chore(deps): bump the version group with 10 updates

[dependabot]

Bumps the version group with 10 updates:

Package	From	To
@clerk/nextjs	7.4.2	7.4.3
@next/bundle-analyzer	16.2.6	16.2.7
@next/eslint-plugin-next	16.2.6	16.2.7
eslint-config-next	16.2.6	16.2.7
fuse.js	7.4.0	7.4.1
next	16.2.6	16.2.7
react	19.2.6	19.2.7
@types/react	19.2.15	19.2.16
react-dom	19.2.6	19.2.7
typescript-eslint	8.60.0	8.60.1

Updates @clerk/nextjs from 7.4.2 to 7.4.3

Release notes

Sourced from @​clerk/nextjs's releases.

@​clerk/nextjs@​7.4.3

Patch Changes

• Prevent keyless mode from activating in CI and other automated environments in framework SDKs. (#8676) by @​mwickett

• Updated dependencies [1c42351, 1701e0f, afb75e6, c3df67a, ff0cfef, 86fd38f, be55c4e, fb184de, 8d6bb56, 43dfefa, 5fc7b21, c2ba134]:

  • @​clerk/backend@​3.5.0
  • @​clerk/shared@​4.15.0
  • @​clerk/react@​6.7.3

Changelog

Sourced from @​clerk/nextjs's changelog.

7.4.3

Patch Changes

• Prevent keyless mode from activating in CI and other automated environments in framework SDKs. (#8676) by @​mwickett

• Updated dependencies [1c42351, 1701e0f, afb75e6, c3df67a, ff0cfef, 86fd38f, be55c4e, fb184de, 8d6bb56, 43dfefa, 5fc7b21, c2ba134]:

  • @​clerk/backend@​3.5.0
  • @​clerk/shared@​4.15.0
  • @​clerk/react@​6.7.3

Commits

• c9d9e6a ci(repo): Version packages (#8679)
• 86fd38f fix(repo): harden keyless accountless requests (#8676)
• See full diff in compare view

Updates @next/bundle-analyzer from 16.2.6 to 16.2.7

Release notes

Sourced from @​next/bundle-analyzer's releases.

v16.2.7

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Backport documentation fixes for v16.2 (#93804)
• [backport] Patch playwright-core to resolve _finishedPromise on requestFailed (#93920)
• [backport] Fix dev mode hydration failure when page is served from HTTP cache (#93492)
• [backport] Fix catch-all router.query corruption with basePath + rewrites (#93917)
• [backport] Encode non-ASCII characters in cache tags at construction (#93918)
• [backport] Fix server action forwarding loop with middleware rewrites (#93919)
• [backport] Turbopack: switch from base40 to base38 hash encoding (#93932)
• [ci] Disable hanging node 24 typescript tests on 16.2 backport branch (#94164)
• [backport] Fix "type: module" in project dir when using standalone or adapters (#94050)
• [backport] Propagate adapter preferred regions (#94200)
• [16.2.x] Don't drop FormData entries (#94240)
• [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolution (#94284)

Credits

Huge thanks to @​eps1lon, @​icyJoseph, @​unstubbable, @​mischnic, @​bgw, @​timneutkens, and @​lukesandberg for helping!

Commits

• 9bd3c26 v16.2.7
• See full diff in compare view

Updates @next/eslint-plugin-next from 16.2.6 to 16.2.7

Release notes

Sourced from @​next/eslint-plugin-next's releases.

v16.2.7

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Backport documentation fixes for v16.2 (#93804)
• [backport] Patch playwright-core to resolve _finishedPromise on requestFailed (#93920)
• [backport] Fix dev mode hydration failure when page is served from HTTP cache (#93492)
• [backport] Fix catch-all router.query corruption with basePath + rewrites (#93917)
• [backport] Encode non-ASCII characters in cache tags at construction (#93918)
• [backport] Fix server action forwarding loop with middleware rewrites (#93919)
• [backport] Turbopack: switch from base40 to base38 hash encoding (#93932)
• [ci] Disable hanging node 24 typescript tests on 16.2 backport branch (#94164)
• [backport] Fix "type: module" in project dir when using standalone or adapters (#94050)
• [backport] Propagate adapter preferred regions (#94200)
• [16.2.x] Don't drop FormData entries (#94240)
• [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolution (#94284)

Credits

Huge thanks to @​eps1lon, @​icyJoseph, @​unstubbable, @​mischnic, @​bgw, @​timneutkens, and @​lukesandberg for helping!

