better-auth 1.4.8

v1.4.8

on Node.js NPM

   🚀 Features

• Add additionalFields option in verification table schema  -  by @noctarius in #6747 (5368a)
• Add patreon social provider  -  by @Spuffynism in #6245 (e76de)
• Add a global backgroundTasks config option to defer actions like sending email and updates to run after response is sent  -  by @nexxeln, @Bekacru in #6713 (3e28e)
• oauth-provider:
  • An oauth 2.1 compliant plugin  -  by @dvanmali in #4163 (f1b90)
• saml:
  • Validate SAML crypto algorithms during initial phase  -  by @Paola3stefania in #6785 (dc6af)
  • Enforce one-time use of SAML assertions  -  by @Paola3stefania in #6719 (bbc3d)

   🐞 Bug Fixes

• Revert token masking in listSessions route  -  by @bytaesu in #6749 (0ba89)
• Compatible with openapi 3.1  -  by @himself65 in #6705 (a63e7)
• Properly merge updated data in account cookie  -  by @jslno in #6758 (5cec4)
• Preserve = padding in parsed cookies  -  by @Shridhad in #6789 (f32d2)
• Unify SSO/OAuth account linking and add domain-based org assignment to all sign-in flows  -  by @Paola3stefania in #6652 (1c671)
• Respect BETTER_AUTH_TRUSTED_ORIGINS env variable  -  by @Paola3stefania in #6809 (a7905)
• Delete verifications with hooks  -  by @jonathansamines in #6803 (fe696)
• Respect IP headers in dev/test environments  -  by @bytaesu in #6854 (c01b8)
• Update-user breaking during stateless auth  -  by @ping-maxwell in #6894 (34093)
• Export necessary adapter types  -  by @himself65 in #6903 (4551e)
• Use operator in list members where clause  -  by @Diabl0570 in #6850 (60c77)
• Don't set state query param if state is not provided  -  by @paoloricciuti in #6822 (70d49)
• Correct wildcard pattern matching for trustedOrigins  -  by @bytaesu in #6904 (5c218)
• adapter:
  • Apply customTransformInput to where clause values  -  by @erquhart and @ping-maxwell in #6914 (6d4aa)
• api-key:
  • Prevent id update error with MongoDB adapter  -  by @balbuzar in #6752 (6f914)
• auth:
  • Respect trustedOrigins when baseURL is inferred  -  by @Paola3stefania in #6882 (ac004)
• client:
  • Set session data on refreshManager  -  by @himself65 in #6932 (d808c)
• cognito:
  • Use %20 encoding for scopes instead of +  -  by @nathannewyen in #6929 (b3d99)
• expo:
  • Add missing matcher paths  -  by @bytaesu in #6939 (be0b0)
• generic-oauth:
  • Ensure encryptOAuthTokens is respected in account linking flow  -  by @DevanAbinaya in #6874 (7e008)
• organization:
  • Validate role existence in inviteMember endpoint  -  by @GautamBytes in #6774 (6c0cd)
  • Allow internal organization creation when disabled for client  -  by @GautamBytes in #6857 (50cab)
• passkey:
  • Use deleteVerificationByIdentifier instead of deleteVerificationValue  -  by @bytaesu in #6821 (eed80)
• prisma-adapter:
  • Extract id to root level for delete operations  -  by @ping-maxwell in #6425 (9ba42)
• sso:
  • Enforce domain verification in assignOrganizationByDomain  -  by @Paola3stefania in #6868 (43cf2)
• stripe:
  • Update subscriptionId to use Stripe id  -  by @bytaesu in #6920 (35072)

    View changes on GitHub