Commit Graph

6905 Commits

Author SHA1 Message Date
better-release[bot]
5038d41ca2 chore: release v1.6.14 (#9846) @better-auth/core@1.6.14 @better-auth/drizzle-adapter@1.6.14 @better-auth/electron@1.6.14 @better-auth/expo@1.6.14 @better-auth/i18n@1.6.14 @better-auth/kysely-adapter@1.6.14 @better-auth/memory-adapter@1.6.14 @better-auth/mongo-adapter@1.6.14 @better-auth/oauth-provider@1.6.14 @better-auth/passkey@1.6.14 @better-auth/prisma-adapter@1.6.14 @better-auth/redis-storage@1.6.14 @better-auth/scim@1.6.14 @better-auth/sso@1.6.14 @better-auth/stripe@1.6.14 @better-auth/telemetry@1.6.14 @better-auth/test-utils@1.6.14 auth@1.6.14 better-auth@1.6.14 @better-auth/api-key@1.6.14 v1.6.14 2026-06-02 16:56:28 -04:00
Gustavo Valverde
2d9781a83d fix(organization): split invitation verification gates (#9877) 2026-06-02 16:45:44 -04:00
Taesu
5a2d642bc7 fix: accept null for optional fields in generated schema (#9841) 2026-06-01 06:28:56 +00:00
Taesu
840a56a8ce docs(organization): document clearing logo with null (#9858) 2026-06-01 06:12:01 +00:00
Taesu
6c39075a31 chore: add postmortem for RSC header detection (#9857) 2026-06-01 04:51:56 +00:00
Taesu
9d3450ae23 fix(cookies): prefer __Secure- cookie in getSessionCookie (#9806) 2026-06-01 04:05:40 +00:00
Gustavo Valverde
13abc7922b fix(core): make redirect-uri validation runtime-safe and reject fragments (#9845) 2026-05-31 13:37:39 +01:00
better-release[bot]
a6f38c72ee chore: release v1.6.13 (#9804) @better-auth/api-key@1.6.13 @better-auth/core@1.6.13 @better-auth/drizzle-adapter@1.6.13 @better-auth/electron@1.6.13 @better-auth/expo@1.6.13 @better-auth/i18n@1.6.13 @better-auth/kysely-adapter@1.6.13 @better-auth/memory-adapter@1.6.13 @better-auth/mongo-adapter@1.6.13 @better-auth/oauth-provider@1.6.13 @better-auth/passkey@1.6.13 @better-auth/prisma-adapter@1.6.13 @better-auth/redis-storage@1.6.13 @better-auth/scim@1.6.13 @better-auth/sso@1.6.13 @better-auth/stripe@1.6.13 @better-auth/telemetry@1.6.13 @better-auth/test-utils@1.6.13 auth@1.6.13 better-auth@1.6.13 v1.6.13 2026-05-31 12:41:17 +01:00
Gustavo Valverde
17ab66c3a4 fix(oauth-provider): enforce clientPrivileges on dynamic client registration (#9837) 2026-05-31 11:02:27 +00:00
Taesu
87c1a0cab2 fix(organization): allow null logo on create and update (#9842)
Co-authored-by: Maxwell <145994855+ping-maxwell@users.noreply.github.com>
2026-05-31 10:58:24 +00:00
Gustavo Valverde
be32012ca3 fix(oauth): validate redirect_uri schemes in oidc-provider and mcp (#9838) 2026-05-31 11:38:52 +01:00
Taesu
df9e8b2951 docs: align db adapter guide with adapter contract (#9830) 2026-05-31 09:01:50 +00:00
Taesu
5c3e248cbf fix(core): throw on non-numeric deleteMany in consumeOne fallback (#9831) 2026-05-31 09:00:18 +00:00
Gustavo Valverde
4c3bbc4e56 fix(sso): update samlify to 2.13.1 for signed-assertion XML injection (#9821) 2026-05-30 23:58:05 +01:00
Gustavo Valverde
9c8ded67b1 docs(two-factor): mark viewBackupCodes as server-only in its API comment (#9822) 2026-05-30 23:52:38 +01:00
Gustavo Valverde
a1028d9f1f fix(deps): force patched transitive versions via pnpm overrides (#9820) 2026-05-30 23:40:38 +01:00
Gustavo Valverde
e8696388bf docs(oauth-provider): align metadata routing guidance (#9768) 2026-05-30 22:32:09 +01:00
Gustavo Valverde
43c08a2bc7 fix(account): scope OAuth account identity and fix buggy internalAdapter helpers (#9818)
Co-authored-by: Krish Garg <kgarg@chapman.edu>
2026-05-30 20:48:10 +00:00
Taesu
23d7cbfa79 fix(oauth): apply updateUserInfoOnLink in OAuth callback link flow (#8758)
Co-authored-by: Gustavo Valverde <g.valverde02@gmail.com>
2026-05-30 19:48:38 +01:00
Gustavo Valverde
e24ddfd13b fix(expo): persist large account cookies by chunking device storage (#9815) 2026-05-30 18:24:14 +01:00
Gustavo Valverde
d3919dc1a5 feat(account): support server-side accountInfo calls without session headers (#9813)
Co-authored-by: Nathan Colosimo <nathancolosimo@gmail.com>
2026-05-30 12:45:40 +01:00
Vishesh Verma
5f282bd382 fix(account): default storeStateStrategy to "database" when using secondaryStorage (#9591)
Co-authored-by: Gustavo Valverde <g.valverde02@gmail.com>
2026-05-30 11:05:28 +01:00
Gustavo Valverde
5ec3e761a3 fix(ci): use GitHub-hosted runners for fork pull requests (#9809) 2026-05-30 10:24:06 +01:00
Taesu
