Bump the minor-and-patch group across 1 directory with 22 updates

[dependabot]

Bumps the minor-and-patch group with 21 updates in the /src/frontend directory:

Package	From	To
@azure/monitor-opentelemetry	1.16.0	1.18.1
@base-ui/react	1.3.0	1.6.0
@microsoft/applicationinsights-react-js	19.3.8	19.4.0
@microsoft/applicationinsights-web	3.4.1	3.4.2
@tanstack/react-query	5.96.2	5.101.0
@xyflow/react	12.10.2	12.11.0
lucide-react	1.7.0	1.21.0
next	16.2.2	16.2.9
next-auth	4.24.13	4.24.14
react	19.2.4	19.2.7
@types/react	19.2.14	19.2.17
react-dom	19.2.4	19.2.7
shadcn	4.2.0	4.11.0
tailwind-merge	3.5.0	3.6.0
@playwright/test	1.59.1	1.61.0
@tailwindcss/postcss	4.2.2	4.3.1
eslint-config-next	16.2.2	16.2.9
jest	30.3.0	30.4.2
jest-environment-jsdom	30.3.0	30.4.1
ts-jest	29.4.9	29.4.11
typescript	6.0.2	6.0.3

Updates @azure/monitor-opentelemetry from 1.16.0 to 1.18.1

Changelog

Sourced from @​azure/monitor-opentelemetry's changelog.

1.18.1 (2026-05-29)

Other Changes

• Updated OpenTelemetry experimental dependencies from ^0.217.0 to ^0.218.0 (@opentelemetry/api-logs, @opentelemetry/instrumentation, @opentelemetry/instrumentation-http, @opentelemetry/sdk-logs, @opentelemetry/sdk-node, @opentelemetry/exporter-metrics-otlp-http, @opentelemetry/exporter-trace-otlp-http). The otlp-transformer in this release replaces its protobufjs dependency with a custom serializer, resolving related npm audit advisories.
• Removed the redundant private quickpulseClientOptions field from QuickpulseSender; tests now read credential and credentialScopes directly via bracket notation.
• Updated to using exporter version 1.0.0-beta.42.

1.18.0 (2026-05-12)

Other Changes

• Updated OpenTelemetry dependencies to the 0.217.0 / 2.7.1 release line, including @opentelemetry/sdk-node, @opentelemetry/instrumentation, @opentelemetry/instrumentation-http, @opentelemetry/api-logs, @opentelemetry/sdk-logs, the stable @opentelemetry/core / @opentelemetry/resources / @opentelemetry/sdk-metrics / @opentelemetry/sdk-trace-base / @opentelemetry/sdk-trace-node packages, @opentelemetry/semantic-conventions, and the contrib instrumentations (bunyan, mongodb, mysql, pg, redis, winston, resource-detector-azure, winston-transport).
• Updated to using exporter version 1.0.0-beta.41.

1.17.0 (2026-05-07)

Features Added

• Added GenAI main agent attribution: AzureMonitorSpanProcessor and AzureLogRecordProcessor now propagate microsoft.gen_ai.main_agent.* attributes (with fallback to gen_ai.agent.* / gen_ai.conversation.id) from parent spans to child spans, derive them on invoke_agent spans, and copy them from the active span onto emitted log records.
• Added support for the AKS resource detector from @opentelemetry/resource-detector-azure.
• Added AKS_RESOURCE_DETECTOR_POPULATION statsbeat feature signal to track when the AKS resource detector successfully populates resource attributes.

Bugs Fixed

• Fixed Available Memory performance counter on Linux to report MemAvailable from /proc/meminfo instead of MemFree (via os.freemem()). MemAvailable accounts for reclaimable memory (page cache, buffers), providing a more accurate measure of memory available to processes.
• Fixed standard metrics and performance counters recording 0ms duration for all sub-second requests. span.duration is an HrTime tuple [seconds, nanoseconds] but was incorrectly read as span.duration[0] (seconds only). Converted to milliseconds using hrTimeToMilliseconds() from @opentelemetry/core.

