FirebaseExtended · annajowang · Dec 3, 2025 · Dec 3, 2025 · Dec 3, 2025
@@ -1,6 +1,6 @@
 {
   "name": "@apphosting/adapter-nextjs",
-  "version": "14.0.18",
+  "version": "14.0.19",
   "main": "dist/index.js",
   "description": "Experimental addon to the Firebase CLI to add web framework support",
   "repository": {

@@ -22,6 +22,14 @@ describe("block vulnerable nextjs versions", () => {
       checkNextJSVersion("15.0.5");
     });
 
+    assert.throws(() => {
+      checkNextJSVersion("15.4.7");
+    });
+
+    assert.doesNotThrow(() => {
+      checkNextJSVersion("15.4.8");
+    });
+
     assert.doesNotThrow(() => {
       checkNextJSVersion("14.0.12");
     });

@@ -21,15 +21,15 @@ export const { copy, exists, writeFile, readJson, readdir, readFileSync, existsS
 export const { satisfies } = semVer;
 
 const SAFE_NEXTJS_VERSIONS =
-  ">=16.1.0 || ^16.0.7 || ^v15.5.7 || ^v15.4.8 || ^v15.3.6 || ^v15.2.6 || ^v15.1.9 || ^v15.0.5 || <14.3.0-canary.77";
+  ">=16.1.0 || ~16.0.7 || ~v15.5.7 || ~v15.4.8 || ~v15.3.6 || ~v15.2.6 || ~v15.1.9 || ~v15.0.5 || <14.3.0-canary.77";
 
 export function checkNextJSVersion(version: string | undefined) {
   if (!version) {
     return;
   }
   if (!satisfies(version, SAFE_NEXTJS_VERSIONS)) {
     throw new Error(
-      `CVE-2025-55182: Vulnerable Next version ${version} detected. Deployment blocked. Update your app's dependencies to a patched Next.js version and redeploy:https://nextjs.org/blog/CVE-2025-66478#fixed-versions`,
+      `CVE-2025-55182: Vulnerable Next version ${version} detected. Deployment blocked. Update your app's dependencies to a patched Next.js version and redeploy: https://nextjs.org/blog/CVE-2025-66478#fixed-versions`,
     );
   }
 }