mirror of https://github.com/arkorty/Osborne.git synced 2026-03-17 16:51:44 +00:00

Files

Vercel cdca35584c Update React Flight/Next.js RCE vulnerability

# React Flight / Next.js RCE Advisory Fix

## Summary
Updated the Osborne repository to address the React Flight / Next.js RCE advisory by upgrading Next.js to a patched version.

## Vulnerability Assessment
✅ **Project is affected**: Uses Next.js 15.2.4
❌ **Not using React Flight packages**: No react-server-dom-* packages detected

## Changes Made

### Modified Files
1. **client/package.json**
   - Upgraded `next` from `^15.2.4` to `15.2.6` (exact version pin)
   - This is the patched version for Next.js 15.2.x per the advisory guidelines
   - React versions (`react@18.3.1`, `react-dom@18.3.1`) were not modified as they are managed by Next.js

2. **client/package-lock.json**
   - Updated lockfile to reflect Next.js 15.2.6 installation
   - All dependency resolutions verified

## Verification
✅ Dependencies installed successfully with `npm install`
✅ Next.js version confirmed: `next@15.2.6` (verified via `npm list next`)
✅ Production build completed successfully with `next build`
✅ Linter passed with no errors or warnings (`next lint`)
✅ React versions remain at 18.3.1 (compatible with Next.js 15.2.6)

## Implementation Details
- Only modified Next.js version as this is a Next.js project
- Did not modify React versions as Next.js handles React dependency management
- Used exact version pinning (15.2.6) instead of caret to ensure the patched version is used
- No application logic changes were made

## Notes
- The project structure is a monorepo with a Next.js client (`./client`) and a Go server
- Only the client application required updates
- The server component (written in Go) has no Node.js dependencies

Co-authored-by: Vercel <vercel[bot]@users.noreply.github.com>

2025-12-08 16:05:24 +00:00

app

fix multiple file uploads

2025-11-04 05:38:21 +05:30

components

fix websocket connection stuff

2025-11-01 22:16:15 +05:30

lib

fix websocket connection stuff

2025-11-01 22:16:15 +05:30

public

OG stuff

2025-11-01 14:13:36 +05:30

.eslintrc.json

init

2025-10-30 11:04:17 +05:30

.gitignore

init

2025-10-30 11:04:17 +05:30

bun.lockb

fix content warning double click issue

2025-11-04 05:02:27 +05:30

components.json

init

2025-10-30 11:04:17 +05:30

next.config.ts

init

2025-10-30 11:04:17 +05:30

package-lock.json

Update React Flight/Next.js RCE vulnerability

2025-12-08 16:05:24 +00:00

package.json

Update React Flight/Next.js RCE vulnerability

2025-12-08 16:05:24 +00:00

postcss.config.mjs

init

2025-10-30 11:04:17 +05:30

README.md

init

2025-10-30 11:04:17 +05:30

tailwind.config.ts

ui fixes yooooooo

2025-11-01 05:47:15 +05:30

tsconfig.json

init

2025-10-30 11:04:17 +05:30

README.md

Room

Room is a real-time collaborative text editor built using WebSockets, designed to enable multiple users to edit text simultaneously. The application provides a seamless experience for users to collaborate and share ideas in real time.

Features

Real-Time Collaboration: Multiple users can edit the same document simultaneously, with changes reflected instantly.
User-Friendly Interface: A simple and intuitive interface designed to enhance the writing experience.
WebSocket Integration: Efficient real-time communication between clients and the server.

Tech Stack

Frontend: Next.js 15, TypeScript, Tailwind CSS
WebSocket Library: ws

Installation

To get started with Room, follow these steps:

Clone the repository:

git clone https://github.com/arkorty/Room.git
cd Room

Install dependencies:
```
bun install
```
Run the application:
```
bun run dev
```
Access the application: Open your browser and navigate to http://localhost:3000.

Usage

Creating a Room: Users can create a new document from the dashboard.
Inviting Collaborators: Share a link with collaborators to allow them to join the editing session.
Editing: Start typing in the editor; changes will be reflected in real-time for all users.

License

This project is licensed under the MIT License - see the LICENSE file for details.