JavaScript SDK

Patch Changes

• Updated dependencies [b0b6675]:
  • @clerk/shared@4.8.1
  • @clerk/backend@3.2.11
  • @clerk/react@6.4.1

Patch Changes

• Updated dependencies [b0b6675]:
  • @clerk/shared@4.8.1

Patch Changes

• Updated dependencies [b0b6675]:
  • @clerk/shared@4.8.1
  • @clerk/backend@3.2.11
  • @clerk/react@6.4.1

Patch Changes

• Updated dependencies [b0b6675]:
  • @clerk/shared@4.8.1
  • @clerk/localizations@4.5.1

Patch Changes

• Updated dependencies [b0b6675]:
  • @clerk/shared@4.8.1
  • @clerk/backend@3.2.11

Patch Changes

• Normalize URL paths in createPathMatcher to prevent route protection bypass (#8311) by @nikosdouvlis

Patch Changes

• Updated dependencies [b0b6675]:
  • @clerk/shared@4.8.1

Patch Changes

• Updated dependencies [b0b6675]:
  • @clerk/shared@4.8.1

Patch Changes

• Updated dependencies [b0b6675]:
  • @clerk/shared@4.8.1
  • @clerk/clerk-js@6.7.2
  • @clerk/react@6.4.1
  • @clerk/ui@1.6.1

Patch Changes

• Normalize URL paths in createPathMatcher to prevent route protection bypass (#8311) by @nikosdouvlis

• Updated dependencies [b0b6675]:

  • @clerk/shared@4.8.1
  • @clerk/backend@3.2.11

Patch Changes

• Updated dependencies [b0b6675]:
  • @clerk/shared@4.8.1
  • @clerk/backend@3.2.11

Patch Changes

• Normalize URL paths in createPathMatcher to prevent route protection bypass (#8311) by @nikosdouvlis

• Updated dependencies [b0b6675]:

  • @clerk/shared@4.8.1
  • @clerk/backend@3.2.11
  • @clerk/vue@2.0.14

Patch Changes

• Updated dependencies [b0b6675]:
  • @clerk/shared@4.8.1
  • @clerk/backend@3.2.11

Patch Changes

• Updated dependencies [b0b6675]:
  • @clerk/shared@4.8.1
  • @clerk/backend@3.2.11

Patch Changes

• Updated dependencies [b0b6675]:
  • @clerk/shared@4.8.1

Minor Changes

• Introduce internal <OAuthConsent /> component for rendering a zero-config OAuth consent screen on an OAuth authorize redirect page. (#8289) by @wobsoriano

  Usage example:

  import { OAuthConsent } from '@clerk/nextjs';
  
  export default function OAuthConsentPage() {
    return <OAuthConsent />;
  }

Patch Changes

• Updated dependencies [dc2de16]:
  • @clerk/react@6.4.0
  • @clerk/shared@4.8.0
  • @clerk/backend@3.2.10

Patch Changes

• • Fix iOS OAuth (SSO) sign-in failing silently when initiated from the forgot password screen of the inline <AuthView> component. (#8260) by @chriscanin

  • Fix Android <AuthView> getting stuck on the "Get help" screen after sign out via <UserProfileView>.

  • Fix a brief white flash when the inline <AuthView> first mounts on iOS.

• Updated dependencies [3fd586d, f9ff9e9]:

  • @clerk/clerk-js@6.7.0
  • @clerk/react@6.3.0
  • @clerk/shared@4.7.0

Minor Changes

• Introduce internal useOAuthConsent() hook for fetching OAuth consent screen metadata for the signed-in user. (#8286) by @jfoshee

Patch Changes

• Bump next devDependency to 15.5.15 to pick up the fix for CVE-2026-23869, a high-severity (CVSS 7.5) denial-of-service vulnerability in React Server Components. If you use the Next.js App Router, we recommend upgrading to Next.js 15.5.15 or 16.2.3. (#8257) by @renovate

• Updated dependencies [3fd586d, f9ff9e9]:

  • @clerk/react@6.3.0
  • @clerk/shared@4.7.0
  • @clerk/backend@3.2.9

Patch Changes

• Forward clockSkewInMs from clerkMiddleware() to backend authenticateRequest(). (#8287) by @jeremy-clerk

• Updated dependencies [3fd586d, f9ff9e9]:

  • @clerk/shared@4.7.0
  • @clerk/backend@3.2.9

Minor Changes

• Add OAuthApplication resource and getConsentInfo() method for retrieving OAuth consent information, enabling custom OAuth consent flows. (#8275) by @jfoshee

• Introduce internal useOAuthConsent() hook for fetching OAuth consent screen metadata for the signed-in user. (#8286) by @jfoshee

Patch Changes

• Updated dependencies [3fd586d, f9ff9e9]:
  • @clerk/shared@4.7.0