Bump the npm group across 1 directory with 7 updates

[dependabot]

Bumps the npm group with 7 updates in the /web directory:

Package	From	To
graphql	16.14.1	16.14.2
i18next	26.3.0	26.3.1
next	16.2.7	16.2.9
react	19.2.6	19.2.7
@types/react	19.2.15	19.2.17
react-dom	19.2.6	19.2.7
@types/node	25.9.1	25.9.3

Updates graphql from 16.14.1 to 16.14.2

Release notes

Sourced from graphql's releases.

v16.14.2 (2026-06-09)

Docs 📝

• #4782 docs: update API (@​yaacovCR)
• #4783 docs: website review (@​yaacovCR)
• #4788 docs: add Node.js tracing channels guide (@​logaretm)
• #4789 docs: overhaul index and update/add additional migration guides (@​yaacovCR)
• #4792 docs: remove extra asterisks from single line jsdoc comments (@​yaacovCR)
• #4794 docs: refresh website with broader execution/tracing update (@​yaacovCR)
• #4801 docs: correct extension field comments - v16 (@​yaacovCR)

Polish 💅

• #4787 docs: update documentation for v17 release candidate (@​yaacovCR)

Committers: 2

• Abdelrahman Awad(@​logaretm)
• Yaacov Rydzinski (@​yaacovCR)

Commits

• dca5b4d chore(release): v16.14.2
• 01f8503 docs: correct extension field comments - v16 (#4801)
• b8087c3 docs: add Node.js tracing channels guide (#4788)
• ec23905 docs: refresh website with broader execution/tracing update (#4794)
• f8680fa docs: remove extra asterisks from single line jsdoc comments (#4792)
• 6256444 docs: overhaul index and update/add additional migration guides (#4789)
• e7e90ef docs: update documentation for v17 release candidate (#4787)
• cae62e3 docs: restore missing docs
• 35f1ff9 docs: increase spacing in embedded TOC
• 56c868e docs: fix deprecated markings
• Additional commits viewable in compare view

Updates i18next from 26.3.0 to 26.3.1

Release notes

Sourced from i18next's releases.

v26.3.1

• fix(types): t() with a keyPrefix no longer pollutes its return type with sibling keys' values. A regression in 26.3.0 — the [Res] extends [never] guards added to KeysBuilderWithReturnObjects / KeysBuilderWithoutReturnObjects turned the builders into deferred conditional types, so KeyPrefix<Ns> stopped resolving to a literal union and keyPrefix inference widened to the whole namespace. Symptom: useTranslation(ns, { keyPrefix: 'a.b' }) then t('title') would resolve to '<a.b>.title' | '<other.path>.title' | ... instead of just the scoped value. Affected every react-i18next user using keyPrefix. Restored to the eager 26.2.0 form. The same-namespace conflict handling from #2434 still works via _DropConflictKeys at the merge layer (in options.d.ts). Thanks @​aaronrosenthal (#2436).

Changelog

Sourced from i18next's changelog.

26.3.1

• fix(types): t() with a keyPrefix no longer pollutes its return type with sibling keys' values. A regression in 26.3.0 — the [Res] extends [never] guards added to KeysBuilderWithReturnObjects / KeysBuilderWithoutReturnObjects turned the builders into deferred conditional types, so KeyPrefix<Ns> stopped resolving to a literal union and keyPrefix inference widened to the whole namespace. Symptom: useTranslation(ns, { keyPrefix: 'a.b' }) then t('title') would resolve to '<a.b>.title' | '<other.path>.title' | ... instead of just the scoped value. Affected every react-i18next user using keyPrefix. Restored to the eager 26.2.0 form. The same-namespace conflict handling from #2434 still works via _DropConflictKeys at the merge layer (in options.d.ts). Thanks @​aaronrosenthal (#2436).

Commits

• 7bdb5d7 26.3.1
• a655e32 changelog: 26.3.1 entry for #2436
• 57ed812 fix(types): keyPrefix no longer pollutes t() return type with sibling keys (#...
• See full diff in compare view

Updates next from 16.2.7 to 16.2.9

Release notes

Sourced from next's releases.

v16.2.9

Empty release to ensure next@latest points at a stable release. Next.js only allows publishing with Trusted Publishing enabled. In order to fix NPM dist-tags, we have to release a new version. Updating dist-tags is not possible with Trusted Publishing.

v16.2.8

Release with no changes in an attempt to fix next@latest pointing at a prerelease version.

Commits

• f37fad9 v16.2.9
• d9aaaed [cd] Allow tagging semver-lower releases as @latest if @latest po… (#94627)
• 6f16804 v16.2.8
• 0dbc1d5 [16.2.x][cd] Ensure release can be triggered on old branches (#94598)
• 90e3c81 [16.2.x] Align Actions dependencies with Canary (#94339)
• 83f402c [16.2.x][cd] Stop fetching all tags when searching parent tag (#94334)
• 411c455 v16.2.7
• See full diff in compare view

Updates react from 19.2.6 to 19.2.7

Release notes

Sourced from react's releases.

19.2.7 (June 1st, 2026)

React Server Components

• Fixed missing FormData entries in Server Actions which regressed in 19.2.6 (#36566 by @​unstubbable)

Commits

• 6117d7c Version 19.2.7 (#36591)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react since your current version.

Updates @types/react from 19.2.15 to 19.2.17

Commits

• See full diff in compare view

Updates react-dom from 19.2.6 to 19.2.7

Release notes

Sourced from react-dom's releases.

19.2.7 (June 1st, 2026)

React Server Components

• Fixed missing FormData entries in Server Actions which regressed in 19.2.6 (#36566 by @​unstubbable)

Commits

• 6117d7c Version 19.2.7 (#36591)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react-dom since your current version.

Updates @types/node from 25.9.1 to 25.9.3

Commits

• See full diff in compare view

Updates @types/react from 19.2.15 to 19.2.17

Commits

• See full diff in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
@types/node	[>= 24.a, < 25]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions