github-starred/better-auth
2
0
Fork 0
mirror of https://github.com/better-auth/better-auth.git synced 2026-05-23 15:42:09 -05:00
Code Issues 2.5k Packages Projects Releases 112 Wiki Activity
6,661 Commits 99 Branches 1,251 Tags
@better-auth/scim@1.6.3
Commit Graph

81 Commits

Author SHA1 Message Date
better-release[bot]
6f17bb3ebd chore: release v1.6.3 (#9081) 2026-04-14 12:04:31 +01:00
Maxwell
9a6d4759cd fix(client): prevent isMounted race condition causing many rps (#9078) 
Co-authored-by: Taesu <bytaesu@gmail.com>
Co-authored-by: Gustavo Valverde <g.valverde02@gmail.com>
 2026-04-14 09:36:59 +00:00
Gustavo Valverde
390a03190c fix(stripe): prevent prototype pollution via user-supplied metadata (#9164) 2026-04-14 08:05:31 +00:00
Gustavo Valverde
5142e9cec5 fix(auth): harden dynamic baseURL resolution (#9131) 2026-04-14 08:01:13 +00:00
Taesu
513dabb132 fix: resolve dynamic baseURL for direct auth.api calls (#9113) 2026-04-14 06:16:53 +00:00
Gustavo Valverde
e2e25a4954 fix(oauth-provider): graceful DCR override for unauthenticated confidential clients (#9123) 2026-04-11 15:25:06 +00:00
Byte-Biscuit
f8758975ae fix(two-factor): updated backup codes respect storeBackupCodes option (#7231) 
Co-authored-by: Gustavo Valverde <g.valverde02@gmail.com>
 2026-04-11 13:19:46 +00:00
Gustavo Valverde
484ce6a262 fix(two-factor): enforce 2FA on all sign-in paths (#9122) 2026-04-11 12:33:58 +00:00
Gustavo Valverde
314e06f0fd feat(oauth-provider): add customTokenResponseFields and harden authorization code validation (#9118) 2026-04-11 09:54:48 +00:00
Taesu
4673c6d83c fix(cli): handle extends and mid-path wildcards in tsconfig paths (#9032) 2026-04-10 16:26:53 +00:00
Gustavo Valverde
52c47517a2 fix(sso): unify SAML response processing and fix bugs (#9097) 2026-04-10 15:00:26 +00:00
Taesu
c5066fe5d6 fix(stripe): omit quantity for metered prices in checkout and upgrades (#8926) 
Co-authored-by: better-release[bot] <273320539+better-release[bot]@users.noreply.github.com>
 2026-04-10 12:55:44 +00:00
Taesu
5f84335815 feat(stripe): support Stripe SDK v21 and v22 (#9084) 
Co-authored-by: leonardo2204 <1509421+leonardo2204@users.noreply.github.com>
Co-authored-by: better-release[bot] <273320539+better-release[bot]@users.noreply.github.com>
 2026-04-10 06:19:34 +00:00
Oluwatobi Mustapha
f6428d02fc fix(open-api): correct get-session nullable schema for OAS 3.1 (#8389) 
Co-authored-by: Maxwell <145994855+ping-maxwell@users.noreply.github.com>
Co-authored-by: ping-maxwell <maxwell.multinite@gmail.com>
 2026-04-09 20:44:35 +00:00
Ray
6ce30cf138 fix: incorrect operationId in password reset callback endpoint (#9072) 
Co-authored-by: Maxwell <145994855+ping-maxwell@users.noreply.github.com>
 2026-04-09 20:13:06 +00:00
better-release[bot]
700d298e1e chore: version packages (#9052) 2026-04-09 15:19:07 +01:00
Gustavo Valverde
4c829bf289 fix(oauth-provider): preserve multi-valued query params through prompt redirects (#9060) 2026-04-09 13:13:39 +00:00
Gustavo Valverde
b20fa424c3 fix(next-js): replace cookie probe with header-based RSC detection in nextCookies (#9059) 
Co-authored-by: Maxwell <145994855+ping-maxwell@users.noreply.github.com>
 2026-04-09 12:41:10 +00:00
Gustavo Valverde
608d8c3082 fix(sso): include RelayState in signed SAML AuthnRequests (#9058) 2026-04-09 12:05:02 +00:00
Dylan Vanmali
c6922dce8e refactor(oauth-provider): reject skip_consent at schema level in DCR (#8998) 2026-04-09 11:56:29 +00:00
Rayan Salhab
5e5d3f62fc fix(sso): normalize SAMLResponse whitespace at request boundary (#8968) 
Co-authored-by: Gustavo Valverde <g.valverde02@gmail.com>
 2026-04-09 11:04:10 +00:00
Jaydeep pipaliya
2cbcb9baac fix(oauth2): prevent cross-provider account collision in link-social callback (#8983) 
Co-authored-by: Gustavo Valverde <g.valverde02@gmail.com>
 2026-04-09 10:17:42 +00:00
Maxwell
9deb7936ab fix: cookie store strategy should verify oauth state (#8949) 
Co-authored-by: Bereket Engida <86073083+Bekacru@users.noreply.github.com>
Co-authored-by: Gustavo Valverde <g.valverde02@gmail.com>
 2026-04-09 09:26:36 +00:00
armful
84098432ad feat(two-factor): include enabled 2fa methods in sign-in redirect response (#8772) 
Co-authored-by: Gustavo Valverde <g.valverde02@gmail.com>
 2026-04-09 09:25:49 +00:00
armful
e78a7b120d fix(two-factor): prevent unverified TOTP enrollment from gating sign-in (#8711) 
Co-authored-by: Gustavo Valverde <g.valverde02@gmail.com>
 2026-04-09 08:48:10 +00:00
better-release[bot]
85bb710edc chore: version packages (#9018) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-04-08 19:22:59 +00:00
Taesu
7495830659 fix(api): restore getSession accessibility in generic Auth<O> context (#9017) 2026-04-08 17:34:12 +00:00
Jonathan Samines
2e537df5f7 fix: endpoint instrumentation to always use route template (#9023) 2026-04-08 08:41:31 +10:00
Maxwell
f61ad1cab7 fix: use INVALID_PASSWORD for all checkPassword failures (#8902) 2026-04-07 18:17:10 +00:00
Gustavo Valverde
8737dbf3f6 chore: remove pending pr-8927 changeset (#8993) 2026-04-06 16:03:44 +00:00
Gustavo Valverde
d9b16d2551 chore: sync main to next 
chore: sync main to next
 2026-04-06 16:47:42 +01:00
Gustavo Valverde
535655bc0d chore: fix release-blocking Changesets null versions on next (#8992) 2026-04-06 15:31:00 +00:00
Taesu
141781d6fc fix: generate session id when using secondary storage without database (#8927) 2026-04-06 14:43:47 +00:00
better-release[bot]
d666a03372 chore: exit pre-release mode for v1.6.0 2026-04-06 14:41:56 +00:00
Gustavo Valverde
29d197e688 chore: sync main to next (#8976) 
chore: sync main to next
 2026-04-06 15:31:29 +01:00
Gustavo Valverde
e5091ee1e6 fix(oauth-provider): scope loss on PAR, loopback redirect matching, DCR skip_consent (#8632) 2026-04-06 14:14:39 +00:00
Gustavo Valverde
bd9bd58f87 fix(security): enforce authorization on SCIM management endpoints and normalize passkey ownership (#8843) 2026-04-06 13:47:24 +00:00
Gustavo Valverde
ee8b40d502 fix(deps): patch Dependabot security issues (#8838) 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-04-06 13:16:45 +00:00
Taesu
560230f751 fix(types): prevent any from collapsing base type and client inference (#8981) 2026-04-06 12:18:58 +00:00
Gustavo Valverde
dd537cbdeb chore(oidc-provider): deprecate plugin in favor of @better-auth/oauth-provider (#8985) 2026-04-06 12:13:35 +00:00
Taesu
469eee6d84 fix(oauth): prevent double-hashing of state when storeIdentifier is hashed (#8980) 
Co-authored-by: Gustavo Valverde <g.valverde02@gmail.com>
 2026-04-06 11:14:55 +00:00
better-auth-releases[bot]
73beda26f9 chore: version packages (beta) (#8945) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-04-04 15:52:24 +00:00
Gustavo Valverde
9b4ccb1f11 fix: restore original changeset bump types now that peer dep patch is in place 2026-04-04 15:52:24 +00:00
Gustavo Valverde
64c2978516 fix: prevent major version escalation in changeset peer dep resolution 2026-04-04 15:52:24 +00:00
Gustavo Valverde
5dd9e44c04 chore: enter beta pre-release mode with changesets for 1.6.0 2026-04-04 15:52:24 +00:00
Gustavo Valverde
dea55f0385 chore: add all packages to changesets fixed group (#8944) 2026-04-03 23:35:04 +00:00
Gustavo Valverde
0afc6a1e78 ci: replace bumpp with changesets release automation (#8903) 2026-04-03 21:43:23 +00:00
Bereket Engida
95c7ee3e44 chore: remove changeset 2025-08-11 14:45:50 -07:00
dogus
422aa488b7 feat(stripe): create billing portal session (#3625) 
* feat(stripe) : add billing portal session endpoint

* create billing portal session

* update docs

* chore: changeset

* chore: fix stripe

* chore: remove comment

* chore: update docs

---------

Co-authored-by: Bereket Engida <Bekacru@gmail.com>
Co-authored-by: Bereket Engida <86073083+Bekacru@users.noreply.github.com>
 2025-08-06 16:38:50 -07:00
KinfeMichael Tariku
0eef0abc3b fix(org): use correct slug lookup when setting active org 2025-08-06 16:38:40 -07:00