chore(deps): bump next to 14.2.35 in docs (GHSA-f82v-jwr5-mffw)
next@14.2.21 falls in the vulnerable range of the Next.js middleware
authorization bypass advisory (fixed in 14.2.25). Bump to the latest
14.2.x patch, which also includes the subsequent 14.2.3x security
fixes. The other resolved version in the workspace (15.3.1) is already
outside the affected ranges.