Commit Graph

6981 Commits

Author SHA1 Message Date
Gustavo Valverde
635f190870 fix(client): name auth client return types (#10071) 2026-06-15 06:45:35 +00:00
Gustavo Valverde
a787e0b66b fix(core): reuse active transactions (#10070) 2026-06-15 06:29:21 +00:00
Tushar
d009daedc7 fix: allow headerless get session checks (#10053) 2026-06-15 06:14:34 +00:00
Taesu
840788502a fix(oauth-popup): filter internal state keys from additionalData (#10067) 2026-06-15 05:12:13 +00:00
BWM0223
30f6a78129 chore: add missing metadata fields to package.json (#10047) 2026-06-14 00:45:14 +00:00
tsushanth
d6aec123d8 fix(cli): serialize array additionalField defaultValue in drizzle generator (#10048)
Co-authored-by: ping-maxwell <maxwell.multinite@gmail.com>
2026-06-14 00:41:09 +00:00
Maxwell
c2f718fcde fix: cookie cache fallback lookup (#9348) 2026-06-13 14:53:33 +00:00
Maxwell
581f8271fb fix(last-login-method): include domain when clearing cross-subdomain cookies (#9319) 2026-06-13 11:52:33 +00:00
brone1323
cfbb9a0524 fix(cli): handle directory path passed to --output in generate command (#9564)
Co-authored-by: Maxwell <145994855+ping-maxwell@users.noreply.github.com>
Co-authored-by: ping-maxwell <maxwell.multinite@gmail.com>
2026-06-13 11:47:44 +00:00
ElGauchooooo
b4b02660c7 feat(device-authorization): allow pre-binding device codes to a user (#9995)
Co-authored-by: Taesu <bytaesu@gmail.com>
2026-06-12 22:57:37 +00:00
Chris George
c1a8a64c14 fix(open-api): generate valid OpenAPI schemas for client generators (#9555)
Co-authored-by: ping-maxwell <maxwell.multinite@gmail.com>
2026-06-12 22:24:56 +00:00
Maxwell
7d18175637 fix: propagate sendVerificationEmail errors (#8863)
Co-authored-by: Bereket Engida <86073083+Bekacru@users.noreply.github.com>
2026-06-12 21:49:10 +00:00
better-release[bot]
04debbff04 chore: release v1.6.18 (#10026) v1.6.18 2026-06-12 10:15:14 -07:00
Gautam Manchandani
9ef7240fec fix(open-api): serialize zod request schemas accurately (#9315)
Signed-off-by: Gautam Manchandani <manchandanigautam@gmail.com>
Co-authored-by: Gustavo Valverde <g.valverde02@gmail.com>
2026-06-12 15:18:36 +00:00
Gautam Manchandani
729fd84034 fix(oauth-provider): canonicalize signed OAuth query params (#9941)
Co-authored-by: Gustavo Valverde <g.valverde02@gmail.com>
2026-06-12 15:17:00 +00:00
Gautam Manchandani
b21a5f7f6c fix(client): preserve plugin inference in composite monorepos (#9583) 2026-06-12 15:05:58 +00:00
Taesu
def1624a13 docs(changelog): avoid false contributor avatars (#10019) 2026-06-12 01:18:52 -07:00
better-release[bot]
0d8b238acc chore: release v1.6.17 (#9984) v1.6.17 2026-06-11 19:50:30 -07:00
Taesu
eff3c99952 test(next-js): verify nextCookies forwards all set-cookie headers (#10013) 2026-06-11 18:46:21 -07:00
ZerGo0
029cbdc072 docs: update Apple client secret JWT guidance (#9938) 2026-06-11 17:54:44 -07:00
Jordan Kahtava
44a24ed948 docs: highlighted emailVerified requirement on manually inserted users (#9999) 2026-06-11 17:45:37 -07:00
Taesu
24a6b01463 chore(deps): update hono and shell-quote (#10010) 2026-06-11 17:23:05 -07:00
Taesu
ac69e81a29 fix(cli): skip Unsupported() fields when regenerating prisma schema (#10011) 2026-06-11 17:19:17 -07:00
dependabot[bot]
2edeb33228 chore(deps): bump the github-actions group across 1 directory with 12 updates (#9827)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-11 17:13:18 -07:00
Gautam Manchandani
e0a768c973 refactor(access): flatten access plugin role authorization logic (#9677) 2026-06-11 17:04:07 -07:00
Gautam Manchandani
3310ebc4a0 fix(open-api): mark model ids as required (#9704) 2026-06-11 17:01:24 -07:00
Gautam Manchandani
108aadd251 fix(cli): update existing prisma field types (#9729)
Co-authored-by: Maxwell <145994855+ping-maxwell@users.noreply.github.com>
