Security Update: Upgrade Next.js and React to fix critical vulnerabilities (CVE-2025-66478, CVE-2025-55182)

[mashharuki]

This Pull Request updates next, react, and react-dom versions across multiple projects in the repository to address critical security vulnerabilities.

Vulnerabilities Addressed:

• Next.js (CVE-2025-66478): Critical RCE vulnerability in React Server Components (RSC).
• React (CVE-2025-55182): Critical RCE vulnerability in React Server Components (RSC).

Changes:
Updated the following packages to their patched versions:

• next: 16.0.7
• react: 19.2.1
• react-dom: 19.2.1

Affected Projects:

• base-account/base-account-rainbow-template
• base-account/base-pay-amazon/checkout-app
• mini-apps/templates/minikit/mini-app-full-demo-minikit
• mini-apps/templates/minikit/new-mini-app-quickstart
• mini-apps/templates/minikit/vite-mini
• mini-apps/workshops/mini-app-route
• mini-apps/workshops/mini-app-wrapped

Notes:

• package-lock.json files have been updated for all affected projects.
• For mini-app-full-demo-minikit, @farcaster/miniapp-sdk version was kept at ^0.1.9 as requested, and npm install was run with --legacy-peer-deps to resolve conflicts.