chore(deps): update dependency better-auth to v1.4.11 #35

Renovate-Clanker · 2026-01-12T11:01:59Z

Renovate-Clanker commented

2026-01-12 11:01:59 +00:00

This PR contains the following updates:

Package	Change	Age	Confidence
better-auth (source)	`1.4.10` → `1.4.11`

Release Notes

better-auth/better-auth (better-auth)

`v1.4.11`

Compare Source

🚀 Features

Add auth.api.verifyPassword - by @SaviruFr and @himself65 in #6934 (c0414)
anonymous: Delete anonymous user endpoint - by @ping-maxwell in #6377 (cf2b3)
generic-oauth: Add Gumroad login support - by @ptaberg and @himself65 in #7100 (3c5d5)
saml: Reject SAML responses containing multiple assertions - by @Paola3stefania and Alexander Asomba in #6836 (40a82)
stripe: Enhance stripe plugin with organization customer support - by @bytaesu and Cmion in #7142 (6937f)

🐞 Bug Fixes

Filter null values from dynamic trusted origins - by @bytaesu and @himself65 in #7080 (0e7a5)
Call hooks on change-email-verification flow - by @bytaesu in #7160 (740b2)
Clean up expired rate-limit entries on memory storage - by @ping-maxwell in #7161 (89567)
Set Location header on redirected responses - by @GautamBytes and @ping-maxwell in #6232 (59643)
anonymous:
- Prevent Convex cleanup from deleting fresh sessions - by @RodrigoRafaelSantos7 and @ping-maxwell in #5825 (5630b)
api-key:
- Remove strict length pre-check in verifyApiKey - by @GautamBytes and @ping-maxwell in #6259 (06db3)
- Remove double stringify/parse of metadata field - by @xiaoyu2er, @ping-maxwell and @himself65 in #7076 (4d769)
- Log key verification errors - by @ping-maxwell and @himself65 in #7174 (65ea3)
core:
- Detect dual module error - by @himself65 in #7097 (1baaa)
- Separate CSRF and origin checks - by @Paola3stefania and @himself65 in #7204 (35caa)
docs:
- Correct tos and policy types in oauth-provider - by @GautamBytes, Gautam Manchandani and @ping-maxwell in #7194 (8ec99)
email-otp:
- Call afterEmailVerification hook on verification - by @GautamBytes and Gautam Manchandani in #7121 (396d7)
email-verification:
- Sending email verification of another user fails with EMAIL_ALREADY_VERIFIED - by @ping-maxwell in #7215 (bb5d0)
mcp:
- Restore ctx.query from cookie in OAuth flow - by @bytaesu in #6974 (7bd13)
one-tap:
- Respect user dismiss actions in prompt retry logic - by @bytaesu in #7211 (eb8a5)
open-api:
- Correctly infer type for ZodDefault fields - by @MuzzaiyyanHussain and Taesu in #7150 (6fa91)
organization:
- Use opts pattern to enable hook injection - by @bytaesu in #7130 (53776)
passkey:
- Add error logs during client verification error - by @ping-maxwell in #7193 (28329)
prisma-adapter:
- Lift eq AND conditions to root so update detects unique where field - by @ping-maxwell in #7096 (b3241)
stripe:
- Improve error handling and subscriptionSuccess route - by @bytaesu in #7087 (14fc9)
- Pass metadata to subscription object in upgrade method - by @bytaesu in #7090 (d1c3a)
- Prevent duplicate subscription creation when a subscription already exists - by @bytaesu in #7104 (46ac1)
two-factor:
- Prisma issue - by @okisdev, @Bekacru, @ping-maxwell and ping-maxwell in #5347 (e4d72)
- Add missing POST endpoints to client pathMethods - by @theonlypal in #7284 (63d67)

