🚀 Features
- admin: Make password field optional on create user - by @Bekacru and @cursoragent in #7441 (c11ac)
- api-keys: Pagination support for list-api-keys - by @ping-maxwell and @himself65 in #7424 (25f57)
- two-factor: Add twoFactorCookieMaxAge as a separate option - by @Bekacru (29946)
🐞 Bug Fixes
- Update TanStack imports to use server subpath - by @himself65 in #7446 (e8922)
/minimalincludes unexpected deps - by @himself65 in #7467 (1668a)- Handle serial and false cases in generateId - by @bytaesu in #7474 (52033)
- Consistent token endpoint for dropbox provider - by @bytaesu in #7444 (7a9dc)
- Include
Set-Cookiewhen APIError thrown in hooks - by @himself65 in #7478 (a5f42) - Ensure session id exists for secondary storage without database - by @bytaesu in #7476 (ed5c4)
- Delay database hooks execution until after transaction commits - by @himself65 and Alex Yang in #7345 (dabed)
- Set default ipv6 subnet to 64 - by @himself65 in #7509 (5de97)
- client:
- Deep merge plugin actions to preserve all methods - by @gustavovalverde in #7407 (0e04e)
- cookies:
- db:
- Only exclude
returned: falsefields from output schemas - by @Paola3stefania in #7504 (5cc0a)
- Only exclude
- mcp:
- Correct version - by @himself65 in #7496 (98b0b)
- organization:
- Missing
activeTeamIdfield when dynamic access control is enabled - by @longnguyen2004, @himself65, ping-maxwell and @ping-maxwell in #7385 (00bda)
- Missing
- prisma-adapter:
- Enhance null condition handling - by @himself65 and reslear in #7483 (228ed)
- rate-limit:
- Support IPv6 address normalization and subnet - by @himself65 in #7470 (57af0)
- sso:
- Normalize SAML emails to prevent duplicate users - by @ajaykarthikr in #7460 (46b8c)
- Fix validateToken JWK handling for all key types - by @Paola3stefania in #7479 (78f12)
- stripe:
- two-factor: