deps: bump next from 16.2.2 to 16.2.3 in the npm_security group across 1 directory

[dependabot]

Bumps the npm_security group with 1 update in the / directory: next.

Updates next from 16.2.2 to 16.2.3

Release notes

Sourced from next's releases.

v16.2.3

[!NOTE] This release is backporting security and bug fixes. For more information about the fixed security vulnerability, please see https://vercel.com/changelog/summary-of-cve-2026-23869. The release does not include all pending features/changes on canary.

Core Changes

• Ensure app-page reports stale ISR revalidation errors via onRequestError (#92282)
• Fix [Bug]: manifest.ts breaks HMR in Next.js 16.2 (#91981 through #92273)
• Deduplicate output assets and detect content conflicts on emit (#92292)
• Fix styled-jsx race condition: styles lost due to concurrent rendering (#92459)
• turbo-tasks-backend: stability fixes for task cancellation and error handling (#92254)

Credits

Huge thanks to @​icyJoseph, @​sokra, @​wbinnssmith, @​eps1lon and @​ztanner for helping!

Commits

• d5f649b v16.2.3
• 2873928 [16.x] Avoid consuming cyclic models multiple times (#75)
• d7c7765 [backport]: Ensure app-page reports stale ISR revalidation errors via onReque...
• c573e8c fix(server-hmr): metadata routes overwrite page runtime HMR handler (#92273)
• 57b8f65 next-core: deduplicate output assets and detect content conflicts on emit (#9...
• f158df1 Fix styled-jsx race condition: styles lost due to concurrent rendering (#92459)
• 356d605 turbo-tasks-backend: stability fixes for task cancellation and error handling...
• 3b77a6e Fix DashMap read-write self-deadlock in task_cache causing hangs (#92210)
• b2f208a Backport: new view-transitions guide, update and fixes (#92264)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Summary by CodeRabbit

• Chores
  • Updated Next.js to the latest patch version, which includes bug fixes and performance improvements.

[coderabbitai]

📝 Walkthrough

Walkthrough

Updated the Next.js dependency version in package.json from ^16.2.2 to ^16.2.3. This is a patch-level version bump with no other changes to dependencies or project configuration.

Changes

Cohort / File(s)	Summary
Dependency version bump package.json	Updated next dependency from ^16.2.2 to ^16.2.3 (patch version increment).

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description is largely auto-generated by Dependabot and lacks alignment with the repository's PR template, missing required sections like Summary, Type of Change, Testing, and Security Checklist.	Fill out the required PR template sections: add a concise Summary, select 'Dependencies' or similar Type of Change, confirm testing steps (npm test, npm run lint, npm run typecheck), and complete the Security Checklist.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: a dependency version bump of Next.js from 16.2.2 to 16.2.3 in the npm_security group.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/npm_and_yarn/npm_security-ad77747e51

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@package.json`:
- Line 70: package.json lists "next": "^16.2.3" while "eslint-config-next" is
still at "^16.2.2"; update the eslint-config-next dependency to "^16.2.3" in
package.json so both packages align, then run your package manager
(npm/yarn/pnpm) to install and update lockfile accordingly (verify no breaking
changes after upgrade).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 98f20508-6df0-4284-870d-971c975b367c

📥 Commits

Reviewing files that changed from the base of the PR and between 2d38b33 and 20a256e.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json, !**/package-lock.json

📒 Files selected for processing (1)

• package.json

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Check available versions of eslint-config-next
curl -s https://registry.npmjs.org/eslint-config-next | jq -r '.versions | keys[] | select(startswith("16.2"))'

Repository: GeiserX/LynxPrompt

Length of output: 2386

---

Align eslint-config-next version with next.

eslint-config-next is at ^16.2.2 while next is at ^16.2.3. Update eslint-config-next to ^16.2.3 for consistency.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@package.json` at line 70, package.json lists "next": "^16.2.3" while
"eslint-config-next" is still at "^16.2.2"; update the eslint-config-next
dependency to "^16.2.3" in package.json so both packages align, then run your
package manager (npm/yarn/pnpm) to install and update lockfile accordingly
(verify no breaking changes after upgrade).