better-release[bot]
|
1a3c8c478a
|
chore: release v1.6.16 (#9958)
@better-auth/api-key@1.6.16
@better-auth/core@1.6.16
@better-auth/drizzle-adapter@1.6.16
@better-auth/electron@1.6.16
@better-auth/expo@1.6.16
@better-auth/i18n@1.6.16
@better-auth/kysely-adapter@1.6.16
@better-auth/memory-adapter@1.6.16
@better-auth/oauth-provider@1.6.16
@better-auth/prisma-adapter@1.6.16
@better-auth/redis-storage@1.6.16
@better-auth/scim@1.6.16
@better-auth/sso@1.6.16
@better-auth/stripe@1.6.16
@better-auth/telemetry@1.6.16
@better-auth/test-utils@1.6.16
auth@1.6.16
better-auth@1.6.16
v1.6.16
@better-auth/passkey@1.6.16
@better-auth/mongo-adapter@1.6.16
|
2026-06-09 22:32:25 -07:00 |
|
Bereket Engida
|
cb1cbfa4cc
|
fix: address bug findings across packages (#9974)
|
2026-06-09 19:46:12 -07:00 |
|
Gustavo Valverde
|
a6b0295df3
|
fix(sso): consume SAML AuthnRequest atomically (#9972)
|
2026-06-10 01:58:45 +00:00 |
|
Gustavo Valverde
|
87e7aa5e0f
|
fix(api): validate Origin/Referer on cookieless email sign-in and sign-up (#9973)
|
2026-06-10 01:43:41 +00:00 |
|
Gustavo Valverde
|
893cf6cb3f
|
fix(session): honor server-side session deletion in update-session and token routes (#9967)
|
2026-06-10 00:42:45 +00:00 |
|
Gustavo Valverde
|
5e49c56a9e
|
fix(auth): mark plugin-owned session fields as non-input (#9965)
|
2026-06-09 23:59:09 +00:00 |
|
Taesu
|
2ac00fe421
|
chore: bump better-call and @better-fetch/fetch (#9955)
|
2026-06-09 21:34:16 +00:00 |
|
Taesu
|
2545b7bb13
|
chore: drop two-factor-newsession-null.md changeset (#9960)
|
2026-06-09 14:24:28 -07:00 |
|
Paola Estefanía de Campos
|
afcb4dd7f3
|
docs(two-factor): document newSession is null during 2FA challenge (#9957)
|
2026-06-09 13:15:00 -07:00 |
|
Taesu
|
6a8dfa4f3e
|
docs(changelog): show contributor avatars with proper size and styling (#9956)
|
2026-06-09 19:44:32 +00:00 |
|
better-release[bot]
|
03e0e36a98
|
chore: release v1.6.15 (#9886)
@better-auth/api-key@1.6.15
@better-auth/core@1.6.15
@better-auth/drizzle-adapter@1.6.15
@better-auth/electron@1.6.15
@better-auth/expo@1.6.15
@better-auth/i18n@1.6.15
@better-auth/kysely-adapter@1.6.15
@better-auth/memory-adapter@1.6.15
@better-auth/mongo-adapter@1.6.15
@better-auth/oauth-provider@1.6.15
@better-auth/passkey@1.6.15
@better-auth/prisma-adapter@1.6.15
@better-auth/redis-storage@1.6.15
@better-auth/scim@1.6.15
@better-auth/sso@1.6.15
@better-auth/stripe@1.6.15
@better-auth/telemetry@1.6.15
@better-auth/test-utils@1.6.15
auth@1.6.15
better-auth@1.6.15
v1.6.15
|
2026-06-08 06:57:06 -07:00 |
|
Gustavo Valverde
|
ef4e131b85
|
fix(kysely-adapter): inline migration-table constants to fix Turbopack build (#9933)
Co-authored-by: bytaesu <166604494+bytaesu@users.noreply.github.com>
|
2026-06-08 12:20:53 +00:00 |
|
Gustavo Valverde
|
fe9600bc07
|
feat(oauth-provider): accept POST on the userinfo endpoint (#9937)
|
2026-06-07 21:09:27 -07:00 |
|
Gustavo Valverde
|
d23735b1de
|
feat(passkey): resolve authenticator name from AAGUID at read time (#9927)
Co-authored-by: Maxwell Weru <1645026+mburumaxwell@users.noreply.github.com>
|
2026-06-07 23:22:39 +00:00 |
|
Gustavo Valverde
|
b0ddfd3433
|
fix(oauth-provider): run configured hooks when authorize resumes (#9919)
Co-authored-by: Gautam Manchandani <manchandanigautam@gmail.com>
|
2026-06-07 14:43:47 -07:00 |