Other Changes

• Restructured samples-dev to use the standard Azure SDK dev-tool format with @summary tags.
• Updated to using exporter version 1.0.0-beta.40.

Commits

• b454190 [monitor-opentelemetry] Release 1.18.1 distro and 1.0.0-beta.42 exporter (#38...
• 0ad1ddd [monitor-opentelemetry] Bump OpenTelemetry experimental deps to 0.218.0 (#38533)
• 7f316ee [monitor-opentelemetry] Release 1.18.0 distro and 1.0.0-beta.41 exporter (Ope...
• 1cc3584 [Monitor OpenTelemetry] Remove azure functions instrumentation (#38461)
• 19734e9 [monitor] Update @​azure/opentelemetry-instrumentation-azure-sdk dependencies ...
• ac224e2 [Monitor OpenTelemetry][Monitor OpenTelemetry Exporter] Release Distro 1.17.0...
• 9be3be3 feat(monitor-opentelemetry): implement GenAI main agent attribution (#38445)
• 3de1abe Add imports field to all warp-built packages (#38391)
• e8f0055 chore: Update registry for all package.json and adjust check rules (#38281)
• 7b834ea Add missing polyfillSuffix entries to warp.config.yml for .cts polyfill packa...
• Additional commits viewable in compare view

Updates @base-ui/react from 1.3.0 to 1.6.0

Release notes

Sourced from @​base-ui/react's releases.

v1.6.0

General changes

• Correct inaccurate prop JSDoc (#5036) by @​atomiks
• Update the hook value when store/arguments change (#4866) by @​chuganzy
• Restore viewport morphing after reopen for kept-mounted popups (#5010) by @​atomiks
• Fix pseudo-element bounds in dev mode (#5000) by @​atomiks

Accordion

• Fix trigger behavior bugs (#4833) by @​atomiks
• Remove region role from Accordion.Root (#4961) by @​chuganzy
• Align keyboard navigation with APG (#4965) by @​chuganzy

Alert Dialog

• Fix programmatic focus return (#4849) by @​atomiks

Autocomplete

• Keep ArrowLeft/ArrowRight on the input caret in grid mode (#4948) by @​spokodev
• Document open requirement for the inline prop (#5069) by @​atomiks

Avatar

• Fix image status edge cases (#4835) by @​atomiks

Checkbox

• Fix parent group cancellation and indeterminate state (#4941) by @​atomiks
• Ignore data-focused Field attribute when disabled (#4998) by @​atomiks
• Fix extra validate fn calls (#4911) by @​mj12albert

Checkbox Group

• Fix parent group cancellation and indeterminate state (#4941) by @​atomiks
• Fix parent checkbox with custom validate fn (#4912) by @​mj12albert
• Fix validation with multiple required checkboxes (#4958) by @​atomiks
• Forward group ids (#4997) by @​atomiks

Collapsible

• Fix trigger and panel state bugs (#4848) by @​atomiks

Combobox

• Fix chip context error (#4877) by @​lyzno1
• Keep ArrowLeft/ArrowRight on the input caret in grid mode (#4948) by @​spokodev
• Avoid re-rendering every item on each keystroke (#4964) by @​flaviendelangle
• Fix autofill and selected state edge cases (#4972) by @​atomiks

... (truncated)

Changelog

Sourced from @​base-ui/react's changelog.

v1.6.0

Jun 18, 2026

General changes

• Correct inaccurate prop JSDoc (#5036) by @​atomiks
• Update the hook value when store/arguments change (#4866) by @​chuganzy
• Restore viewport morphing after reopen for kept-mounted popups (#5010) by @​atomiks
• Fix pseudo-element bounds in dev mode (#5000) by @​atomiks

Accordion

• Fix trigger behavior bugs (#4833) by @​atomiks
• Remove region role from Accordion.Root (#4961) by @​chuganzy
• Align keyboard navigation with APG (#4965) by @​chuganzy