Commits

• 9bd3c26 v16.2.7
• See full diff in compare view

Updates eslint-config-next from 16.2.6 to 16.2.7

Release notes

Sourced from eslint-config-next's releases.

v16.2.7

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Backport documentation fixes for v16.2 (#93804)
• [backport] Patch playwright-core to resolve _finishedPromise on requestFailed (#93920)
• [backport] Fix dev mode hydration failure when page is served from HTTP cache (#93492)
• [backport] Fix catch-all router.query corruption with basePath + rewrites (#93917)
• [backport] Encode non-ASCII characters in cache tags at construction (#93918)
• [backport] Fix server action forwarding loop with middleware rewrites (#93919)
• [backport] Turbopack: switch from base40 to base38 hash encoding (#93932)
• [ci] Disable hanging node 24 typescript tests on 16.2 backport branch (#94164)
• [backport] Fix "type: module" in project dir when using standalone or adapters (#94050)
• [backport] Propagate adapter preferred regions (#94200)
• [16.2.x] Don't drop FormData entries (#94240)
• [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolution (#94284)

Credits

Huge thanks to @​eps1lon, @​icyJoseph, @​unstubbable, @​mischnic, @​bgw, @​timneutkens, and @​lukesandberg for helping!

Commits

• 9bd3c26 v16.2.7
• See full diff in compare view

Updates fuse.js from 7.4.0 to 7.4.1

Release notes

Sourced from fuse.js's releases.

v7.4.1

Bug Fixes

• types: ship TypeScript declarations for fuse.js/worker (572ad1e), closes #828
• types: add TypeScript declarations for fuse.js/worker-script (6ef6c33), closes #828

Both worker subpaths now resolve types under node16/nodenext and bundler module resolution.

Changelog

Sourced from fuse.js's changelog.

7.4.1 (2026-06-02)

Bug Fixes

• types: add TypeScript declarations for fuse.js/worker-script (6ef6c33), closes #828
• types: ship TypeScript declarations for fuse.js/worker (572ad1e), closes #828

Commits

• ce75998 chore(release): 7.4.1
• e842baf test(types): guard that every exports subpath resolves to declarations
• 6ef6c33 fix(types): add TypeScript declarations for fuse.js/worker-script
• ef3e96d refactor(workers): type workerUrl as string | URL
• 572ad1e fix(types): ship TypeScript declarations for fuse.js/worker
• 0db224b chore: ignore .antigravitycli/
• 6f40ee5 docs(site): show current version in navbar
• c83a9c2 docs: drop stale TOKEN_SEARCH.md, link README to fusejs.io/token-search
• 7e16249 docs: drop beta callouts after 7.4.0 stable release
• b576446 chore: bump doc versions to 7.4.0
• See full diff in compare view

Updates next from 16.2.6 to 16.2.7

Release notes

Sourced from next's releases.

v16.2.7

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Backport documentation fixes for v16.2 (#93804)
• [backport] Patch playwright-core to resolve _finishedPromise on requestFailed (#93920)
• [backport] Fix dev mode hydration failure when page is served from HTTP cache (#93492)
• [backport] Fix catch-all router.query corruption with basePath + rewrites (#93917)
• [backport] Encode non-ASCII characters in cache tags at construction (#93918)
• [backport] Fix server action forwarding loop with middleware rewrites (#93919)
• [backport] Turbopack: switch from base40 to base38 hash encoding (#93932)
• [ci] Disable hanging node 24 typescript tests on 16.2 backport branch (#94164)
• [backport] Fix "type: module" in project dir when using standalone or adapters (#94050)
• [backport] Propagate adapter preferred regions (#94200)
• [16.2.x] Don't drop FormData entries (#94240)
• [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolution (#94284)

Credits

Huge thanks to @​eps1lon, @​icyJoseph, @​unstubbable, @​mischnic, @​bgw, @​timneutkens, and @​lukesandberg for helping!