|
Bereket Engida
|
ea64709ae6
|
docs: security update for June 2026 (#9884)
Co-authored-by: Maxwell <145994855+ping-maxwell@users.noreply.github.com>
|
2026-06-07 14:41:58 -07:00 |
|
Gustavo Valverde
|
7213d1ac3a
|
test(cli): give the integration-style suite a generous timeout (#9926)
|
2026-06-07 14:36:12 -07:00 |
|
Kilian BC
|
bff65fd620
|
fix(sso): pass clockSkew to samlify clockDrifts to fix ERR_SUBJECT_UNCONFIRMED (#9748)
Co-authored-by: Maxwell <145994855+ping-maxwell@users.noreply.github.com>
Co-authored-by: ping-maxwell <maxwell.multinite@gmail.com>
|
2026-06-06 04:20:14 +00:00 |
|
Kimaswa Emmanuel Yusufu
|
74c32fe56e
|
docs: clarify organization-owned api keys also require a user (#9780)
Co-authored-by: Maxwell <145994855+ping-maxwell@users.noreply.github.com>
|
2026-06-05 21:09:03 -07:00 |
|
Suliman Abdulrazzaq
|
f3396987a9
|
docs: add DBSC plugin documentation (#9892)
|
2026-06-05 18:58:50 -07:00 |
|
Gustavo Valverde
|
5898bd10da
|
fix(ci): resolve the latest Node patch for the smoke matrix (#9906)
|
2026-06-05 09:01:59 -04:00 |
|
Decker
|
3bc7d09083
|
docs: restore Commet plugin documentation (#9798)
|
2026-06-04 20:46:46 +09:00 |
|
Muhammad Rakha Qushayyi Andrianto
|
0933c050ff
|
fix(kysely-adapter): import migration constants from 'kysely/migration' (#9811)
Co-authored-by: unsiqasik <rkhandriantonew@gmail.com>
Co-authored-by: Maxwell <145994855+ping-maxwell@users.noreply.github.com>
|
2026-06-03 22:32:20 +00:00 |
|
Taesu
|
17130ec6ef
|
docs: mention minimal import option in installation guide (#9891)
Co-authored-by: Parship Chowdhury <parshipchowdhury@gmail.com>
|
2026-06-03 21:37:23 +00:00 |
|
Wilson Angelie Tan
|
1012b69046
|
fix(admin): return USER_NOT_FOUND for missing users before update (#9875)
Co-authored-by: Maxwell <145994855+ping-maxwell@users.noreply.github.com>
|
2026-06-03 16:07:47 +00:00 |
|
Maxwell
|
ad60333d15
|
fix: list-session fresh age session check (#9865)
Co-authored-by: Cursor Agent <cursoragent@cursor.com>
Co-authored-by: Maxwell <ping-maxwell@users.noreply.github.com>
|
2026-06-03 11:23:14 +00:00 |
|
Taesu
|
695753106d
|
docs: update community adapters (#9881)
|
2026-06-03 09:11:14 +00:00 |
|
Taesu
|
e111d63b8e
|
refactor(cookies): clarify cookie regex ranges (#9879)
|
2026-06-03 04:05:55 +00:00 |
|
better-release[bot]
|
5038d41ca2
|
chore: release v1.6.14 (#9846)
@better-auth/core@1.6.14
@better-auth/drizzle-adapter@1.6.14
@better-auth/electron@1.6.14
@better-auth/expo@1.6.14
@better-auth/i18n@1.6.14
@better-auth/kysely-adapter@1.6.14
@better-auth/memory-adapter@1.6.14
@better-auth/mongo-adapter@1.6.14
@better-auth/oauth-provider@1.6.14
@better-auth/passkey@1.6.14
@better-auth/prisma-adapter@1.6.14
@better-auth/redis-storage@1.6.14
@better-auth/scim@1.6.14
@better-auth/sso@1.6.14
@better-auth/stripe@1.6.14
@better-auth/telemetry@1.6.14
@better-auth/test-utils@1.6.14
auth@1.6.14
better-auth@1.6.14
@better-auth/api-key@1.6.14
v1.6.14
|
2026-06-02 16:56:28 -04:00 |
|
Gustavo Valverde
|
2d9781a83d
|
fix(organization): split invitation verification gates (#9877)
|
2026-06-02 16:45:44 -04:00 |
|
Taesu
|
5a2d642bc7
|
fix: accept null for optional fields in generated schema (#9841)
|
2026-06-01 06:28:56 +00:00 |
|
Taesu
|
840a56a8ce
|
docs(organization): document clearing logo with null (#9858)
|
2026-06-01 06:12:01 +00:00 |
|
Taesu
|
6c39075a31
|
chore: add postmortem for RSC header detection (#9857)
|
2026-06-01 04:51:56 +00:00 |
|
Taesu
|
9d3450ae23
|
fix(cookies): prefer __Secure- cookie in getSessionCookie (#9806)
|
2026-06-01 04:05:40 +00:00 |
|
Gustavo Valverde
|
13abc7922b
|
fix(core): make redirect-uri validation runtime-safe and reject fragments (#9845)
|
2026-05-31 13:37:39 +01:00 |
|
better-release[bot]
|
a6f38c72ee
|
chore: release v1.6.13 (#9804)
@better-auth/api-key@1.6.13
@better-auth/core@1.6.13
@better-auth/drizzle-adapter@1.6.13
@better-auth/electron@1.6.13
@better-auth/expo@1.6.13
@better-auth/i18n@1.6.13
@better-auth/kysely-adapter@1.6.13
@better-auth/memory-adapter@1.6.13
@better-auth/mongo-adapter@1.6.13
@better-auth/oauth-provider@1.6.13
@better-auth/passkey@1.6.13
@better-auth/prisma-adapter@1.6.13
@better-auth/redis-storage@1.6.13
@better-auth/scim@1.6.13
@better-auth/sso@1.6.13
@better-auth/stripe@1.6.13
@better-auth/telemetry@1.6.13
@better-auth/test-utils@1.6.13
auth@1.6.13
better-auth@1.6.13
v1.6.13
|
2026-05-31 12:41:17 +01:00 |
|
Gustavo Valverde
|
17ab66c3a4
|
fix(oauth-provider): enforce clientPrivileges on dynamic client registration (#9837)
|
2026-05-31 11:02:27 +00:00 |
|
Taesu
|
87c1a0cab2
|
fix(organization): allow null logo on create and update (#9842)
Co-authored-by: Maxwell <145994855+ping-maxwell@users.noreply.github.com>
|
2026-05-31 10:58:24 +00:00 |
|
Gustavo Valverde
|
be32012ca3
|
fix(oauth): validate redirect_uri schemes in oidc-provider and mcp (#9838)
|
2026-05-31 11:38:52 +01:00 |
|
Taesu
|
df9e8b2951
|
docs: align db adapter guide with adapter contract (#9830)
|
2026-05-31 09:01:50 +00:00 |
|
Taesu
|
5c3e248cbf
|
fix(core): throw on non-numeric deleteMany in consumeOne fallback (#9831)
|
2026-05-31 09:00:18 +00:00 |
|
Gustavo Valverde
|
4c3bbc4e56
|
fix(sso): update samlify to 2.13.1 for signed-assertion XML injection (#9821)
|
2026-05-30 23:58:05 +01:00 |
|
Gustavo Valverde
|
9c8ded67b1
|
docs(two-factor): mark viewBackupCodes as server-only in its API comment (#9822)
|
2026-05-30 23:52:38 +01:00 |
|
Gustavo Valverde
|
a1028d9f1f
|
fix(deps): force patched transitive versions via pnpm overrides (#9820)
|
2026-05-30 23:40:38 +01:00 |
|
Gustavo Valverde
|
e8696388bf
|
docs(oauth-provider): align metadata routing guidance (#9768)
|
2026-05-30 22:32:09 +01:00 |
|
Gustavo Valverde
|
43c08a2bc7
|
fix(account): scope OAuth account identity and fix buggy internalAdapter helpers (#9818)
Co-authored-by: Krish Garg <kgarg@chapman.edu>
|
2026-05-30 20:48:10 +00:00 |
|
Taesu
|
23d7cbfa79
|
fix(oauth): apply updateUserInfoOnLink in OAuth callback link flow (#8758)
Co-authored-by: Gustavo Valverde <g.valverde02@gmail.com>
|
2026-05-30 19:48:38 +01:00 |
|
Gustavo Valverde
|
e24ddfd13b
|
fix(expo): persist large account cookies by chunking device storage (#9815)
|
2026-05-30 18:24:14 +01:00 |
|
Gustavo Valverde
|
d3919dc1a5
|
feat(account): support server-side accountInfo calls without session headers (#9813)
Co-authored-by: Nathan Colosimo <nathancolosimo@gmail.com>
|
2026-05-30 12:45:40 +01:00 |
|
Vishesh Verma
|
5f282bd382
|
fix(account): default storeStateStrategy to "database" when using secondaryStorage (#9591)
Co-authored-by: Gustavo Valverde <g.valverde02@gmail.com>
|
2026-05-30 11:05:28 +01:00 |
|