2026-06-11 16:59:14 -07:00
Gautam Manchandani
59e0ccbedc fix(client): updateSession should infer session additional fields (#9777)
Co-authored-by: Maxwell <145994855+ping-maxwell@users.noreply.github.com>
2026-06-11 16:56:45 -07:00
Gautam Manchandani
96c78c3e98 fix(logger): downgrade validation logs level to warn 2026-06-11 16:50:14 -07:00
Arnav Sharma
d3758fb2a3 fix(expo): on /linkSocial include cookie for id token (#9953) 2026-06-11 16:45:19 -07:00
Alexis Rico
5c289b52bc fix(account): resolve stateless account cookies across instances (#9979)
Co-authored-by: Gustavo Valverde <g.valverde02@gmail.com>
2026-06-11 16:44:11 -07:00
Gustavo Valverde
8960f5f3bd fix(client): restructure session fetch architecture (#8760) 2026-06-11 22:49:34 +00:00
Taesu
e246ac0929 ci: scope semantic-pull-request app token to pull requests (#10006) 2026-06-11 22:15:57 +00:00
Gustavo Valverde
7faddd4a1d refactor(core): prevent accidental HTTP exposure of server-only endpoints (#9835) 2026-06-11 20:37:51 +00:00
Gustavo Valverde
ed7b6c9ac0 fix: enforce team capacity, constant-time SCIM tokens, and org-admin SSO domain verification (#10002) 2026-06-11 19:21:34 +00:00
Gustavo Valverde
fdef997eb9 fix: harden provider identity validation (One Tap, Microsoft, SSO, WeChat, Reddit) (#10003) 2026-06-11 19:10:55 +00:00
Taesu
7343284149 fix: jwks caching, oauth id mapping, team invitations, account cookie, and scim deprovision bugs (#9987)
Co-authored-by: Gustavo Valverde <g.valverde02@gmail.com>
2026-06-11 08:25:19 -07:00
Gustavo Valverde
0c3856f098 fix: harden session authority against stale cookie cache and unverified selectors (#9991) 2026-06-11 13:31:13 +00:00
Damien Maspero
e468ff37ce docs: update Node.js built-in SQLite status to Release Candidate (#9914) 2026-06-10 23:13:39 -07:00
Taesu
d9c526b2a5 feat(oauth-popup): add popup-based OAuth sign-in (#9890) 2026-06-11 05:38:22 +00:00
Taesu
3e99e6c77e fix(admin): create credential account in setUserPassword when missing (#9482) 2026-06-11 05:36:55 +00:00
Gustavo Valverde
baeaa00bc2 fix: make single-use credentials, counters, and replay markers atomic (#9993) 2026-06-11 05:11:26 +00:00
Gustavo Valverde
1dbf5bb59d fix: harden trusted request context (#9990) 2026-06-11 03:50:35 +00:00
Taesu
9484a77805 chore: bump @better-fetch/fetch (#9989) 2026-06-11 01:09:05 +00:00
Taesu
6987c628f1 fix(cli): resolve SvelteKit, Vite asset, and Cloudflare virtual-module imports (#9834)
Co-authored-by: Maxwell <145994855+ping-maxwell@users.noreply.github.com>
2026-06-11 01:06:43 +00:00
Bereket Engida
b803c61fdc fix(organization): reject setting unknown or empty roles on updateMemberRole (#9962)
Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
2026-06-10 16:57:24 -07:00
Taesu
a11a706ff2 fix(stripe): correct subscription handling and customer linking (#9971) 2026-06-10 18:58:40 +00:00
Prakash Kumar
128bc34572 docs: add horizontal scrolling to landing page code block (#9975) 2026-06-09 23:22:24 -07:00
better-release[bot]
1a3c8c478a chore: release v1.6.16 (#9958) @better-auth/api-key@1.6.16 @better-auth/core@1.6.16 @better-auth/drizzle-adapter@1.6.16 @better-auth/electron@1.6.16 @better-auth/expo@1.6.16 @better-auth/i18n@1.6.16 @better-auth/kysely-adapter@1.6.16 @better-auth/memory-adapter@1.6.16 @better-auth/mongo-adapter@1.6.16 @better-auth/oauth-provider@1.6.16 @better-auth/passkey@1.6.16 @better-auth/prisma-adapter@1.6.16 @better-auth/redis-storage@1.6.16 @better-auth/scim@1.6.16 @better-auth/sso@1.6.16 @better-auth/stripe@1.6.16 @better-auth/telemetry@1.6.16 @better-auth/test-utils@1.6.16 auth@1.6.16 better-auth@1.6.16 v1.6.16 2026-06-09 22:32:25 -07:00
Bereket Engida
cb1cbfa4cc fix: address bug findings across packages (#9974) 2026-06-09 19:46:12 -07:00