View changes on GitHub

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [better-auth](https://better-auth.com) ([source](https://github.com/better-auth/better-auth/tree/HEAD/packages/better-auth)) | [`1.4.10` → `1.4.11`](https://renovatebot.com/diffs/npm/better-auth/1.4.10/1.4.11) | ![age](https://developer.mend.io/api/mc/badges/age/npm/better-auth/1.4.11?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/better-auth/1.4.10/1.4.11?slim=true) | --- ### Release Notes <details> <summary>better-auth/better-auth (better-auth)</summary> ### [`v1.4.11`](https://github.com/better-auth/better-auth/releases/tag/v1.4.11) [Compare Source](https://github.com/better-auth/better-auth/compare/v1.4.10...v1.4.11) ##### 🚀 Features - Add `auth.api.verifyPassword` - by [@SaviruFr](https://github.com/SaviruFr) and [@himself65](https://github.com/himself65) in [#6934](https://github.com/better-auth/better-auth/issues/6934) [<samp>(c0414)</samp>](https://github.com/better-auth/better-auth/commit/c0414de9c) - **anonymous**: Delete anonymous user endpoint - by [@ping-maxwell](https://github.com/ping-maxwell) in [#6377](https://github.com/better-auth/better-auth/issues/6377) [<samp>(cf2b3)</samp>](https://github.com/better-auth/better-auth/commit/cf2b3786d) - **generic-oauth**: Add `Gumroad` login support - by [@ptaberg](https://github.com/ptaberg) and [@himself65](https://github.com/himself65) in [#7100](https://github.com/better-auth/better-auth/issues/7100) [<samp>(3c5d5)</samp>](https://github.com/better-auth/better-auth/commit/3c5d59a90) - **saml**: Reject SAML responses containing multiple assertions - by [@Paola3stefania](https://github.com/Paola3stefania) and **Alexander Asomba** in [#6836](https://github.com/better-auth/better-auth/issues/6836) [<samp>(40a82)</samp>](https://github.com/better-auth/better-auth/commit/40a821872) - **stripe**: Enhance stripe plugin with organization customer support - by [@bytaesu](https://github.com/bytaesu) and **Cmion** in [#7142](https://github.com/better-auth/better-auth/issues/7142) [<samp>(6937f)</samp>](https://github.com/better-auth/better-auth/commit/6937f620c) ##### 🐞 Bug Fixes - Filter null values from dynamic trusted origins - by [@bytaesu](https://github.com/bytaesu) and [@himself65](https://github.com/himself65) in [#7080](https://github.com/better-auth/better-auth/issues/7080) [<samp>(0e7a5)</samp>](https://github.com/better-auth/better-auth/commit/0e7a55b26) - Call hooks on `change-email-verification` flow - by [@bytaesu](https://github.com/bytaesu) in [#7160](https://github.com/better-auth/better-auth/issues/7160) [<samp>(740b2)</samp>](https://github.com/better-auth/better-auth/commit/740b21bab) - Clean up expired rate-limit entries on memory storage - by [@ping-maxwell](https://github.com/ping-maxwell) in [#7161](https://github.com/better-auth/better-auth/issues/7161) [<samp>(89567)</samp>](https://github.com/better-auth/better-auth/commit/89567412a) - Set Location header on redirected responses - by [@GautamBytes](https://github.com/GautamBytes) and [@ping-maxwell](https://github.com/ping-maxwell) in [#6232](https://github.com/better-auth/better-auth/issues/6232) [<samp>(59643)</samp>](https://github.com/better-auth/better-auth/commit/59643e067) - **anonymous**: - Prevent Convex cleanup from deleting fresh sessions - by [@RodrigoRafaelSantos7](https://github.com/RodrigoRafaelSantos7) and [@ping-maxwell](https://github.com/ping-maxwell) in [#5825](https://github.com/better-auth/better-auth/issues/5825) [<samp>(5630b)</samp>](https://github.com/better-auth/better-auth/commit/5630b50cf) - **api-key**: - Remove strict length pre-check in `verifyApiKey` - by [@GautamBytes](https://github.com/GautamBytes) and [@ping-maxwell](https://github.com/ping-maxwell) in [#6259](https://github.com/better-auth/better-auth/issues/6259) [<samp>(06db3)</samp>](https://github.com/better-auth/better-auth/commit/06db3ec6a) - Remove double stringify/parse of metadata field - by [@xiaoyu2er](https://github.com/xiaoyu2er), [@ping-maxwell](https://github.com/ping-maxwell) and [@himself65](https://github.com/himself65) in [#7076](https://github.com/better-auth/better-auth/issues/7076) [<samp>(4d769)</samp>](https://github.com/better-auth/better-auth/commit/4d769031e) - Log key verification errors - by [@ping-maxwell](https://github.com/ping-maxwell) and [@himself65](https://github.com/himself65) in [#7174](https://github.com/better-auth/better-auth/issues/7174) [<samp>(65ea3)</samp>](https://github.com/better-auth/better-auth/commit/65ea32356) - **core**: - Detect dual module error - by [@himself65](https://github.com/himself65) in [#7097](https://github.com/better-auth/better-auth/issues/7097) [<samp>(1baaa)</samp>](https://github.com/better-auth/better-auth/commit/1baaa9c81) - Separate CSRF and origin checks - by [@Paola3stefania](https://github.com/Paola3stefania) and [@himself65](https://github.com/himself65) in [#7204](https://github.com/better-auth/better-auth/issues/7204) [<samp>(35caa)</samp>](https://github.com/better-auth/better-auth/commit/35caa4324) - **docs**: - Correct tos and policy types in oauth-provider - by [@GautamBytes](https://github.com/GautamBytes), **Gautam Manchandani** and [@ping-maxwell](https://github.com/ping-maxwell) in [#7194](https://github.com/better-auth/better-auth/issues/7194) [<samp>(8ec99)</samp>](https://github.com/better-auth/better-auth/commit/8ec995ea8) - **email-otp**: - Call afterEmailVerification hook on verification - by [@GautamBytes](https://github.com/GautamBytes) and **Gautam Manchandani** in [#7121](https://github.com/better-auth/better-auth/issues/7121) [<samp>(396d7)</samp>](https://github.com/better-auth/better-auth/commit/396d7b427) - **email-verification**: - Sending email verification of another user fails with EMAIL\_ALREADY\_VERIFIED - by [@ping-maxwell](https://github.com/ping-maxwell) in [#7215](https://github.com/better-auth/better-auth/issues/7215) [<samp>(bb5d0)</samp>](https://github.com/better-auth/better-auth/commit/bb5d0c400) - **mcp**: - Restore ctx.query from cookie in OAuth flow - by [@bytaesu](https://github.com/bytaesu) in [#6974](https://github.com/better-auth/better-auth/issues/6974) [<samp>(7bd13)</samp>](https://github.com/better-auth/better-auth/commit/7bd13cab6) - **one-tap**: - Respect user dismiss actions in prompt retry logic - by [@bytaesu](https://github.com/bytaesu) in [#7211](https://github.com/better-auth/better-auth/issues/7211) [<samp>(eb8a5)</samp>](https://github.com/better-auth/better-auth/commit/eb8a5f49e) - **open-api**: - Correctly infer type for `ZodDefault` fields - by [@MuzzaiyyanHussain](https://github.com/MuzzaiyyanHussain) and **Taesu** in [#7150](https://github.com/better-auth/better-auth/issues/7150) [<samp>(6fa91)</samp>](https://github.com/better-auth/better-auth/commit/6fa91ae0d) - **organization**: - Use opts pattern to enable hook injection - by [@bytaesu](https://github.com/bytaesu) in [#7130](https://github.com/better-auth/better-auth/issues/7130) [<samp>(53776)</samp>](https://github.com/better-auth/better-auth/commit/537761e50) - **passkey**: - Add error logs during client verification error - by [@ping-maxwell](https://github.com/ping-maxwell) in [#7193](https://github.com/better-auth/better-auth/issues/7193) [<samp>(28329)</samp>](https://github.com/better-auth/better-auth/commit/28329d7db) - **prisma-adapter**: - Lift eq AND conditions to root so update detects unique where field - by [@ping-maxwell](https://github.com/ping-maxwell) in [#7096](https://github.com/better-auth/better-auth/issues/7096) [<samp>(b3241)</samp>](https://github.com/better-auth/better-auth/commit/b32419331) - **stripe**: - Improve error handling and `subscriptionSuccess` route - by [@bytaesu](https://github.com/bytaesu) in [#7087](https://github.com/better-auth/better-auth/issues/7087) [<samp>(14fc9)</samp>](https://github.com/better-auth/better-auth/commit/14fc9d339) - Pass metadata to subscription object in upgrade method - by [@bytaesu](https://github.com/bytaesu) in [#7090](https://github.com/better-auth/better-auth/issues/7090) [<samp>(d1c3a)</samp>](https://github.com/better-auth/better-auth/commit/d1c3aee78) - Prevent duplicate subscription creation when a subscription already exists - by [@bytaesu](https://github.com/bytaesu) in [#7104](https://github.com/better-auth/better-auth/issues/7104) [<samp>(46ac1)</samp>](https://github.com/better-auth/better-auth/commit/46ac1aa6d) - **two-factor**: - Prisma issue - by [@okisdev](https://github.com/okisdev), [@Bekacru](https://github.com/Bekacru), [@ping-maxwell](https://github.com/ping-maxwell) and **ping-maxwell** in [#5347](https://github.com/better-auth/better-auth/issues/5347) [<samp>(e4d72)</samp>](https://github.com/better-auth/better-auth/commit/e4d7250c0) - Add missing POST endpoints to client pathMethods - by [@theonlypal](https://github.com/theonlypal) in [#7284](https://github.com/better-auth/better-auth/issues/7284) [<samp>(63d67)</samp>](https://github.com/better-auth/better-auth/commit/63d672141) ##### [View changes on GitHub](https://github.com/better-auth/better-auth/compare/v1.4.10...v1.4.11) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Renovate-Clanker added 1 commit 2026-01-12 11:02:00 +00:00

chore(deps): update dependency better-auth to v1.4.11 8fff196bcb

Renovate-Clanker scheduled this pull request to auto merge when all checks succeed 2026-01-12 11:02:00 +00:00

Renovate-Clanker merged commit cec15bb57b into main

2026-01-12 11:02:01 +00:00

Renovate-Clanker deleted branch renovate/all-dependencies

2026-01-12 11:02:01 +00:00

Renovate-Clanker referenced this issue from a commit

2026-01-12 11:02:02 +00:00

Merge pull request 'chore(deps): update dependency better-auth to v1.4.11' (#35) from renovate/all-dependencies into main

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: bagas/tunnel-please-frontend#35