chore: pin next dependency to version 15.5.7.

[codeunia-dev]

This PR pins our Next.js dependency to v15.5.7, a security-patched release addressing the critical CVE-2025-55182 remote code execution vulnerability affecting React Server Components.

Public exploits for this issue (“React2Shell”) are now circulating, and Vercel has already blocked deployments of unpatched Next.js versions. Upgrading to a fixed release is the only safe mitigation.

What’s included

• Updated next dependency to 15.5.7
• Locked version to prevent accidental downgrades or use of vulnerable ranges

Why this change is necessary

• Protects the application from an active RCE vulnerability
• Ensures compatibility with Vercel’s deployment requirements
• Aligns with security best practices and avoids exposure to known exploits

Recommended references

• Vercel security advisory & upgrade guidance
• CVE-2025-55182 public notice

Authored by: @akshay0611

Summary by CodeRabbit

• Chores
  • Updated Next.js to version 15.5.7

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
codeunia	Building	Preview	Comment	Dec 11, 2025 5:13am

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

Next.js dependency version in package.json pinned from "latest" to "15.5.7". All other dependencies and configurations remain unchanged. Trailing newline formatting adjusted for consistency.

Changes

Cohort / File(s)	Summary
Version Pinning package.json	Next.js version updated from "latest" to "15.5.7"; trailing newline added

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~1 minute

• Simple dependency version lock with no functional impact
• No logic, configuration, or behavioral changes to evaluate

Poem

🐰 A version so stable, locked down nice and tight,
No more chasing "latest" through the digital night!
Fifteen-point-five-point-seven, our anchor is set,
The most predictable Next.js we've had yet! ✨

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/mentors

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b6a997d and 7aaae96.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (2 hunks)

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}