chore: bump next.js

[brendan-kellam]

Summary by CodeRabbit

• Chores
  • Updated Next.js framework dependency to enable access to newer minor versions with available bug fixes and improvements.

[github-actions]

@brendan-kellam your pull request is missing a changelog!

[coderabbitai]

Walkthrough

Updated the next dependency in packages/web/package.json from a pinned version 16.1.6 to a semver range ^16.2.3, allowing automatic minor and patch version updates within the 16.x release line.

Changes

Cohort / File(s)	Summary
Dependency Update packages/web/package.json	Updated next dependency from pinned version 16.1.6 to semver range ^16.2.3.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'chore: bump next.js' directly and clearly describes the main change: updating the Next.js dependency version from 16.1.6 to ^16.2.3.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch bkellam/bump-next

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (1)

packages/web/package.json (1)

155-155: Align eslint-config-next with the upgraded next version.

next now floats on ^16.2.3, but eslint-config-next remains pinned to 16.1.6 (Line 215). This can create lint/config drift as next receives newer 16.x minors.

🔧 Suggested update

-    "eslint-config-next": "16.1.6",
+    "eslint-config-next": "16.2.3",

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@packages/web/package.json` at line 155, The package.json currently upgrades
"next" to ^16.2.3 but leaves "eslint-config-next" pinned at 16.1.6; update the
"eslint-config-next" dependency to align with the upgraded Next version (e.g.,
set "eslint-config-next" to ^16.2.3 or the matching 16.2.x range) so lint rules
stay compatible with "next", then run install and verify linting passes; locate
the dependency by the exact package name "eslint-config-next" in package.json to
make the change.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@packages/web/package.json`:
- Line 155: The package.json currently upgrades "next" to ^16.2.3 but leaves
"eslint-config-next" pinned at 16.1.6; update the "eslint-config-next"
dependency to align with the upgraded Next version (e.g., set
"eslint-config-next" to ^16.2.3 or the matching 16.2.x range) so lint rules stay
compatible with "next", then run install and verify linting passes; locate the
dependency by the exact package name "eslint-config-next" in package.json to
make the change.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 81923f52-d178-478c-9b10-54fa608c5dba

📥 Commits

Reviewing files that changed from the base of the PR and between 775164c and ef6aa8e.

⛔ Files ignored due to path filters (1)

• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (1)

• packages/web/package.json

[github-actions]

License Audit

❌ Status: FAIL

Metric	Count
Total packages	2122
Resolved (non-standard)	7
Unresolved	4
Strong copyleft	0
Weak copyleft	19

Fail Reasons

• 4 packages have unresolvable licenses: @react-grab/cli@0.1.23, @react-grab/cli@0.1.29, @react-grab/mcp@0.1.29, element-source@0.0.3

Unresolved Packages

Package	Version	License	Reason
@react-grab/cli	0.1.23	UNKNOWN	No license field in npm registry for this version; no repository or homepage URL present; GitHub org react-grab has no public repositories
@react-grab/cli	0.1.29	UNKNOWN	No license field in npm registry for this version; no repository or homepage URL present; GitHub org react-grab has no public repositories
@react-grab/mcp	0.1.29	UNKNOWN	No license field in npm registry for this version; no repository or homepage URL present; GitHub org react-grab has no public repositories
element-source	0.0.3	UNKNOWN	No license field in npm registry for this version; no repository or homepage URL present; maintainer contact only (aiden.bai05@gmail.com) — no public source found

Weak Copyleft Packages (informational)

Package	Version	License
@img/sharp-libvips-darwin-arm64	1.0.4	LGPL-3.0-or-later
@img/sharp-libvips-darwin-arm64	1.2.4	LGPL-3.0-or-later
@img/sharp-libvips-darwin-x64	1.0.4	LGPL-3.0-or-later
@img/sharp-libvips-darwin-x64	1.2.4	LGPL-3.0-or-later
@img/sharp-libvips-linux-arm	1.0.5	LGPL-3.0-or-later
@img/sharp-libvips-linux-arm	1.2.4	LGPL-3.0-or-later
@img/sharp-libvips-linux-arm64	1.0.4	LGPL-3.0-or-later
@img/sharp-libvips-linux-arm64	1.2.4	LGPL-3.0-or-later
@img/sharp-libvips-linux-ppc64	1.2.4	LGPL-3.0-or-later
@img/sharp-libvips-linux-riscv64	1.2.4	LGPL-3.0-or-later
@img/sharp-libvips-linux-s390x	1.0.4	LGPL-3.0-or-later
@img/sharp-libvips-linux-s390x	1.2.4	LGPL-3.0-or-later
@img/sharp-libvips-linux-x64	1.0.4	LGPL-3.0-or-later
@img/sharp-libvips-linux-x64	1.2.4	LGPL-3.0-or-later
@img/sharp-libvips-linuxmusl-arm64	1.0.4	LGPL-3.0-or-later
@img/sharp-libvips-linuxmusl-arm64	1.2.4	LGPL-3.0-or-later
@img/sharp-libvips-linuxmusl-x64	1.0.4	LGPL-3.0-or-later
@img/sharp-libvips-linuxmusl-x64	1.2.4	LGPL-3.0-or-later
axe-core	4.10.3	MPL-2.0

Resolved Packages (7)

Package	Version	Original	Resolved	Source
codemirror-lang-elixir	4.0.0	UNKNOWN	Apache-2.0	GitHub repo LICENSE file (livebook-dev/codemirror-lang-elixir)
lezer-elixir	1.1.2	UNKNOWN	Apache-2.0	GitHub repo LICENSE file (livebook-dev/lezer-elixir)
map-stream	0.1.0	UNKNOWN	MIT	GitHub repo license metadata (dominictarr/map-stream)
memorystream	0.3.1	UNKNOWN	MIT	npm registry — licenses[0].type field: {"type":"MIT","url":"http://github.com/JSBizon/node-memorystream/raw/master/LICENSE"}
pause-stream	0.0.11	MIT,Apache2	MIT AND Apache-2.0	extracted from non-standard license array in package.json
posthog-js	1.345.5	SEE LICENSE IN LICENSE	Apache-2.0	GitHub repo LICENSE file (PostHog/posthog-js) — primary license is Apache-2.0; bundled MIT components from Sentry, Metro, Expo
valid-url	1.0.9	UNKNOWN	MIT	GitHub repo LICENSE file (ogt/valid-url)