e131d3ac5b fix(api-key): verify non-default keys when configId is omitted (#9794) 2026-05-30 03:14:57 +00:00
better-release[bot]
c0c574ea50 chore: release v1.6.12 (#9590) @better-auth/core@1.6.12 @better-auth/drizzle-adapter@1.6.12 @better-auth/electron@1.6.12 @better-auth/expo@1.6.12 @better-auth/i18n@1.6.12 @better-auth/kysely-adapter@1.6.12 @better-auth/memory-adapter@1.6.12 @better-auth/mongo-adapter@1.6.12 @better-auth/oauth-provider@1.6.12 @better-auth/passkey@1.6.12 @better-auth/prisma-adapter@1.6.12 @better-auth/redis-storage@1.6.12 @better-auth/scim@1.6.12 @better-auth/sso@1.6.12 @better-auth/stripe@1.6.12 @better-auth/telemetry@1.6.12 @better-auth/test-utils@1.6.12 auth@1.6.12 better-auth@1.6.12 @better-auth/api-key@1.6.12 v1.6.12 2026-05-29 22:28:58 +01:00
Gustavo Valverde
c5b9f93498 fix(generic-oauth): add accessTokenExpiresIn for providers that omit expires_in (#9799) 2026-05-29 20:49:59 +00:00
Maxwell
17cd433c66 fix(oauth-proxy): missing state-cookie skip for oauth-proxy (#9385)
Co-authored-by: Gustavo Valverde <g.valverde02@gmail.com>
2026-05-29 15:06:34 +00:00
Gustavo Valverde
c92cd74162 fix: URL-encode callbackURL in verify-email links (#9792) 2026-05-29 08:08:42 +00:00
DedicatedRAM
093115e162 docs(oauth): added Roblox provider and alphabetized "providers without email" table (#9786)
Co-authored-by: Taesu <bytaesu@gmail.com>
2026-05-29 03:16:35 +00:00
Taesu
6f3caa390b chore: exclude @better-auth/*, @better-fetch/fetch and better-call from minimumReleaseAge (#9790) 2026-05-28 23:49:50 +00:00
Taesu
2b7937fc2f chore: bump @better-auth/utils (#9791) 2026-05-28 23:25:57 +00:00
Gustavo Valverde
0a7cb70647 fix(oauth): honor per-flow errorCallbackURL when state validation fails (#9789) 2026-05-28 23:24:40 +00:00
Gustavo Valverde
ac96316af3 fix(oauth): forward specific callback error codes via shared redirectOnError (#9788)
Co-authored-by: Gautam Manchandani <manchandanigautam@gmail.com>
2026-05-28 21:42:16 +00:00
James Jackson
a3b0c63de9 fix: accept hashed nonces for native iOS sign-in with Apple (#8870)
Co-authored-by: Gustavo Valverde <g.valverde02@gmail.com>
2026-05-28 12:35:09 +00:00
reslear
33a3632731 fix: hotfix passkey handle undefined transports (#9746)
Co-authored-by: Maxwell <145994855+ping-maxwell@users.noreply.github.com>
Co-authored-by: ping-maxwell <maxwell.multinite@gmail.com>
2026-05-28 01:11:45 +00:00
Jonathan Samines
64dd51c78a docs: add automatic reply to enterprise customer inquiries (#9775) 2026-05-28 00:15:22 +00:00
Jonathan Samines
d43281126f docs: add data processing addendum (#9771) 2026-05-27 16:46:53 -06:00
Daniel Müller
d64174ec86 fix(oauth-provider): hide DCR endpoint unless enabled (#9448)
Co-authored-by: Gustavo Valverde <g.valverde02@gmail.com>
2026-05-27 13:18:16 +00:00
Krish Garg
8401d11f43 fix(oauth-provider): serve path-prefixed issuer metadata aliases (#9668)
Co-authored-by: Gustavo Valverde <g.valverde02@gmail.com>
2026-05-27 12:38:27 +00:00
Rayan Salhab
7bf5449b11 fix(oauth2): map jose token verification errors (#9655)
Co-authored-by: cyphercodes <cyphercodes@users.noreply.github.com>
Co-authored-by: Gustavo Valverde <g.valverde02@gmail.com>
2026-05-27 09:45:02 +00:00
Taesu
6711e43f24 docs: align npm and star icons (#9764) 2026-05-27 07:38:03 +00:00
Maxwell
f6bf45123f fix(api-key): add better-call as peer dependency to fix TS4023 declaration emit (#9759) 2026-05-27 00:05:31 +00:00
Maxwell
85ca603eec fix: drizzle mixed and/or (#9756) 2026-05-26 14:08:11 +00:00
Taesu
8907c7df9c fix(passkey): consume challenge atomically and propagate inner verify errors (#9622)
Co-authored-by: Maxwell <145994855+ping-maxwell@users.noreply.github.com>
2026-05-24 23:40:52 +00:00
Taesu
83fa3695e7 feat(core): add string case conversion utilities (#9727) 2026-05-24 23:40:22 +00:00
Taesu
5aa5682e18 chore: adopt AGENTS.md, keep CLAUDE.md as symlink (#9728) 2026-05-24 23:38:36 +00:00
Taesu
66dbe8a730 chore(ci): stabilize docker startup (#9587) 2026-05-24 23:05:18 +00:00
dependabot[bot]
168b3ba070 chore(deps): bump turbo from 2.9.4 to 2.9.14 (#9725)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-23 14:34:00 +00:00
Taesu
a60855e6a0 chore: lock threads silently and document policy (#9724) 2026-05-22 03:40:39 +00:00
Taesu
015f96bc63 fix(oauth-proxy): forward result.error verbatim in callback redirect (#9723) 2026-05-22 02:52:48 +00:00