chore(deps): bump better-auth from 1.0.18 to 1.1.21

[dependabot[bot]]

Bumps better-auth from 1.0.18 to 1.1.21.

Release notes

Sourced from better-auth's releases.

v1.1.21

   🐞 Bug Fixes

• open-api: Add authentication schemes  -  by @​Bekacru (ee0d6)
• origin-check: Add tests for callback URLs with malicious patterns  -  by @​Bekacru (b381c)

    View changes on GitHub

v1.1.21-beta.1

   🚀 Features

• Cleanup expired verification data on fetch  -  by @​Bekacru in better-auth/better-auth#1110 (1a492)
• Disable default scopes and allow scopes to be passed on request  -  by @​Bekacru in better-auth/better-auth#1240 (4ba72)
• Move to better call version 1  -  by @​Bekacru in better-auth/better-auth#1402 (46dfc)
• Captcha Plugin with multiple providers  -  by @​0scrm in better-auth/better-auth#957 (363ca)
• Add VK ID social provider  -  by @​nukhtarov and @​Bekacru in better-auth/better-auth#1013 (700d3)
• Implement JWT token generation and retrieval with encryption support  -  by @​Bekacru (1a482)
• Check organization slug  -  by @​Bekacru in better-auth/better-auth#1201 (51e2b)
• Support stroring dispaly username to store un-normalized username  -  by @​Bekacru in better-auth/better-auth#1204 (047d6)
• Add Roblox social provider  -  by @​D3visionNL and @​Bekacru in better-auth/better-auth#1249 (e6470)
• Add total users table/collection count to admin plugin list-users endpoint  -  by @​D3visionNL and Kinfe123 in better-auth/better-auth#1258 (d28e4)
• Add context to database hooks  -  by @​kzlar in better-auth/better-auth#1180 (63fbd)
• Base64 conversion without Buffer  -  by @​BlankParticle in better-auth/better-auth#1523 (27401)
• Add cloudflare worker basic tests  -  by @​BlankParticle in better-auth/better-auth#1524 (d7f66)
• Add access control to admin plugin  -  by @​jslno in better-auth/better-auth#1424 (61212)
• admin:
  • Add adminUserIds option for custom admin access control  -  by @​Bekacru (2020e)
• mongodb-adapter:
  • Support custom ID generation in MongoDB adapter  -  by @​Bekacru in better-auth/better-auth#1444 (abd58)
• oidc:
  • Allow header auth for token endpoint  -  by @​t3duk in better-auth/better-auth#1484 (15f97)
• one-tap:
  • Improve Google One Tap integration with JWT verification and improved prompt handling  -  by @​Bekacru in better-auth/better-auth#1452 (8a08a)
  • Implement account linking  -  by @​Bekacru (0a47a)
• organization:
  • Support multiple roles  -  by @​Bekacru in better-auth/better-auth#1037 (1971f)
• phone-number:
  • Add reset password functionality with phone number  -  by @​Bekacru in better-auth/better-auth#1202 (3766b)
• username:
  • Add default validation and options for validating username  -  by @​Bekacru in better-auth/better-auth#1345 (c4f20)

   🐞 Bug Fixes

• Update @​better-fetch/fetch to version 1.1.14-beta.2 and clean up client options  -  by @​Bekacru (29f2e)
• anonymous: Link account user and session type should be less strict  -  by @​Bekacru (11739)
• auth: Use options.baseURL instead of ctx.baseURL on trusted origins  -  by @​Bekacru (868a6)
• oidc-plugin: User info endpoint casing to match OIDC spec  -  by @​stephenlacy in better-auth/better-auth#1446 (8d9fa)
• one-tap: Update import path for generateRandomString to fix unsupported crypto import for react native  -  by @​Bekacru (73297)
• open-api: Convert path parameters to OpenAPI format  -  by @​Phanuwat-Pao in better-auth/better-auth#1437 (06419)
• origin-check: Add tests for callback URLs with malicious patterns  -  by @​Bekacru (b381c)

... (truncated)

Commits

• 4c5f0c2 chore: release v1.1.21
• ee0d6be fix(open-api): add authentication schemes
• ade3974 chore: release v1.1.21-beta.1
• b381cac fix(origin-check): add tests for callback URLs with malicious patterns
• ddebd03 chore: release v1.1.20
• da62e63 fix(session): include expiresAt in session data for HMAC verification
• 1fadaee chore: release v1.1.20-beta.5
• 790a942 chore: release v1.1.20-beta.4
• 795ff42 test(origin-check): add test for callback URL with double slashes
• 24659ae fix(origin-check): prevent URLs with double slashes from being trusted
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

[vercel[bot]]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
snippy-app	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Feb 24, 2025 8:52pm