Security update: Patch React and Next.js CVE vulnerabilities

Updated React to 19.2.1 and Next.js to 16.0.7 to address critical security vulnerabilities: - CVE-2025-55182: React Server Components deserialization flaw - CVE-2025-66478: Next.js RSC implementation vulnerability Also includes: - Add PATCH endpoint for geofence updates - Reorder admin navigation items - Add geofence update functionality in database layer 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-04 09:30:47 +00:00
parent 96d7314317
commit 3ac82621c8
5 changed files with 191 additions and 54 deletions
--- a/lib/geofence-db.ts
+++ b/lib/geofence-db.ts
@@ -96,6 +96,60 @@ export const geofenceDb = {
    }
  },

+  /**
+   * Update a geofence (partial update)
+   */
+  update(id: string, updates: Partial<Omit<Geofence, 'id' | 'owner_id' | 'device_id' | 'created_at' | 'updated_at'>>): Geofence | null {
+    const db = getDb();
+    try {
+      // Build dynamic UPDATE query for only provided fields
+      const updateFields: string[] = [];
+      const values: any[] = [];
+
+      if (updates.name !== undefined) {
+        updateFields.push('name = ?');
+        values.push(updates.name);
+      }
+      if (updates.description !== undefined) {
+        updateFields.push('description = ?');
+        values.push(updates.description);
+      }
+      if (updates.radius_meters !== undefined) {
+        updateFields.push('radius_meters = ?');
+        values.push(updates.radius_meters);
+      }
+      if (updates.color !== undefined) {
+        updateFields.push('color = ?');
+        values.push(updates.color);
+      }
+      if (updates.is_active !== undefined) {
+        updateFields.push('is_active = ?');
+        values.push(updates.is_active);
+      }
+
+      if (updateFields.length === 0) {
+        return this.findById(id);
+      }
+
+      // Always update updated_at
+      updateFields.push('updated_at = datetime(\'now\')');
+
+      const query = `UPDATE Geofence SET ${updateFields.join(', ')} WHERE id = ?`;
+      values.push(id);
+
+      const stmt = db.prepare(query);
+      const result = stmt.run(...values);
+
+      if (result.changes === 0) {
+        return null;
+      }
+
+      return this.findById(id);
+    } finally {
+      db.close();
+    }
+  },
+
  /**
   * Delete a geofence
   */