From 33792cadd0e4a4dedcdae7490c0876ac13bfb81c Mon Sep 17 00:00:00 2001
From: Gustavo Valverde <g.valverde02@gmail.com>
Date: Mon, 6 Apr 2026 14:06:13 +0100
Subject: [PATCH] chore: add changeset for SSO dependency security patch

---
 .changeset/fix-deps-security-overrides.md | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 .changeset/fix-deps-security-overrides.md

diff --git a/.changeset/fix-deps-security-overrides.md b/.changeset/fix-deps-security-overrides.md
new file mode 100644
index 0000000000..decc8dfdf7
--- /dev/null
+++ b/.changeset/fix-deps-security-overrides.md
@@ -0,0 +1,5 @@
+---
+"@better-auth/sso": patch
+---
+
+pin `samlify` to `~2.10.2` to avoid breaking changes in v2.11.0 and patch transitive `node-forge` vulnerability (4 HIGH CVEs: signature forgery, cert chain bypass, DoS)