SyntaxError: 'super' keyword unexpected #1851

New Issue

GiteaMirror · 2026-03-13T09:08:07-05:00

GiteaMirror commented

2026-03-13 09:08:07 -05:00

Originally created by @nebrekab on GitHub (Sep 5, 2025).

Is this suited for github?

Yes, this is suited for github

To Reproduce

I am seeing an issue with better-auth and Astro, running on Vite 7 with React.

The error is:

Specifically that SyntaxError: 'super' keyword unexpected here...

I have found this thread that highlights the same issue (this time with NextJS and Prisma): https://www.reddit.com/r/better_auth/comments/1muowba/error_using_betterauth_with_nextjs_prisma/

Before the update to better-auth 1.3.8 (from 1.2.8) and Vite 7.1.4 (from 6.3.5), there was no issue. (Astro version is 5.13.5.)

package.json

{
  "name": "my-project",
  "type": "module",
  "version": "0.1.0",
  "scripts": {
    "dev": "astro dev",
    "build": "astro build",
    "preview": "astro preview",
    "astro": "astro",
    "cert": "rm -rf .cert && mkdir -p .cert && mkcert -key-file ./.cert/key.pem -cert-file ./.cert/cert.pem 'localhost'"
  },
  "devDependencies": {
    "@astrojs/netlify": "^6.5.9",
    "@astrojs/react": "^4.3.0",
    "@react-email/components": "^0.5.1",
    "@storyblok/astro": "^7.2.5",
    "@tailwindcss/vite": "^4.1.13",
    "@types/node": "^24.3.1",
    "@types/react": "^19.1.12",
    "@types/react-dom": "^19.1.9",
    "astro": "^5.13.5",
    "better-auth": "^1.3.8",
    "mysql2": "^3.14.4",
    "resend": "^6.0.2",
    "tailwindcss": "^4.0.7",
    "vite": "^7.1.4"
  },
  "dependencies": {
    "react": "^19.1.1",
    "react-dom": "^19.1.1"
  }
}

Current vs. Expected behavior

Currently React breaks immediately on page load. So the page stops working. I believe this is due to invalid syntax in the bundled markup. As mentioned in Additional content, bypassing Vites' dependency optimization gets around the error, but I think this is not the ideal/long term solution.

What version of Better Auth are you using?

1.3.8

System info

{
  "system": {
    "platform": "darwin",
    "arch": "arm64",
    "version": "Darwin Kernel Version 24.6.0: Mon Jul 14 11:30:30 PDT 2025; root:xnu-11417.140.69~1/RELEASE_ARM64_T6020",
    "release": "24.6.0",
    "cpuCount": 12,
    "cpuModel": "Apple M2 Pro",
    "totalMemory": "32.00 GB",
    "freeMemory": "0.38 GB"
  },
  "node": {
    "version": "v22.17.1",
    "env": "development"
  },
  "packageManager": {
    "name": "npm",
    "version": "11.5.2"
  },
  "frameworks": null,
  "databases": null,
  "betterAuth": {
    "version": "Unknown",
    "config": null,
    "error": "ENOENT: no such file or directory, open 'package.json'"
  }
}

Which area(s) are affected? (Select all that apply)

Client

Auth config (if applicable)

not included as I believe this is a vite compiling issue

Additional context

I have managed to bypass the issue, by adding to exclude optimizing better-auth to my Vite (Astro, in this case) config:

vite: {
    server: {
      https: true
    },
    optimizeDeps: {
      exclude: ["better-auth"],
    },
  },

Originally created by @nebrekab on GitHub (Sep 5, 2025). ### Is this suited for github? - [x] Yes, this is suited for github ### To Reproduce I am seeing an issue with better-auth and Astro, running on Vite 7 with React. The error is: <img width="669" height="210" alt="Image" src="https://github.com/user-attachments/assets/b3508eec-d91b-4028-ba8c-c70a7cc0d4c1" /> Specifically that SyntaxError: 'super' keyword unexpected here... I have found this thread that highlights the same issue (this time with NextJS and Prisma): https://www.reddit.com/r/better_auth/comments/1muowba/error_using_betterauth_with_nextjs_prisma/ Before the update to better-auth 1.3.8 (from 1.2.8) and Vite 7.1.4 (from 6.3.5), there was no issue. (Astro version is 5.13.5.) #### package.json ``` { "name": "my-project", "type": "module", "version": "0.1.0", "scripts": { "dev": "astro dev", "build": "astro build", "preview": "astro preview", "astro": "astro", "cert": "rm -rf .cert && mkdir -p .cert && mkcert -key-file ./.cert/key.pem -cert-file ./.cert/cert.pem 'localhost'" }, "devDependencies": { "@astrojs/netlify": "^6.5.9", "@astrojs/react": "^4.3.0", "@react-email/components": "^0.5.1", "@storyblok/astro": "^7.2.5", "@tailwindcss/vite": "^4.1.13", "@types/node": "^24.3.1", "@types/react": "^19.1.12", "@types/react-dom": "^19.1.9", "astro": "^5.13.5", "better-auth": "^1.3.8", "mysql2": "^3.14.4", "resend": "^6.0.2", "tailwindcss": "^4.0.7", "vite": "^7.1.4" }, "dependencies": { "react": "^19.1.1", "react-dom": "^19.1.1" } } ``` ### Current vs. Expected behavior Currently React breaks immediately on page load. So the page stops working. I believe this is due to invalid syntax in the bundled markup. As mentioned in Additional content, bypassing Vites' dependency optimization gets around the error, but I think this is not the ideal/long term solution. ### What version of Better Auth are you using? 1.3.8 ### System info ```bash { "system": { "platform": "darwin", "arch": "arm64", "version": "Darwin Kernel Version 24.6.0: Mon Jul 14 11:30:30 PDT 2025; root:xnu-11417.140.69~1/RELEASE_ARM64_T6020", "release": "24.6.0", "cpuCount": 12, "cpuModel": "Apple M2 Pro", "totalMemory": "32.00 GB", "freeMemory": "0.38 GB" }, "node": { "version": "v22.17.1", "env": "development" }, "packageManager": { "name": "npm", "version": "11.5.2" }, "frameworks": null, "databases": null, "betterAuth": { "version": "Unknown", "config": null, "error": "ENOENT: no such file or directory, open 'package.json'" } } ``` ### Which area(s) are affected? (Select all that apply) Client ### Auth config (if applicable) ```typescript not included as I believe this is a vite compiling issue ``` ### Additional context I have managed to bypass the issue, by adding to exclude optimizing better-auth to my Vite (Astro, in this case) config: ``` vite: { server: { https: true }, optimizeDeps: { exclude: ["better-auth"], }, }, ```

GiteaMirror added the astro label 2026-03-13 09:08:07 -05:00

GiteaMirror closed this issue

2026-03-13 09:08:07 -05:00

GiteaMirror commented

2026-03-13 09:08:09 -05:00

@dosubot[bot] commented on GitHub (Sep 5, 2025):

Hi @nebrekab! I'm Dosu and I’m helping the better-auth team.

This is a known issue with Vite and better-auth: Vite's dependency optimization can include server-only or untranspiled ES6+ code (like the super keyword) from better-auth in the client bundle, which causes the syntax error you’re seeing. The recommended fix is to exclude better-auth from Vite's dependency optimization by adding optimizeDeps.exclude: ['better-auth'] to your Vite config, which you’ve already done (source).

For a more robust solution, make sure you are importing from the explicit client entrypoint: use import { ... } from 'better-auth/client' in your client-side code. This ensures only browser-safe code is bundled and avoids pulling in server-only modules (source).

These steps are the officially recommended approach for Vite projects using better-auth.

To reply, just mention @dosu.

^{How did I do? Good | Irrelevant | Incorrect | Verbose | Hallucination | Report 🐛 | Other}

@dosubot[bot] commented on GitHub (Sep 5, 2025):  Hi @nebrekab! I'm [Dosu](https://go.dosu.dev/dosubot) and I’m helping the better-auth team.  This is a known issue with Vite and better-auth: Vite's dependency optimization can include server-only or untranspiled ES6+ code (like the `super` keyword) from better-auth in the client bundle, which causes the syntax error you’re seeing. The recommended fix is to exclude `better-auth` from Vite's dependency optimization by adding `optimizeDeps.exclude: ['better-auth']` to your Vite config, which you’ve already done ([source](https://github.com/better-auth/better-auth/issues/4082)). For a more robust solution, make sure you are importing from the explicit client entrypoint: use `import { ... } from 'better-auth/client'` in your client-side code. This ensures only browser-safe code is bundled and avoids pulling in server-only modules ([source](https://github.com/better-auth/better-auth/issues/3498)). These steps are the officially recommended approach for Vite projects using better-auth.  *To reply, just mention [@dosu](https://go.dosu.dev/dosubot).* --- <sup>How did I do? [Good](https://app.dosu.dev/response-feedback/e3873c42-9a64-4c21-9c18-3dc5a4a7cd51?feedback_type=great_response) | [Irrelevant](https://app.dosu.dev/response-feedback/e3873c42-9a64-4c21-9c18-3dc5a4a7cd51?feedback_type=irrelevant_answer) | [Incorrect](https://app.dosu.dev/response-feedback/e3873c42-9a64-4c21-9c18-3dc5a4a7cd51?feedback_type=incorrect_sources) | [Verbose](https://app.dosu.dev/response-feedback/e3873c42-9a64-4c21-9c18-3dc5a4a7cd51?feedback_type=too_verbose) | [Hallucination](https://app.dosu.dev/response-feedback/e3873c42-9a64-4c21-9c18-3dc5a4a7cd51?feedback_type=hallucination) | [Report 🐛](https://app.dosu.dev/response-feedback/e3873c42-9a64-4c21-9c18-3dc5a4a7cd51?feedback_type=bug_report) | [Other](https://app.dosu.dev/response-feedback/e3873c42-9a64-4c21-9c18-3dc5a4a7cd51?feedback_type=other)</sup>  [![Chat with Dosu](https://dosu.dev/dosu-chat-badge.svg)](https://app.dosu.dev/cdda13d9-dd27-4d31-b09a-5d8bec92de21/ask?utm_source=github) [![Join Discord](https://img.shields.io/badge/join-5865F2?logo=discord&logoColor=white&label=)](https://go.dosu.dev/discord-bot) [![Share on X](https://img.shields.io/badge/X-share-black)](https://twitter.com/intent/tweet?text=%40dosu_ai%20helped%20me%20solve%20this%20issue!&url=https%3A//github.com/better-auth/better-auth/issues/4457)

GiteaMirror commented

2026-03-13 09:08:09 -05:00

@gvkhna commented on GitHub (Sep 5, 2025):

I traced the error, although strange this git blame is from last year but in my case it's breaking at better-call.

This should be a type-only import

9833a7edee/packages/better-auth/src/plugins/organization/organization.ts (L1)

Rolling back to 1.3.7 has no error so it's some change in the last version release.

@gvkhna commented on GitHub (Sep 5, 2025): I traced the error, although strange this git blame is from last year but in my case it's breaking at better-call. This should be a type-only import https://github.com/better-auth/better-auth/blob/9833a7edeef38e6d287badc4b8d11fe598ad55be/packages/better-auth/src/plugins/organization/organization.ts#L1 Rolling back to 1.3.7 has no error so it's some change in the last version release.

GiteaMirror commented

2026-03-13 09:08:10 -05:00

@Kinfe123 commented on GitHub (Sep 5, 2025):

The issue seems more of the vite optimization like how they try to prebundle and mangle the super keyword usage to somehow lost context. ref - https://vite.dev/guide/dep-pre-bundling.html also here the better-call uses super keyword. for now ig it is better to exclude better-auth from optimizations.

@Kinfe123 commented on GitHub (Sep 5, 2025): The issue seems more of the vite optimization like how they try to prebundle and mangle the super keyword usage to somehow lost context. ref - https://vite.dev/guide/dep-pre-bundling.html also here the `better-call` uses super keyword. for now ig it is better to exclude better-auth from optimizations.

GiteaMirror commented

2026-03-13 09:08:11 -05:00

@gvkhna commented on GitHub (Sep 5, 2025):

The issue seems more of the vite optimization like how they try to prebundle and mangle the super keyword usage to somehow lost context. ref - https://vite.dev/guide/dep-pre-bundling.html also here the better-call uses super keyword. for now ig it is better to exclude better-auth from optimizations.

Uh wut? better-call is a web server framework, it shouldn’t be imported by the client. I highlighted the line that is causing the import, if you do type only import, the entire module won’t be imported to client code.

Can someone from core team add typescript verbatim imports, for type only imports, this should’ve been caught already.

@gvkhna commented on GitHub (Sep 5, 2025): > The issue seems more of the vite optimization like how they try to prebundle and mangle the super keyword usage to somehow lost context. ref - https://vite.dev/guide/dep-pre-bundling.html also here the `better-call` uses super keyword. for now ig it is better to exclude better-auth from optimizations. Uh wut? better-call is a web server framework, it shouldn’t be imported by the client. I highlighted the line that is causing the import, if you do type only import, the entire module won’t be imported to client code. Can someone from core team add typescript verbatim imports, for type only imports, this should’ve been caught already.

GiteaMirror commented

2026-03-13 09:08:12 -05:00

@margaretjoanmiller commented on GitHub (Sep 5, 2025):

Hitting this too. This shouldn't need a workaround or this should be better documented to be honest.

@margaretjoanmiller commented on GitHub (Sep 5, 2025): Hitting this too. This shouldn't need a workaround or this should be better documented to be honest.

GiteaMirror commented

2026-03-13 09:08:12 -05:00

@trupu commented on GitHub (Sep 5, 2025):

Facing the same issue here on ^1.3.6/1.3.8

optimizeDeps: {
   exclude: ['better-auth']
}

works fine for a workaround

@trupu commented on GitHub (Sep 5, 2025): Facing the same issue here on ^1.3.6/1.3.8 ``` optimizeDeps: { exclude: ['better-auth'] } ``` works fine for a workaround

GiteaMirror commented

2026-03-13 09:08:13 -05:00

@Kinfe123 commented on GitHub (Sep 5, 2025):

@trupu @margaretjoanmiller if you can do minimal repro for this. that would be good. ig it should be compatible with dep optimization.

@Kinfe123 commented on GitHub (Sep 5, 2025): @trupu @margaretjoanmiller if you can do minimal repro for this. that would be good. ig it should be compatible with dep optimization.

GiteaMirror commented

2026-03-13 09:08:14 -05:00

@erquhart commented on GitHub (Sep 7, 2025):

@Kinfe123 basic repro here: https://github.com/erquhart/better-auth-issue-4457-repro

It's a basic TanStack Start quickstart, only src/routes/index.tsx sets up an authClient with a single plugin, which triggers the error.

@erquhart commented on GitHub (Sep 7, 2025): @Kinfe123 basic repro here: https://github.com/erquhart/better-auth-issue-4457-repro It's a basic TanStack Start quickstart, only src/routes/index.tsx sets up an authClient with a single plugin, which triggers the error.

GiteaMirror commented

2026-03-13 09:08:16 -05:00

@vivek700 commented on GitHub (Sep 7, 2025):

Facing the same issue in Svelte: ^5.38.3 with better-auth: ^1.3.8

optimizeDeps: { exclude: ["better-auth"] }

Adding better-auth to the optimizeDeps.Excluding the array in my vite.config.js file resolves the issue.

@vivek700 commented on GitHub (Sep 7, 2025): Facing the same issue in Svelte: ^5.38.3 with better-auth: ^1.3.8 ` optimizeDeps: { exclude: ["better-auth"] } ` Adding better-auth to the optimizeDeps.Excluding the array in my vite.config.js file resolves the issue.

GiteaMirror commented

2026-03-13 09:08:16 -05:00

@himself65 commented on GitHub (Sep 7, 2025):

We fixed this in 665bc84ede and I think the core reason is vite transpile code incorrectly, so maybe you set the target to ES2022 will fix this

@himself65 commented on GitHub (Sep 7, 2025): We fixed this in https://github.com/better-auth/better-auth/commit/665bc84ede80fd69e6f2361db92dc665ae8ea3e6 and I think the core reason is vite transpile code incorrectly, so maybe you set the target to `ES2022` will fix this

GiteaMirror commented

2026-03-13 09:08:16 -05:00

@erquhart commented on GitHub (Sep 7, 2025):

I'm actually finding this only happens with outdated versions of Vite, doesn't happen with latest.

@erquhart commented on GitHub (Sep 7, 2025): I'm actually finding this only happens with outdated versions of Vite, doesn't happen with latest.

GiteaMirror commented

2026-03-13 09:08:17 -05:00

@khantseithu commented on GitHub (Sep 8, 2025):

+1

@khantseithu commented on GitHub (Sep 8, 2025): +1

GiteaMirror commented

2026-03-13 09:08:18 -05:00

@nebrekab commented on GitHub (Sep 8, 2025):

Apologies, but my test case was not configured properly and this issue does still seem to present itself... Still an issue for me with Vite 7.1.5.

The optimizeDeps workaround is still the way to go for now.

@himself65 - I tried setting Vite's compilerOptions (and build) target to "ES2022", but it still presented the issue.

@nebrekab commented on GitHub (Sep 8, 2025): Apologies, but my test case was not configured properly and this issue does still seem to present itself... Still an issue for me with Vite 7.1.5. The _optimizeDeps_ workaround is still the way to go for now. @himself65 - I tried setting Vite's compilerOptions (and build) target to "ES2022", but it still presented the issue.

GiteaMirror commented

2026-03-13 09:08:18 -05:00

@himself65 commented on GitHub (Sep 8, 2025):

Please try 1.3.9. I believe we have fixed that!

@himself65 commented on GitHub (Sep 8, 2025): Please try 1.3.9. I believe we have fixed that!

GiteaMirror commented

2026-03-13 09:08:19 -05:00

@himself65 commented on GitHub (Sep 8, 2025):

Fixed in 665bc84ede

@himself65 commented on GitHub (Sep 8, 2025): Fixed in https://github.com/better-auth/better-auth/commit/665bc84ede80fd69e6f2361db92dc665ae8ea3e6

GiteaMirror commented

2026-03-13 09:08:20 -05:00

@nebrekab commented on GitHub (Sep 8, 2025):

Yes, @himself65 , that is indeed fixed with the 1.3.9 better-auth update. Now no need for optimizeDeps work around.

Thanks very much 🚀

@nebrekab commented on GitHub (Sep 8, 2025): Yes, @himself65 , that is indeed fixed with the 1.3.9 better-auth update. Now no need for _optimizeDeps_ work around. Thanks very much 🚀

GiteaMirror commented

2026-03-13 09:08:20 -05:00

@jornverhoeven commented on GitHub (Sep 8, 2025):

@himself65 The 1.3.9 version seems to have fixed the problem indeed. Amazing work, thanks a million :)

@jornverhoeven commented on GitHub (Sep 8, 2025): @himself65 The 1.3.9 version seems to have fixed the problem indeed. Amazing work, thanks a million :)

GiteaMirror referenced this issue

2026-03-13 11:29:12 -05:00

[PR #1851] [MERGED] chore(demo,env): remove extra `=` #4029

GiteaMirror referenced this issue

2026-04-13 08:17:12 -05:00

[PR #1851] [MERGED] chore(demo,env): remove extra `=` #12276

GiteaMirror referenced this issue

2026-04-15 20:01:20 -05:00

[PR #1851] [MERGED] chore(demo,env): remove extra `=` #20930

GiteaMirror referenced this issue

2026-04-17 20:55:43 -05:00

[PR #1851] [MERGED] chore(demo,env): remove extra `=` #29630

Sign in to join this conversation.

Branches Tags

dependabot/npm_and_yarn/demo/electron/demo-minor-patch-227a091249

dependabot/github_actions/github-actions-98f3470200

2026-05-13/ci/stabilize-docker-startup

dependabot/npm_and_yarn/samlify-2.13.0

changeset-release/main

main

2026-05-22/chore/adopt-agents-md

2026-05-22/refactor/string-case-utils

2026-05-14/fix/passkey-verify-error-and-claim

changeset-release/next

client-assertions-main

2026-05-15/ci/fix-sqlite-abi-mismatch

2026-05-15/fix/organization-team-add-cascade

2026-05-15/fix/parse-set-cookie-value-validation

2026-05-13/feat/captcha-wildcard-endpoints

fix/i18n-before-hook-translation

fix/disable-migration-generate

2026-05-07/fix/admin-set-password-upsert

2026-05-10/fix/cookie-drain-order

2026-05-10/feat/hooks-finally

2026-05-09/fix/cookie-drain-order

2026-05-09/feat/hooks-finally

2026-05-08/feat/register-before-send

fix/stripe/subscription-data-merge

2026-05-01/chore/pnpm-v11-harden

chore/pnpm-v11

2026-04-29/feat/google-include-granted-scopes

2026-04-29/fix/oauth-account-scope-semantics

2026-04-27/fix/nextcookies-idempotent-writes

2026-04-26/fix/harden-proxy-host-validation

2026-04-26/refactor/stripe-callback-signature-cleanup

2026-04-26/fix/stripe-subscription-callback-timing

2026-04-11/fix/sveltekit-app-modules

feat/open-api-zod-contract

feat/oauth-provider-backchannel-logout-next

feat/oauth-idp-initiated-bounce

refactor/sign-in-challenges

2026-04-21/fix/oauth-rfc-input-validation

fix/release-notes-new-packages

fix/two-factor-identity-guard

fix/resource

feat/emailpassword-authorize

2026-04-12/security/dynamic-baseurl-proxy-trust-default

feat/oauth-provider-at-hash-v2

fix/release-grep-fallback

claude/address-review-comments-JhFLr

claude/slack-update-stripe-docs-consistency-8Sc0w

feat/async-auth

fix/two-factor-totp-verified-enrollment

feat/plugin-ui

codex/blog-1-6-release-post

2026-04-06/fix/type-any-guards

2026-04-05/chore/downgrade-better-call

2026-04-04/ci/skip-vercel-fork-prs

2026-03-28/ci/add-autofix-ci

chore/release-preview-script

himself65/2026/02/19/role

2026-03-24/fix/update-user-info-on-link

2026-03-20/docs/improve-website

2026-03-20/fix/anonymous-onlinkaccount-expo

2026-02-17/fix/anonymous-link-state

fix/8607-saml-inresponseto

fix/8549-scim-patch-noop

v1.4.x

refactor/migration-snapshot-tests

worktree-magic-link-additional-data

chore/migrate-build-to-rollup

worktree-fix-dynamic-baseurl-8447

2026-03-06/chore/public-api-check

fix/close-8156-regression-test

fix/secondary-storage-json-error-handling

himself65/verification-namespace

cursor/issue-8307-validation-79a3

himself65/2026/01/30/error-mdx

v1.4.x-staging

fix/email-otp-user

fix/restrict-full-organization-access-roles

himself65/2026/02/12/count

himself65/2026/02/04/define-plugin

2026-02-04/feat/add-pluralize

cursor/better-auth-js-integration-ec21

cursor/expo-state-mismatch-394c

2026-02-01/fix/org-update-role-sync-members

cursor/issue-7607-investigation-e146

cursor/email-generation-helper-0ff6

himself65/2026/01/21/avoid-spread-operator

himself65/2026/01/14/cli

claude/slack-add-docs-pr-NMvgO

claude/slack-add-advanced-useplural-WHKYL

feat/hooks-pos

feat/2fa-phone

feat/2fa

fix/rotation

fix/username-check

v1.3.x

refactor/organization

feat/multiple-client-ids-social-providers

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/better-auth#1851