Alert Dialog

• Fix programmatic focus return (#4849) by @​atomiks

Autocomplete

• Keep ArrowLeft/ArrowRight on the input caret in grid mode (#4948) by @​spokodev
• Document open requirement for the inline prop (#5069) by @​atomiks

Avatar

• Fix image status edge cases (#4835) by @​atomiks

Checkbox

• Fix parent group cancellation and indeterminate state (#4941) by @​atomiks
• Ignore data-focused Field attribute when disabled (#4998) by @​atomiks
• Fix extra validate fn calls (#4911) by @​mj12albert

Checkbox Group

• Fix parent group cancellation and indeterminate state (#4941) by @​atomiks
• Fix parent checkbox with custom validate fn (#4912) by @​mj12albert
• Fix validation with multiple required checkboxes (#4958) by @​atomiks
• Forward group ids (#4997) by @​atomiks

Collapsible

• Fix trigger and panel state bugs (#4848) by @​atomiks

Combobox

• Fix chip context error (#4877) by @​lyzno1

... (truncated)

Commits

• b34551d [code-infra] Fix package publishing (#5074)
• 615b0e8 [release] v1.6.0 (#5064)
• 8b7ca5d [test] Restore slider listener spies (#5072)
• 2502524 [combobox][autocomplete] Document open requirement for the inline prop (#...
• 4c33d74 [slider] Fix touchend listener accumulation leak (#5070)
• d169cd5 [combobox] Fix autofill and selected state edge cases (#4972)
• 2d8b8f6 [avatar] Fix image status edge cases (#4835)
• ee3c13a [select] Skip disabled items in typeahead and fix multiple-mode serialization...
• b167c85 [drawer] Commit swipe on primary-button release (#5057)
• e972d74 [combobox] Avoid re-rendering every item on each keystroke (#4964)
• Additional commits viewable in compare view

Updates @microsoft/applicationinsights-react-js from 19.3.8 to 19.4.0

Release notes

Sourced from @​microsoft/applicationinsights-react-js's releases.

19.4.0

Breaking Changes

TThis release bumps the Application Insights dependency from ^3.3.10 to ^3.4.1., which contains potential breaking changes:

The 3.4.x release of Application Insights includes significant changes that may affect your application. Please review the following before upgrading.

This version is NOT supported on any eariler versions of Application Insights.

Type Signature Compatibility

• Fixed: ReactPlugin.initialize method signature now properly matches ITelemetryPlugin interface requirements
  • Changed from IConfiguration & IConfig to IConfiguration to follow TypeScript contravariance rules
  • Impact: Should resolve "Type 'ReactPlugin' is not assignable to type 'ITelemetryPlugin'" errors that users encountered in previous releases
  • Fixes parameter type compatibility issues when passing ReactPlugin instance to SDK initialization

Application Insights 3.4.1 Breaking Changes

• Distributed Tracing Refactoring (Details):

  • The TelemetryTrace class has been removed; functionality integrated into W3C trace state implementation
  • appInsights.context.telemetryTrace is now deprecated (adapter to core.getTraceCtx())
  • Core instance now always has a valid traceId (either generated or inherited from parent trace context)

• Flush Method Signature: Parameter renamed from async to isAsync in IChannelControls interface

  • Only affects code using named parameters

Package Deprecation Notice

@microsoft/applicationinsights-common is now DEPRECATED and will be removed in Application Insights 4.0.0:

• All exports from applicationinsights-common have been merged into @microsoft/applicationinsights-core-js
• The common package continues to work as a compatibility shim (re-exports from Core)
• Action Required: Update imports from @microsoft/applicationinsights-common to @microsoft/applicationinsights-core-js
• See the Migration Guide for details
• This version of the plugin now only uses @microsoft/applicationinsights-core-js and therefore will no longer work with older releases.

