better-auth 1.4.7

v1.4.7

on Node.js NPM

   🚀 Features

• admin:
  • Add support role with permissions for user updates and enforce role change validation  -  by @Bekacru and Copilot in #6699 (6c68e)
• one-time-token:
  • Support setting session cookie on ott verify  -  by @Bekacru in #3659 (7a4e8)
• phone-number:
  • Add password length validation for reset functionality  -  by @Bekacru in #6674 (700f4)
• saml:
  • Assertion timestamp validation with per-provider clock skew  -  by @Paola3stefania in #6706 (f9875)
• sso:
  • Add InResponseTo validation  -  by @Paola3stefania in #6557 (5a49f)
  • Add OIDC discovery  -  by @Paola3stefania and @Bekacru in #6395 (b9d4b)
  • Add URL normalization and validation to all discovery URLs  -  by @jonathansamines, Paola Estefanía de Campos, @Paola3stefania and @Bekacru in #6503 (50248)

   🐞 Bug Fixes

• Prevent stateless refresh with database configured  -  by @Bekacru in #6700 (9fed2)
• api-key: Check metadata is enabled for api key update endpoint  -  by @Bekacru in #6632 (87441)
• line: Enforce nonce  -  by @Bekacru in #6631 (66699)
• saml: Remove signature validation bypass  -  by @Paola3stefania in #6682 (9c1a3)

   🏎 Performance

• Add index on organizations slug field  -  by @matteobad and matteobadini in #6303 (c3fe9)

    View changes on GitHub