releases.shpreview
Clerk/JavaScript SDK

JavaScript SDK

$npx -y @buildinternet/releases show clerk-javascript-sdk
Mon
Wed
Fri
AprMayJunJulAugSepOctNovDecJanFebMarApr
Less
More
Releases216Avg66/moVersions@clerk/backend@3.2.2 → @clerk/clerk-js@6.7.4
Apr 17, 2026

Patch Changes

  • fix(clerk-js): Prevent background token refresh from destroying sessions on mobile (#8303) by @chriscanin

    On iOS, background thread throttling can starve the JS event loop for hours (e.g., overnight audio apps). When the SDK's background refresh timer eventually fires with stale credentials, the resulting 401 would trigger handleUnauthenticated() and destroy the session even though it's still valid on the server.

    Adds an early return in #refreshTokenInBackground(), gated to headless/mobile runtimes only (Expo sets runtimeEnvironment to 'headless'). If the token has already expired when the refresh timer fires, bail out instead of sending a request with stale credentials. The next foreground getToken() call handles token acquisition through the normal path with proper retry logic.

Patch Changes

  • Updated dependencies [ff5bd7d]:
    • @clerk/clerk-js@6.7.4
    • @clerk/react@6.4.2

Patch Changes

  • Updated dependencies [fcc6c0c]:
    • @clerk/backend@3.2.13
    • @clerk/react@6.4.2

Patch Changes

Patch Changes

  • Updated dependencies [fcc6c0c]:
    • @clerk/backend@3.2.13

Patch Changes

  • Updated dependencies [fcc6c0c]:
    • @clerk/backend@3.2.13

Patch Changes

  • Updated dependencies [fcc6c0c]:
    • @clerk/backend@3.2.13

Patch Changes

  • Updated dependencies [fcc6c0c]:
    • @clerk/backend@3.2.13

Patch Changes

  • Updated dependencies [fcc6c0c]:
    • @clerk/backend@3.2.13
    • @clerk/react@6.4.2

Patch Changes

  • Updated dependencies [fcc6c0c]:
    • @clerk/backend@3.2.13
    • @clerk/react@6.4.2

Patch Changes

Patch Changes

  • Fixed attrs type in custom UI components. (#8301) by @renovate

  • Updated dependencies [fcc6c0c]:

    • @clerk/backend@3.2.13
    • @clerk/vue@2.0.15

Patch Changes

  • Fix EnableOrganizationsPrompt in keyless mode: show "Claim your application" CTA instead of broken "Sign in to continue" when organizations are enabled on an unclaimed keyless app with no signed-in user. (#8341) by @mwickett

  • Use user.organizationMemberships from the already-loaded user object to populate the org select in the OAuth consent screen, avoiding a redundant memberships fetch. (#8350) by @wobsoriano

  • Correctly display IP redirect URIs in OAuth consent. (#8342) by @wobsoriano

  • Add scroll-driven fade overlays to ListGroupContent in the OAuthConsent component so overflowing scope lists visually indicate more content above and below. (#8339) by @alexcarpenter

Patch Changes

  • Updated dependencies [fcc6c0c]:
    • @clerk/backend@3.2.13
Apr 16, 2026

Patch Changes

Patch Changes

  • Add infinite loading to organization selection in <OAuthConsent />. (#8309) by @wobsoriano

  • Fix OAuthConsent always redirecting to sign-in by adopting the AuthenticatedRoutes pattern used by other full-page components (#8327) by @alexcarpenter

  • Updated dependencies [c7b0f47, 34762e8]:

    • @clerk/shared@4.8.2
    • @clerk/localizations@4.5.2

Patch Changes

Patch Changes

  • Introduce samlConnection and oauthConfig into the EnterpriseConnection resource. (#8326) by @LauraBeatris

  • The JWT claims are verified after the signature to avoid leaking information through error messages on forged tokens. (#8332) by @dominic-clerk

  • Updated dependencies [c7b0f47, 34762e8]:

    • @clerk/shared@4.8.2

Patch Changes

Patch Changes

Previous123Next
Latest
@clerk/clerk-js@6.7.4
Source
@clerk/javascript
Tracking Since
Mar 20, 2026
Last fetched Apr 19, 2026
.json·.md·.atom