Significant Changes

• Update to Application Insights 3.4.1 (from 3.3.10):
  • Enhanced W3C trace state support and distributed tracing improvements
  • Enhanced cookie management with memory caching when cookies are disabled
  • OsPlugin reliability improvements with proactive OS retrieval
  • URL redaction enhancements for improved flexibility
  • Better handling of dependency tracking with W3C trace state

Security Updates

• #169: Upgrade React and react-dom to 19.1.2 to address CVE-2025-55182 (CVSS 10.0)
  • Critical security vulnerability: unauthenticated remote code execution in React Server Components
  • Action Required: All users should update immediately

... (truncated)

Changelog

Sourced from @​microsoft/applicationinsights-react-js's changelog.

19.4.0 (April 8th, 2026)

Breaking Changes

TThis release bumps the Application Insights dependency from ^3.3.10 to ^3.4.1., which contains potential breaking changes:

The 3.4.x release of Application Insights includes significant changes that may affect your application. Please review the following before upgrading.

This version is NOT supported on any eariler versions of Application Insights.

Type Signature Compatibility

• Fixed: ReactPlugin.initialize method signature now properly matches ITelemetryPlugin interface requirements
  • Changed from IConfiguration & IConfig to IConfiguration to follow TypeScript contravariance rules
  • Impact: Should resolve "Type 'ReactPlugin' is not assignable to type 'ITelemetryPlugin'" errors that users encountered in previous releases
  • Fixes parameter type compatibility issues when passing ReactPlugin instance to SDK initialization

Application Insights 3.4.1 Breaking Changes

• Distributed Tracing Refactoring (Details):

  • The TelemetryTrace class has been removed; functionality integrated into W3C trace state implementation
  • appInsights.context.telemetryTrace is now deprecated (adapter to core.getTraceCtx())
  • Core instance now always has a valid traceId (either generated or inherited from parent trace context)

• Flush Method Signature: Parameter renamed from async to isAsync in IChannelControls interface

  • Only affects code using named parameters

Package Deprecation Notice

@microsoft/applicationinsights-common is now DEPRECATED and will be removed in Application Insights 4.0.0:

• All exports from applicationinsights-common have been merged into @microsoft/applicationinsights-core-js
• The common package continues to work as a compatibility shim (re-exports from Core)
• Action Required: Update imports from @microsoft/applicationinsights-common to @microsoft/applicationinsights-core-js
• See the Migration Guide for details
• This version of the plugin now only uses @microsoft/applicationinsights-core-js and therefore will no longer work with older releases.

Significant Changes

• Update to Application Insights 3.4.1 (from 3.3.10):
  • Enhanced W3C trace state support and distributed tracing improvements
  • Enhanced cookie management with memory caching when cookies are disabled
  • OsPlugin reliability improvements with proactive OS retrieval
  • URL redaction enhancements for improved flexibility
  • Better handling of dependency tracking with W3C trace state

Security Updates

• #169: Upgrade React and react-dom to 19.1.2 to address CVE-2025-55182 (CVSS 10.0)
  • Critical security vulnerability: unauthenticated remote code execution in React Server Components

... (truncated)

Commits

• fafc408 [Release] Increase version to 19.4.0 (#172)
• 4919e72 refactor(errorBoundary): return error and errorInfo object with the onError c...
• 0b183b7 fix: use React.ReactNode for children prop (#156)
• fb3080f Fix vulnerable dependencies (#171)
• ce42e0e fix(security): upgrade react and react-dom to 19.1.2 for CVE-2025-55182 (#169)
• See full diff in compare view

Updates @microsoft/applicationinsights-web from 3.4.1 to 3.4.2

Changelog

Sourced from @​microsoft/applicationinsights-web's changelog.

3.4.2 (June 18th, 2026)

This is a maintenance release for the 3.4.x version line containing security hardening, bug fixes, build tooling improvements, and CI updates. The @microsoft/1ds-post-js channel is numbered 4.4.2 and requires v3.4.2.

Commits

• See full diff in compare view

Updates @tanstack/react-query from 5.96.2 to 5.101.0

Release notes

Sourced from @​tanstack/react-query's releases.

