Patch Changes

• #1221 a2679bf Thanks @mushan0x0! - Stop bundling @vercel/og (and its ~1.4 MiB resvg.wasm) when the app does not use it.

  Next.js's externalImport helper keeps a dynamic import("next/dist/compiled/@vercel/og/index.edge.js") in the emitted handler even for apps that never use ImageResponse / opengraph-image. Previously this module was marked as external when useOg was false, which left Wrangler to resolve and bundle it — pulling in ~800 KiB of JS plus resvg.wasm and pushing many Workers over the Cloudflare free-tier 3 MiB gzip limit.

  When useOg is false, the edge entry is now aliased to the existing throw.js shim, so the unreachable dynamic import resolves to a tiny module and the real @vercel/og library is no longer pulled into the Worker bundle.

• #1208 2c5b472 Thanks @edmundhung! - Use OPEN_NEXT_BUILD_ID instead of NEXT_BUILD_ID in the cache keys.

  As of Next 16.2 NEXT_BUILD_ID is a fixed value when deploymentId is set explicitly.

  See opennextjs/opennextjs-aws#1144

• #1193 1e8d232 Thanks @conico974! - Fix tag cache stale logic

Patch Changes

• #1215 608893e Thanks @vicb! - Factor large repeated values in manifests

  This reduce the size of the generated code.

• #1218 f0d0226 Thanks @314systems! - remove process.version override

  Remove process.version / process.versions.node overrides now that unjs/unenv#493 is merged and shipped in unenv@2.0.0-rc.16 (project uses 2.0.0-rc.24)

• #1199 32594d6 Thanks @SdSadat! - fix(cli): fail fast in non-TTY environments instead of hanging on config-creation prompts

  When open-next.config.ts (or wrangler.(toml|json|jsonc)) is missing, the CLI
  prompts the user to auto-create it. In non-TTY environments (Cloudflare Workers
  Builds, Docker, CI) the Enquirer prompt can't read stdin, so the build hangs or
  fails with a truncated prompt and a cryptic exit code — the user sees
  ? Missing required open-next.config.ts file, do you want to create one? (Y/n)
  and then ELIFECYCLE Command failed with exit code 13, with no hint at what
  to do next.

  Now, in non-interactive environments, both prompts throw an actionable error
  with the exact template to paste (for open-next.config.ts) or point at the
  existing --skipWranglerConfigCheck / SKIP_WRANGLER_CONFIG_CHECK escape
  hatch (for the wrangler config). Interactive behavior is unchanged.

Patch Changes

• #1207 0958726 Thanks @edmundhung! - bump @opennextjs/aws to 3.10.2

  See details at https://github.com/opennextjs/opennextjs-aws/releases/tag/v3.10.2

• #1139 79b01b8 Thanks @james-elicx! - Fix Turbopack external module resolution by dynamically discovering external imports at build time.

  When packages are listed in serverExternalPackages, Turbopack externalizes them via externalImport() which uses dynamic await import(id). The bundler (ESBuild) can't statically analyze import(id) with a variable, so these modules aren't included in the worker bundle.

  This patch:

  • Discovers hashed Turbopack external module mappings from .next/node_modules/ symlinks (e.g. shiki-43d062b67f27bbdc → shiki)
  • Scans traced chunk files for bare external imports (e.g. externalImport("shiki")) and subpath imports (e.g. shiki/engine/javascript)
  • Generates explicit switch/case entries so the bundler can statically resolve and include these modules

• #1203 6f02d12 Thanks @314systems! - fix: exclude unsupported Next.js 16 releases from peer dependencies.

  The previous range allowed Next.js 16.0.0 through 16.2.2 without a peer dependency warning because >=16.2.3 was already covered by >=15.5.15.

  The range now explicitly supports Next.js 15.5.15 and above in the 15.x line, and Next.js 16.2.3 and above in the 16.x line.

