chore(deps): bump next from 16.2.2 to 16.2.3#13
Closed
dependabot[bot] wants to merge 1 commit into
Closed
Conversation
Bumps [next](https://github.com/vercel/next.js) from 16.2.2 to 16.2.3. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v16.2.2...v16.2.3) --- updated-dependencies: - dependency-name: next dependency-version: 16.2.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Author
|
Superseded by #14. |
sshdopey
added a commit
that referenced
this pull request
Apr 20, 2026
Three issues called out by the user:
1. Plan IDs still looked sequential (encoded "AAAB", "AAAC", …)
- Switched encoder to multiplicative scrambling: plan_id is multiplied
by the golden-ratio constant (Knuth's hash) mod 2^32, then base-56
encoded. The mapping is bijective (modular inverse computed at
module load) so we can still decode back to the chain plan_id.
- Plan 1 / 2 / 3 now produce visually unrelated 5-6 char strings
('GnRap', 'cZ4By', 'rRYbz'). No 'guess the next plan' attack works.
- Plain numeric URLs (/p/42) still decode for back-compat.
- tsconfig target bumped to ES2020 for BigInt literal support.
2. 'Trustline missing' error after subscribe was opaque
- The Stellar token contract returns Error(Contract, #13) when the
subscriber has no trustline for the asset. We now detect that
specific error pattern and instead of showing the raw chain message,
surface a friendly inline panel: 'USDC trustline required — Your
wallet needs to opt in to USDC before it can be debited. This is a
one-time, free Stellar transaction.'
- Added a 1-click 'Establish USDC trustline' button that builds a
changeTrust tx via stellar-sdk, asks the wallet to sign it, submits
to Horizon, then re-enables the Subscribe button. The user goes
from 'cryptic error' to 'subscribed' in two signatures.
- Added hasTrustline + buildTrustlineTx + TUSDC_CODE/TUSDC_ISSUER
constants in lib/account-data.ts.
3. Token contract field cluttered the plan creation form
- Moved behind a collapsed <details> 'Advanced' disclosure. Defaults
to TUSDC. Merchants who don't care about Soroban Asset Contracts
never see it.
sshdopey
added a commit
that referenced
this pull request
Apr 20, 2026
The trustline error (#13) is now followed by an insufficient-balance error (#10) once users opt in to USDC but have zero balance. Same UX pattern as the trustline fix: 1. Detect the chain error - subscribe handler now matches both 'resulting balance is not within the allowed range' and 'Error(Contract, #10)' patterns - Sets needsFunding flag instead of showing the raw chain trace 2. Inline 'Insufficient USDC balance' panel - Replaces the generic error with a clear explanation - 'Get 1000 test USDC' button calls /api/faucet 3. /api/faucet route - POST { address } returns { hash, amount, asset } - Validates address with StrKey.isValidEd25519PublicKey - Verifies destination has TUSDC trustline (better error if not) - Sends 1000 TUSDC payment from issuer (classic Stellar payment, no SAC mint call needed since it's a wrapped classic asset) - Requires VOWENA_ISSUER_SECRET env var server-side; returns 503 with a clear message if not configured 4. Success state - After funding, shows green 'Sent 1000 TUSDC. Try Subscribe again.' and re-enables the Subscribe button Setup for the dashboard env (local): export VOWENA_ISSUER_SECRET=$(stellar keys secret issuer) For Vercel: add VOWENA_ISSUER_SECRET as an environment variable in the project settings.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps next from 16.2.2 to 16.2.3.
Release notes
Sourced from next's releases.
Commits
d5f649bv16.2.32873928[16.x] Avoid consuming cyclic models multiple times (#75)d7c7765[backport]: Ensure app-page reports stale ISR revalidation errors via onReque...c573e8cfix(server-hmr): metadata routes overwrite page runtime HMR handler (#92273)57b8f65next-core: deduplicate output assets and detect content conflicts on emit (#9...f158df1Fix styled-jsx race condition: styles lost due to concurrent rendering (#92459)356d605turbo-tasks-backend: stability fixes for task cancellation and error handling...3b77a6eFix DashMap read-write self-deadlock in task_cache causing hangs (#92210)b2f208aBackport: new view-transitions guide, update and fixes (#92264)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)