@​tanstack/react-query-devtools@​5.101.0

Patch Changes

• Updated dependencies [3042860, e631dc3]:
  • @​tanstack/query-devtools@​5.101.0
  • @​tanstack/react-query@​5.101.0

@​tanstack/react-query-next-experimental@​5.101.0

Patch Changes

• #10857 7cf5923 - fix(react-query-next-experimental): replace deprecated 'isServer' with 'environmentManager.isServer()'

• Updated dependencies []:

  • @​tanstack/react-query@​5.101.0

@​tanstack/react-query-persist-client@​5.101.0

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-persist-client-core@​5.101.0
  • @​tanstack/react-query@​5.101.0

@​tanstack/react-query@​5.101.0

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.101.0

@​tanstack/react-query-devtools@​5.100.14

Patch Changes

• Updated dependencies [ed20b6d]:
  • @​tanstack/react-query@​5.100.14
  • @​tanstack/query-devtools@​5.100.14

@​tanstack/react-query-next-experimental@​5.100.14

Patch Changes

• Updated dependencies [ed20b6d]:
  • @​tanstack/react-query@​5.100.14

@​tanstack/react-query-persist-client@​5.100.14

Patch Changes

• Updated dependencies [ed20b6d]:
  • @​tanstack/react-query@​5.100.14
  • @​tanstack/query-persist-client-core@​5.100.14

@​tanstack/react-query@​5.100.14

Patch Changes

... (truncated)

Changelog

Sourced from @​tanstack/react-query's changelog.

5.101.0

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.101.0

5.100.14

Patch Changes

• fix(react-query): do not go into optimistic fetching state when not subscribed (#10759)

• Updated dependencies []:

  • @​tanstack/query-core@​5.100.14

5.100.13

Patch Changes

• Updated dependencies [d423168]:
  • @​tanstack/query-core@​5.100.13

5.100.12

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.12

5.100.11

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.11

5.100.10

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.10

5.100.9

Patch Changes

• Updated dependencies [fcee7bd]:
  • @​tanstack/query-core@​5.100.9

... (truncated)

Commits

• f3d8d2a ci: Version Packages (#10774)
• 532bb29 fix(tests): disable local coverage instrumentation (#10776)
• ba6e7be ci: Version Packages (#10767)
• ed20b6d fix(react): do not go into optimistic fetching state when not subscribed (#10...
• 05cf2bc ci: Version Packages (#10758)
• d423168 fix(query-core): use built-in NoInfer for generic indexed-access types (#10593)
• 5ff4f69 ci: Version Packages (#10755)
• 3e85350 ci: Version Packages (#10706)
• 9d2692c ci: Version Packages (#10695)
• 74fa05e chore(tsconfig.json): narrow 'include' pattern to prevent TS6053 race conditi...
• Additional commits viewable in compare view

Updates @xyflow/react from 12.10.2 to 12.11.0

Release notes

Sourced from @​xyflow/react's releases.

@​xyflow/react@​12.11.0

12.11.0

Minor Changes

• #5677 e6661de - Add autoPanOnSelection to auto-pan when user drags a selection close to the edge of the viewport.

Patch Changes

• #5791 732c8eb - Adds a type error when handleId is used without handleType in useNodeConnections

• #5793 c5c853d - Dev Warnings now use library-specific messaging with the correct documentation links.

• #5776 0441e9f - Export NodeHandle type

• #5755 88737f9 - Add @types/react and @types/react-dom as optional peer dependencies to prevent issues with pnpm strict mode (hoist: false)

• #5105 076ad38 - Fix type for event passed to onNodeDrag

• #5784 7055140 - Fix node resizing possible beyond absolute extents

• #5769 ad4d547 - Use useEffect for StoreUpdater to restore previous behaviour

• Updated dependencies [732c8eb, c5c853d, e6661de, 737194d, 40660cd, 4806e7c, 7055140]:

  • @​xyflow/system@​0.0.77

Changelog

Sourced from @​xyflow/react's changelog.

12.11.0

Minor Changes

• #5677 e6661de - Add autoPanOnSelection to auto-pan when user drags a selection close to the edge of the viewport.

Patch Changes

• #5791 732c8eb - Adds a type error when handleId is used without handleType in useNodeConnections

• #5793 c5c853d - Dev Warnings now use library-specific messaging with the correct documentation links.

• #5776 0441e9f - Export NodeHandle type

• #5755 88737f9 - Add @types/react and @types/react-dom as optional peer dependencies to prevent issues with pnpm strict mode (hoist: false)

• #5105 076ad38 - Fix type for event passed to onNodeDrag

• #5784 7055140 - Fix node resizing possible beyond absolute extents

• #5769 ad4d547 - Use useEffect for StoreUpdater to restore previous behaviour

• Updated dependencies [732c8eb, c5c853d, e6661de, 737194d, 40660cd, 4806e7c, 7055140]:

  • @​xyflow/system@​0.0.77

Commits

• 6970ded chore(packages): bump
• c9db70d Merge branch 'main' of https://github.com/xyflow/xyflow into 5780-svelte-flow...
• af23aef chore: cleanup error messages
• 9d58ab9 fix: make error messages framework-specific
• e52bb55 Merge pull request #5105 from thedanchez/xydrag-type-generics
• 03e3dc0 Merge pull request #5755 from nielskaspers/fix/issue-5738-react-types-peer-dep
• caebfd6 Merge pull request #5784 from xyflow/fix-node-resizer-again
• 9dc7ec9 chore(react): fix util function
• c4e7833 Merge pull request #5785 from xyflow/fix-useless-promises
• 01fb1f1 chore(system): add UseNodeConnectionsParams type
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​xyflow/react since your current version.

Updates lucide-react from 1.7.0 to 1.21.0

Release notes

Sourced from lucide-react's releases.

Version 1.21.0

What's Changed

• ci(release.yml): Remove new-version in release flow by @​ericfennis in lucide-icons/lucide#4478
• ci(release.yml): Fix workflow and remove version scripts in package scripts by @​ericfennis in lucide-icons/lucide#4479
• fix(docs): rename navigation category label by @​Hsiii in lucide-icons/lucide#4483
• feat(icons): added broken-bone icon by @​Patolord in lucide-icons/lucide#4131

New Contributors

• @​Hsiii made their first contribution in lucide-icons/lucide#4483
• @​Patolord made their first contribution in lucide-icons/lucide#4131

Full Changelog: lucide-icons/lucide@1.20.0...1.21.0

Version 1.20.0

What's Changed

• fix(icons): decreased size of arrows inside square-arrow-* icons by @​jguddas in lucide-icons/lucide#3926
• chore(tags): Add tags to search- icons by @​jamiemlaw in lucide-icons/lucide#4099
• feat(icons): added save-check icon by @​Konixy in lucide-icons/lucide#3120
• feat(icons): added tag-plus and tag-x icons by @​adam-kov in lucide-icons/lucide#3980
• feat(icons): added banknote-check icon by @​mfjramirezf in lucide-icons/lucide#3956
• feat(icons): added clock-arrow-in icon by @​jguddas in lucide-icons/lucide#2403
• feat(icons): added summary icon by @​jpjacobpadilla in lucide-icons/lucide#3114
• feat(icons): added user-round-arrow-in icon by @​jguddas in lucide-icons/lucide#2283
• feat(icons): added clock-arrow-out icon by @​jguddas in lucide-icons/lucide#2404
• docs(docs): fix broken Svelte package source link in README by @​SRKrukowski in lucide-icons/lucide#4468
• chore(deps-dev): bump @​angular/compiler from 21.2.5 to 21.2.17 by @​dependabot[bot] in lucide-icons/lucide#4474
• chore(deps-dev): bump @​angular/core from 21.2.5 to 21.2.17 by @​dependabot[bot] in lucide-icons/lucide#4470
• chore(deps-dev): bump vitest from 4.0.12 to 4.1.0 by @​dependabot[bot] in lucide-icons/lucide#4429
• chore(deps-dev): bump markdown-it from 14.1.1 to 14.2.0 by @​dependabot[bot] in lucide-icons/lucide#4475
• chore(deps-dev): bump @​angular/common from 21.2.5 to 21.2.17 by @​dependabot[bot] in lucide-icons/lucide#4471
• feat(icons): added pencil-sparkles icon by @​jennieboops in lucide-icons/lucide#4445