• #1200 7820ad0 Thanks @NathanDrake2406! - fix: reuse sharded tag data when filling the regional cache.

  The sharded tag cache miss path already reads tag data from the Durable Object before answering the request. Reuse that fetched data when populating the regional cache so a shard miss does not immediately trigger a second identical Durable Object read.

• #1206 585795d Thanks @314systems! - fix: regression where getEnvFromPlatformProxy received wrong options type

  This fixes a regression introduced in 32ba91a where getEnvFromPlatformProxy call sites passed OpenNextConfig even though the function expects Wrangler GetPlatformProxyOptions.

  The fix restores the pre-32ba91a argument shape by passing { configPath, environment } from CLI arguments, so env resolution follows the selected Wrangler config/environment.

Patch Changes

• #1189 236ce14 Thanks @fatihy101! - fix(tag-cache): forward isStale() in withFilter

Minor Changes

• #1168 9a26846 Thanks @conico974! - Add support for SWR (stale-while-revalidate) in revalidateTag

  See the AWS implementation for more details.

Patch Changes

• #1184 c7d6425 Thanks @vicb! - fix for Next.js CVE-2026-23869

  See the CVE-2026-23869 summary for details.

  This CVE is fixed by bumping the minium Next.js release version to 15.5.15/16.2.3

• #1177 e814a63 Thanks @conico974! - Fix use cache not working as expected in Next 16+

Patch Changes

• #1176 2232651 Thanks @conico974! - fix for OG with Next 16.2.2

• #1166 f89fba1 Thanks @ash1day! - fix: sort .endsWith() checks by path length descending to prevent suffix collisions in dynamic requires

  Routes whose paths are suffixes of other routes (e.g. /test/app vs /) were resolved incorrectly because the shorter path matched first in the generated .endsWith() chain. Sorting by path length descending ensures more specific (longer) paths are always checked first.

  Fixes #1156.

Minor Changes

• #1159 75f5f0a Thanks @edmundhung! - Use remote dev for R2 cache population

  Using remote dev is not subject to the Cloudflare API rate limit of 1,200 requests per 5 minutes that caused failures for large applications with thousands of prerendered pages.

Patch Changes

• #1160 161e726 Thanks @matthewvolk! - fix(patches): include prefetch-hints.json in loadManifest build-time inlining

  Next.js 16.2.0 introduced prefetch-hints.json as a new server manifest loaded unconditionally
  by NextNodeServer.getPrefetchHints(). The file exists in the build output but wasn't matched by
  the glob pattern *-manifest.json, causing the patched loadManifest() to throw at runtime.

Patch Changes

• #1151 a143282 Thanks @nathanschram! - fix: handle known optional manifests gracefully in loadManifest/evalManifest patches

  Next.js loads certain manifests with handleMissing: true (returning {} when the file doesn't
  exist). The adapter's build-time glob scan doesn't find these files when they're conditionally
  generated, so the patched function threw at runtime, crashing dynamic routes with 500.

  Instead of a blanket catch-all, handle only the specific optional manifests from Next.js
  route-module.ts:

  • react-loadable-manifest (Turbopack per-route, not all routes have dynamic imports)
  • subresource-integrity-manifest (only when experimental.sri configured)
  • server-reference-manifest (App Router only)
  • dynamic-css-manifest (Pages Router + Webpack only)
  • fallback-build-manifest (only for /_error page)
  • prefetch-hints (new in Next.js 16.2)
  • _client-reference-manifest.js (optional for static metadata routes, evalManifest)

  Manifest matching strips .json before comparison since some Next.js constants omit
  the extension (SUBRESOURCE_INTEGRITY_MANIFEST, DYNAMIC_CSS_MANIFEST, etc.).

  Unknown manifests still throw to surface genuine errors.

  Fixes #1141.

Patch Changes

• #1147 f5bd138 Thanks @vicb! - make dev /cdn-cgi/image behaves like prod for consistency