v1.5.1-beta.4

   🚀 Features

• Agent auth plugin  -  by @Bekacru in https://github.com/better-auth/better-auth/issues/8696 <samp>(5648b)</samp>
• core:
  • Add experimental opentelemetry instrumentation  -  by @jonathansamines and @bytaesu in https://github.com/better-auth/better-auth/issues/8027 <samp>(e42ea)</samp>
• email-otp:
  • Add resendStrategy option to reuse existing OTP  -  by @bytaesu in https://github.com/better-auth/better-auth/issues/8560 <samp>(bbe1a)</samp>
• haveibeenpwned:
  • Add enable option  -  by @aarmful and Taesu in https://github.com/better-auth/better-auth/issues/8728 <samp>(df9ab)</samp>
• magic-link:
  • Add request metadata to sendMagicLink  -  by @mrgrauel in https://github.com/better-auth/better-auth/issues/8571 <samp>(230cf)</samp>
• mongo-adapter:
  • Store UUIDs as native BSON UUID  -  by @bytaesu in https://github.com/better-auth/better-auth/issues/8681 <samp>(3aa10)</samp>
• oauth-provider:
  • Pairwise subject identifiers (OIDC Core §8)  -  by @gustavovalverde and @himself65 in https://github.com/better-auth/better-auth/issues/8292 <samp>(ab7ec)</samp>
  • Public client prelogin endpoint  -  by @dvanmali in https://github.com/better-auth/better-auth/issues/8214 <samp>(20e45)</samp>
• oauth-proxy:
  • Add dedicated secret option to reduce shared key exposure surface  -  by @bytaesu in https://github.com/better-auth/better-auth/issues/8699 <samp>(faffb)</samp>
• organization:
  • Explicit organizationId in team endpoints  -  by @xiaoyu2er and @himself65 in https://github.com/better-auth/better-auth/issues/5062 <samp>(5d60d)</samp>
• social-provider:
  • Add wechat social provider  -  by @Eric-Song-Nop, Claude and @himself65 in https://github.com/better-auth/better-auth/issues/5189 <samp>(6061b)</samp>
• sso:
  • Add logging for when code validation fails in oidc callback  -  by @OscarCornish in https://github.com/better-auth/better-auth/issues/8693 <samp>(ac954)</samp>
• stripe:
  • Allow customizable prorationBehavior per plan  -  by @bytaesu in https://github.com/better-auth/better-auth/issues/8525 <samp>(9fdd6)</samp>
• test-utils:
  • Export adapter test suites from @better-auth/test-utils/adapter  -  by @bytaesu in https://github.com/better-auth/better-auth/issues/8564 <samp>(6578b)</samp>
• two-factor:
  • Add twoFactorPage in config  -  by @wuzgood98 in https://github.com/better-auth/better-auth/issues/5329 <samp>(caa9f)</samp>