New Contributors

• @​Konixy made their first contribution in lucide-icons/lucide#3120
• @​adam-kov made their first contribution in lucide-icons/lucide#3980
• @​mfjramirezf made their first contribution in lucide-icons/lucide#3956
• @​SRKrukowski made their first contribution in lucide-icons/lucide#4468
• @​jennieboops made their first contribution in lucide-icons/lucide#4445

Full Changelog: lucide-icons/lucide@1.19.0...1.20.0

Version 1.19.0

What's Changed

• chore(deps): upgrade pnpm to version 11.6.0 by @​ericfennis in lucide-icons/lucide#4458
• feat(icons): added star-* icons by @​RajnishKMehta in lucide-icons/lucide#3918
• chore(suggest-tags): Update metadata suggestion script by @​ericfennis in lucide-icons/lucide#4462
• feat(icons): added save-pen icon by @​vaporvee in lucide-icons/lucide#4179
• feat(icons): added wrench-off icon by @​nilsjonsson in lucide-icons/lucide#4434
• feat(icons): added ad icon by @​jamiemlaw in lucide-icons/lucide#4323
• feat(icons): added eye-dashed icon by @​karsa-mistmere in lucide-icons/lucide#4415

... (truncated)

Commits

• 5ff536e ci(release.yml): Fix workflow and remove version scripts in package scripts...
• 07c885e fix(docs): fix zephyr-cloud URL in readmes
• 50d8af5 docs(readme): Update readme files (#4320)
• 653e44b feat(packages): use .mjs for ESM bundles (#4285)
• 7623e23 feat(docs): add Zephyr Cloud to Hero Backers tier & rework updateSponsors scr...
• See full diff in compare view

Updates next from 16.2.2 to 16.2.9

Release notes

Sourced from next's releases.

v16.2.9

Empty release to ensure next@latest points at a stable release. Next.js only allows publishing with Trusted Publishing enabled. In order to fix NPM dist-tags, we have to release a new version. Updating dist-tags is not possible with Trusted Publishing.

v16.2.8

Release with no changes in an attempt to fix next@latest pointing at a prerelease version.

v16.2.7

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Backport documentation fixes for v16.2 (#93804)
• [backport] Patch playwright-core to resolve _finishedPromise on requestFailed (#93920)
• [backport] Fix dev mode hydration failure when page is served from HTTP cache (#93492)
• [backport] Fix catch-all router.query corruption with basePath + rewrites (#93917)
• [backport] Encode non-ASCII characters in cache tags at construction (#93918)
• [backport] Fix server action forwarding loop with middleware rewrites (#93919)
• [backport] Turbopack: switch from base40 to base38 hash encoding (#93932)
• [ci] Disable hanging node 24 typescript tests on 16.2 backport branch (#94164)
• [backport] Fix "type: module" in project dir when using standalone or adapters (#94050)
• [backport] Propagate adapter preferred regions (#94200)
• [16.2.x] Don't drop FormData entries (#94240)
• [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolution (#94284)

Credits

Huge thanks to @​eps1lon, @​icyJoseph, @​unstubbable, @​mischnic, @​bgw, @​timneutkens, and @​lukesandberg for helping!

v16.2.6

[!NOTE] This release contains security fixes and backported bug fixes. It does not include all pending features/changes on canary.

Security Fixes

The following advisories have been addressed:

High:

• GHSA-8h8q-6873-q5fj: Denial of Service with Server Components
• GHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch r...

  Description has been truncated