From c535332e30dc3adcb29364a5cc37be602abd271e Mon Sep 17 00:00:00 2001
From: Vaibhav Mule <vaibhavmule135@gmail.com>
Date: Mon, 8 Dec 2025 01:03:22 +0530
Subject: [PATCH] fix: update Next.js to 15.5.7 to resolve CVE-2025-66478

- Update Next.js from ^15 to ^15.5.7 (patched version)
- Update eslint-config-next from 15.0.3 to 15.5.7 to match
- Addresses critical security vulnerability CVE-2025-66478
- Reference: https://nextjs.org/blog/CVE-2025-66478
---
 bin/init.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bin/init.js b/bin/init.js
index 637ccb8..a060a58 100644
--- a/bin/init.js
+++ b/bin/init.js
@@ -506,7 +506,7 @@ export async function init(
     dotenv: '^16.4.7',
     'lucide-react': '^0.469.0',
     mipd: '^0.0.7',
-    next: '^15',
+    next: '^15.5.7',
     react: '^19',
     'react-dom': '^19',
     'tailwind-merge': '^2.6.0',
@@ -525,7 +525,7 @@ export async function init(
     "@vercel/sdk": "^1.9.0",
     "crypto": "^1.0.1",
     "eslint": "^8",
-    "eslint-config-next": "15.0.3",
+    "eslint-config-next": "15.5.7",
     "inquirer": "^10.2.2",
     "pino-pretty": "^13.0.0",
     "postcss": "^8",