Commits

• 9bd3c26 v16.2.7
• c63224f [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolut...
• 63115c7 [16.2.x] Don't drop FormData entries (#94240)
• aef22fd [backport] Propagate adapter preferred regions (#94200)
• f126e72 [backport] Fix "type: module" in project dir when using standalone or adapter...
• bda3e2a [ci] Disable hanging node 24 typescript tests on 16.2 backport branch (#94164)
• 7e16e07 [backport] Turbopack: switch from base40 to base38 hash encoding (#93932)
• 6139f4b [backport] Fix server action forwarding loop with middleware rewrites (#93919)
• c021d10 [backport] Encode non-ASCII characters in cache tags at construction (#93918)
• 9184ddb [backport] Fix catch-all router.query corruption with basePath + `rewrite...
• Additional commits viewable in compare view

Updates react from 19.2.6 to 19.2.7

Release notes

Sourced from react's releases.

19.2.7 (June 1st, 2026)

React Server Components

• Fixed missing FormData entries in Server Actions which regressed in 19.2.6 (#36566 by @​unstubbable)

Commits

• 6117d7c Version 19.2.7 (#36591)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react since your current version.

Updates @types/react from 19.2.15 to 19.2.16

Commits

• See full diff in compare view

Updates react-dom from 19.2.6 to 19.2.7

Release notes

Sourced from react-dom's releases.

19.2.7 (June 1st, 2026)

React Server Components

• Fixed missing FormData entries in Server Actions which regressed in 19.2.6 (#36566 by @​unstubbable)

Commits

• 6117d7c Version 19.2.7 (#36591)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react-dom since your current version.

Updates @types/react from 19.2.15 to 19.2.16

Commits

• See full diff in compare view

Updates typescript-eslint from 8.60.0 to 8.60.1

Release notes

Sourced from typescript-eslint's releases.

v8.60.1

8.60.1 (2026-06-01)

🩹 Fixes

• eslint-plugin: respect ECMAScript line terminators in ts-comment rules (#12352)
• eslint-plugin: [no-shadow] correct rule to match ESLint v10 handling (#12182)

❤️ Thank You

• lumir
• Nevette Bailey @​nevette-bailey

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.60.1 (2026-06-01)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

• 4f84a69 chore(release): publish 8.60.1
• 1849b53 chore: typecheck using tsgo (#12139)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	next@​16.2.6 ⏵ 16.2.7	+1		+1
	eslint-config-next@​16.2.6 ⏵ 16.2.7				+1
	@​next/​eslint-plugin-next@​16.2.6 ⏵ 16.2.7	+1		+1	+1
	@​clerk/​nextjs@​7.4.2 ⏵ 7.4.3			+1
	@​types/​react@​19.2.15 ⏵ 19.2.16	+1			+2
	react@​19.2.6 ⏵ 19.2.7
	@​next/​bundle-analyzer@​16.2.6 ⏵ 16.2.7	+1		+1	+1
	react-dom@​19.2.6 ⏵ 19.2.7
	fuse.js@​7.4.0 ⏵ 7.4.1	+2			+1

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		License policy violation: npm next under MPL-2.0 License: MPL-2.0 - The applicable license policy does not permit this license (5) (package/dist/compiled/@vercel/og/package.json) License: MPL-2.0 - The applicable license policy does not permit this license (5) (package/dist/compiled/@vercel/og/LICENSE) License: MPL-2.0 - The applicable license policy does not permit this license (5) (package/dist/compiled/@vercel/og/satori/LICENSE) From: package.json → npm/next@16.2.7 ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/next@16.2.7. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

[github-actions]

Deploy preview for steamer-academy-me ready!

Project:	steamer-academy-me
Status:	✅  Deploy successful!
Preview URL:	https://steamer-academy-xj8o3rsp9-muntasirszns-projects.vercel.app
Latest Commit:	169818c

Deployed with vercel-action