fix: Mitigate risks due to "next" known CVEs (Signed)

[Ojas2095]

This PR pins next to 14.1.1 to address CVEs. Re-opening to ensure the commit is properly signed from the start for the CI check. Closes #103

[github-actions]

⚠️ This PR contains unsigned commits. To get your PR merged, please sign those commits (git rebase --exec 'git commit -S --amend --no-edit -n' @{upstream}) and force push them to this branch (git push --force-with-lease).

If you're new to commit signing, there are different ways to set it up:

Sign commits with gpg

Follow the steps below to set up commit signing with gpg:

1. Generate a GPG key
2. Add the GPG key to your GitHub account
3. Configure git to use your GPG key for commit signing

Sign commits with ssh-agent

Follow the steps below to set up commit signing with ssh-agent:

1. Generate an SSH key and add it to ssh-agent
2. Add the SSH key to your GitHub account
3. Configure git to use your SSH key for commit signing

Sign commits with 1Password

You can also sign commits using 1Password, which lets you sign commits with biometrics without the signing key leaving the local 1Password process.

Learn how to use 1Password to sign your commits.

[gemini-code-assist]

Code Review

This pull request downgrades the next dependency to 14.1.1 in package.json. The review feedback notes that this downgrade introduces critical compatibility issues with React 19, TypeScript configuration, and font imports, as well as known security vulnerabilities. It is recommended to upgrade to a stable, patched version of Next.js 15 (such as ^15.1.6) instead.

[gemini-code-assist]

Downgrading next to 14.1.1 introduces critical compatibility and security issues:

1. React 19 Incompatibility: The project uses "react": "^19.2.3". Next.js 14 does not support React 19, which will cause peer dependency resolution failures and runtime crashes.
2. TypeScript Configuration: The project uses next.config.ts, which is only natively supported in Next.js 15+. Next.js 14.1.1 will fail to load this configuration.
3. Font Imports: app/layout.tsx imports Geist and Geist_Mono from next/font/google, which are only available in Next.js 15+.
4. Security Vulnerabilities: Next.js 14.1.1 itself contains known vulnerabilities (such as CVE-2024-34351) that were fixed in later releases (e.g., 14.2.4 / 14.1.5 or later).

To resolve the CVEs while maintaining compatibility with React 19 and your current codebase, please upgrade to a patched, stable version of Next.js 15 (such as 15.1.6).

Suggested change

	"next": "14.1.1",
	"next": "^15.1.6",

[Ojas2095]

Hi team! Just checking in to see if you've had a chance to review this PR, or if there's any feedback or further changes needed to merge this. Thanks!