data (e.g. IP address, browser name/version) on log events is now gated behind the sendDefaultPii option. Previously, this data was always inferred by default.

Other Changes

docs(hono): Add new docs link and move to BETA release (#20666)

feat(browser): Add ingest_settings to v2 metrics envelope payload (#20454)

feat(browser): Migrate spotlight event processor to ignoreSpans (#20595)

feat(cloudflare): Capture request body via httpServerIntegration (#20614)

feat(cloudflare): Support rpc trace propagation for WorkerEntrypoint (#20523)

feat(cloudflare): Support tracing for queue producer (#20529)

feat(core): Apply request data to segment spans in span streaming (#20654)

feat(core): Migrate Vercel AI event processor to span streaming (#20608)

feat(deno): Add processSegmentSpan to Deno context integration (#20613)

feat(http): Portable node:http client instrumentation (#20393)

feat(nitro): Add unstorage tracing channel instrumentation (#20615)

feat(node-core): Add processSegmentSpan to node context integration (#20678)

feat(node): Use diagnostics_channel for redis >= 5.12.0 (#20573)

feat(node): Vendor ioredis, redis instrumentations (#20510)

feat(replay): Reset replay id from DSC on session expiry/refresh (#20129)

fix: Bump fast-xml-parser to fix vulnerability (#20644)

fix: Bump vite versions to fix vulnerability (#20646)

fix(core): Drain buffers in flush() when there is no transport (#20207)

fix(core): Guard against undefined chained in copyProps (#20637)

fix(deps): Bump rollup-plugin-license to fix lodash vulnerabilities (#20636)

fix(deps): Bump transitive deps for medium security fixes (#20683)

fix(hono): Do not capture 3xx and 4xx errors and add tests (#20640)

fix(nextjs): Skip build modification when SRI is enabled (#20694)

fix(opentelemetry): Respect OTEL_SERVICE_NAME, OTEL_RESOURCE_ATTRIBUTES (#20509)

chore: Remove bundle-analyzer-scenarios dev packages (#20680)

chore(deps): Bump @hono/node-server from 1.19.10 to 1.19.13 (#20117)

chore(deps): Bump @nestjs packages to fix path-to-regexp ReDoS (#20642)

chore(deps): Bump axios from 1.15.0 to 1.15.2 (#20665)

chore(deps): Bump ip-address from 10.1.0 to 10.2.0 (#20695)

chore(deps): Bump simple-git from 3.33.0 to 3.36.0 (#20696)

... (truncated)

Commits

4b911e0 release: 10.52.0
781f31c Merge pull request #20707 from getsentry/prepare-release/10.52.0
11a64f6 meta(changelog): Update changelog for 10.52.0
e185818 feat(node-core): Add processSegmentSpan to node context integration (#20678)
7e49571 feat(node): use diagnostics_channel for redis >= 5.12.0 (#20573)
a8ab715 feat(replay): Reset replay id from DSC on session expiry/refresh (#20129)
7efc03f feat(core): Apply request data to segment spans in span streaming (#20654)
01d0a70 feat(core): Migrate Vercel AI event processor to span streaming (#20608)
12cd3e5 fix(nextjs): Skip build modification when SRI is enabled (#20694)
f1f534c fix(deps): Bump transitive deps for medium security fixes (#20683)
Additional commits viewable in compare view

Updates next from 16.2.5 to 16.2.6

Release notes

Sourced from next's releases.

v16.2.6

This release contains security fixes for the following advisories:

High:

GHSA-8h8q-6873-q5fj: Denial of Service with Server Components

GHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes

GHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up

GHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components

GHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection

GHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades

GHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n

Moderate:

GHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces

GHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input

GHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API

GHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses

Low:

GHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting

GHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned

Commits

ee6e79b v16.2.6
afa053d Turbopack: Match proxy matchers with webpack implementation (#93594)
97a154e Turbopack: Fix middleware matcher suffix (#93590)
83899bc [backport] Disable build caches for production/staging/force-preview deploys ...
7b222b9 [backport][test] Pin package manager to patch versions (#93595)
a8dc24f [backport] Turbopack: more strict vergen setup (#93587)
See full diff in compare view

Updates @next/eslint-plugin-next from 16.2.5 to 16.2.6

Release notes

Sourced from @next/eslint-plugin-next's releases.

v16.2.6

This release contains security fixes for the following advisories:

High:

GHSA-8h8q-6873-q5fj: Denial of Service with Server Components

GHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes

GHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up

GHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components

GHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection

GHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades

GHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n

Moderate:

GHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces

GHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input

GHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API

GHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses

Low:

GHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting

GHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned

Commits

ee6e79b v16.2.6
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the dependencies group with 6 updates: | Package | From | To | | --- | --- | --- | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.6.0` | `25.6.2` | | [turbo](https://github.com/vercel/turborepo) | `2.9.9` | `2.9.10` | | [@sentry/node](https://github.com/getsentry/sentry-javascript) | `10.51.0` | `10.52.0` | | [@sentry/nextjs](https://github.com/getsentry/sentry-javascript) | `10.51.0` | `10.52.0` | | [next](https://github.com/vercel/next.js) | `16.2.5` | `16.2.6` | | [@next/eslint-plugin-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-plugin-next) | `16.2.5` | `16.2.6` | Updates `@types/node` from 25.6.0 to 25.6.2 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `turbo` from 2.9.9 to 2.9.10 - [Release notes](https://github.com/vercel/turborepo/releases) - [Changelog](https://github.com/vercel/turborepo/blob/main/RELEASE.md) - [Commits](vercel/turborepo@v2.9.9...v2.9.10) Updates `@sentry/node` from 10.51.0 to 10.52.0 - [Release notes](https://github.com/getsentry/sentry-javascript/releases) - [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md) - [Commits](getsentry/sentry-javascript@10.51.0...10.52.0) Updates `@sentry/nextjs` from 10.51.0 to 10.52.0 - [Release notes](https://github.com/getsentry/sentry-javascript/releases) - [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md) - [Commits](getsentry/sentry-javascript@10.51.0...10.52.0) Updates `next` from 16.2.5 to 16.2.6 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v16.2.5...v16.2.6) Updates `@next/eslint-plugin-next` from 16.2.5 to 16.2.6 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/commits/v16.2.6/packages/eslint-plugin-next) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.6.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: turbo dependency-version: 2.9.10 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: "@sentry/node" dependency-version: 10.52.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: "@sentry/nextjs" dependency-version: 10.52.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: next dependency-version: 16.2.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: "@next/eslint-plugin-next" dependency-version: 16.2.6 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2026-05-09T11:35:20Z

🎉 This PR is included in version 1.0.4 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 8, 2026

github-actions Bot enabled auto-merge May 8, 2026 05:28

Merge branch 'main' into dependabot/npm_and_yarn/dependencies-b5380b7383

5953ef8

github-actions Bot merged commit 551d3ae into main May 9, 2026
6 checks passed

dependabot Bot deleted the dependabot/npm_and_yarn/dependencies-b5380b7383 branch May 9, 2026 03:00

github-actions Bot added the released label May 9, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the dependencies group with 6 updates#104

chore(deps): bump the dependencies group with 6 updates#104
github-actions[bot] merged 2 commits intomainfrom
dependabot/npm_and_yarn/dependencies-b5380b7383

dependabot Bot commented on behalf of github May 8, 2026

Uh oh!

Uh oh!

github-actions Bot commented May 9, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github May 8, 2026

Turborepo v2.9.10

What's Changed

Changelog

Turborepo v2.9.10-canary.1

What's Changed

Changelog

10.52.0

Important Changes

Other Changes

10.52.0

Important Changes

Other Changes

10.52.0

Important Changes

Other Changes

10.52.0

Important Changes

Other Changes

v16.2.6

v16.2.6

Uh oh!

Uh oh!

github-actions Bot commented May 9, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant