github better-auth/better-auth v1.6.6
on GitHub

5 hours ago

better-auth

Bug Fixes

  • Fixed preservation of the Partitioned attribute when forwarding Set-Cookie headers (#9235)
  • Fixed boolean coercion for the disableRefresh query parameter in custom session validation (#9214)
  • Fixed incorrect inference of team additional fields in the organization plugin (#9266)
  • Added support for removing a phone number via updateUser({ phoneNumber: null }) (#9219)

For detailed changes, see CHANGELOG

@better-auth/core

Features

  • Added mapConcurrent, a bounded-concurrency async utility, at @better-auth/core/utils/async (#9227)

Bug Fixes

  • Made @opentelemetry/api an optional peer dependency (#9111)

For detailed changes, see CHANGELOG

@better-auth/api-key

Bug Fixes

  • Improved performance by running secondary-storage API key lookups in parallel (#9187)

For detailed changes, see CHANGELOG

@better-auth/expo

Bug Fixes

  • Fixed session loading to read cached data from SecureStore on app startup, eliminating the login screen flash for returning users (#8953)

For detailed changes, see CHANGELOG

@better-auth/oauth-provider

Bug Fixes

  • Fixed several SSRF vulnerabilities by unifying host classification and closing loopback bypass vectors across packages (#9226)

For detailed changes, see CHANGELOG

@better-auth/sso

Bug Fixes

  • Fixed an ESM/CJS compatibility issue when loading samlify (#9262)

For detailed changes, see CHANGELOG

Contributors

Thanks to everyone who contributed to this release:

@bytaesu, @gustavovalverde, @jonathansamines, @ping-maxwell, @terijaki

Full changelog: v1.6.5...v1.6.6

Check out latest releases or
releases around better-auth/better-auth v1.6.6

Don't miss a new better-auth release

NewReleases is sending notifications on new releases.

Get notifications