   🐞 Bug Fixes

• Access control indexing type  -  by @YevheniiKotyrlo and @himself65 in https://github.com/better-auth/better-auth/issues/8155 <samp>(47bba)</samp>
• Prevent double encoded cookie  -  by @Oluwatobi-Mustapha and @himself65 in https://github.com/better-auth/better-auth/issues/8133 <samp>(49921)</samp>
• Move adapter packages to dependencies to fix missing module errors  -  by @himself65 in https://github.com/better-auth/better-auth/issues/8401 <samp>(27c4c)</samp>
• Pass user field through idToken sign-in body for Apple name support  -  by @bytaesu and Copilot in https://github.com/better-auth/better-auth/issues/8417 <samp>(d8139)</samp>
• Preserve custom session fields on focus refresh  -  by @jslno in https://github.com/better-auth/better-auth/issues/8354 <samp>(5e49c)</samp>
• Throw on duplicate email when autoSignIn: false without requireEmailVerification  -  by @himself65 in https://github.com/better-auth/better-auth/issues/8521 <samp>(f72e2)</samp>
• Add origin check middleware to password reset request  -  by @jslno in https://github.com/better-auth/better-auth/issues/8392 <samp>(271af)</samp>
• Handle skipOriginCheck array  -  by @jslno in https://github.com/better-auth/better-auth/issues/8582 <samp>(92895)</samp>
• Resolve duplicate operationId in admin plugin endpoints  -  by @Sigmabrogz and Sigmabrogz in https://github.com/better-auth/better-auth/issues/8570 <samp>(3f75e)</samp>
• Misleading rate limit IP warning  -  by @GautamBytes in https://github.com/better-auth/better-auth/issues/8617 <samp>(ae861)</samp>
• Prevent revoked sessions from being restored via database fallback  -  by @bytaesu in https://github.com/better-auth/better-auth/issues/8708 <samp>(767f1)</samp>
• Set stateless cookieCache maxAge to match session expiresIn  -  by @himself65 in https://github.com/better-auth/better-auth/issues/8648 <samp>(c8617)</samp>
• account:
  • Use accountId instead of id in accountInfo endpoint  -  by @NathanColosimo and @himself65 in https://github.com/better-auth/better-auth/issues/8346 <samp>(f9b8a)</samp>
• adapters:
  • Restore deprecated createAdapter and type exports for backcompat  -  by @himself65 in https://github.com/better-auth/better-auth/issues/8461 <samp>(096d9)</samp>
  • Use IS NULL / IS NOT NULL for null value comparisons  -  by @olliethedev in https://github.com/better-auth/better-auth/issues/8660 <samp>(8682b)</samp>
• api:
  • Return Response for HTTP request contexts  -  by @gustavovalverde in https://github.com/better-auth/better-auth/issues/7521 <samp>(8304f)</samp>
• blog:
  • Fix RSS feed link path, image path and blog date  -  by @0-Sandy in https://github.com/better-auth/better-auth/issues/8483 <samp>(18e95)</samp>
• cli:
  • Resolve path aliases from extended tsconfig files  -  by @himself65 in https://github.com/better-auth/better-auth/issues/8520 <samp>(b5e22)</samp>
  • Treat omitted required as true in Drizzle and Prisma generators  -  by @bytaesu in https://github.com/better-auth/better-auth/issues/8614 <samp>(b0069)</samp>
• client:
  • Preserve stale session data on network or server errors  -  by @bytaesu in https://github.com/better-auth/better-auth/issues/8437 <samp>(b18b4)</samp>
  • Handle throw:true in session refresh  -  by @bytaesu in https://github.com/better-auth/better-auth/issues/8610 <samp>(f0c1a)</samp>
• core:
  • Prioritize generateId "uuid" over adapter customIdGenerator  -  by @bytaesu in https://github.com/better-auth/better-auth/issues/8679 <samp>(05565)</samp>
• db:
  • Use CREATE INDEX for postgres migration  -  by @himself65 in https://github.com/better-auth/better-auth/issues/8538 <samp>(a980b)</samp>
• docs:
  • Improve AI chat security and cleanup  -  by @himself65 in https://github.com/better-auth/better-auth/issues/8597 <samp>(a1a97)</samp>
  • Add missing Encore icon to sidebar icons  -  by @himself65 in https://github.com/better-auth/better-auth/issues/8663 <samp>(169c2)</samp>
• electron:
  • Handle safeStorage encryption failures gracefully  -  by @jslno in https://github.com/better-auth/better-auth/issues/8530 <samp>(b3330)</samp>
• expo:
  • Handle origin override across mutable and immutable requests  -  by @NathanColosimo, Taesu and @bytaesu in https://github.com/better-auth/better-auth/issues/8405 <samp>(44ee8)</samp>
• last-login-method:
  • Normalize missing resolver path  -  by @mrgrauel in https://github.com/better-auth/better-auth/issues/8589 <samp>(d198a)</samp>
• oauth-provider:
  • CustomIdTokenClaims should override standard claims  -  by @gustavovalverde in https://github.com/better-auth/better-auth/issues/7865 <samp>(c5983)</samp>
  • Avoid fetch redirect CORS after login  -  by @GautamBytes in https://github.com/better-auth/better-auth/issues/8519 <samp>(f46a6)</samp>
  • Support prompt=none  -  by @dvanmali in https://github.com/better-auth/better-auth/issues/8554 <samp>(54216)</samp>
  • Improve allowed paths for oauth_query for client plugin  -  by @dvanmali in https://github.com/better-auth/better-auth/issues/8320 <samp>(40e76)</samp>
  • Fix dist declaration type errors  -  by @gustavovalverde in https://github.com/better-auth/better-auth/issues/8701 <samp>(c41fa)</samp>
• oidc-provider:
  • Validate redirect_uri for prompt=none  -  by @jslno in https://github.com/better-auth/better-auth/issues/8398 <samp>(9dff8)</samp>
• one-tap:
  • Opt into FedCM to suppress Google GSI deprecation warnings  -  by @himself65 in https://github.com/better-auth/better-auth/issues/8720 <samp>(c2cbb)</samp>
• organization:
  • Handle multi-role users in invite and member removal checks  -  by @himself65 and Copilot Autofix powered by AI in https://github.com/better-auth/better-auth/issues/8442 <samp>(6559c)</samp>
  • Filter null organizations in listUserInvitations  -  by @raihanbrillmark and Raihan Sharif in https://github.com/better-auth/better-auth/issues/8694 <samp>(06e38)</samp>
• prisma-adapter:
  • Use deleteMany when deleting by non-unique field  -  by @himself65 in https://github.com/better-auth/better-auth/issues/8314 <samp>(c9b9c)</samp>
  • Fall back to updateMany for non-unique updates  -  by @himself65 in https://github.com/better-auth/better-auth/issues/8524 <samp>(a5c12)</samp>
• sso:
  • Use internalAdapter for verification operations  -  by @himself65 in https://github.com/better-auth/better-auth/issues/8353 <samp>(bd980)</samp>
  • Handle bare domains in domain verification  -  by @himself65 in https://github.com/better-auth/better-auth/issues/8369 <samp>(71c3a)</samp>
  • Use namespace import for samlify to fix ESM compatibility  -  by @himself65 in https://github.com/better-auth/better-auth/issues/8697 <samp>(a6763)</samp>
  • Skip state cookie check for SAML ACS cross-site POST  -  by @bytaesu in https://github.com/better-auth/better-auth/issues/8735 <samp>(b647e)</samp>
• stripe:
  • Replace {CHECKOUT_SESSION_ID} placeholder in success callbackURL  -  by @bytaesu in https://github.com/better-auth/better-auth/issues/8568 <samp>(db470)</samp>
  • Improve organization customer search by adding customerType check  -  by @bytaesu in https://github.com/better-auth/better-auth/issues/8609 <samp>(884e1)</samp>
• telemetry:
  • Use conditional exports to replace dynamic import hacks  -  by @himself65 in https://github.com/better-auth/better-auth/issues/8458 <samp>(c8628)</samp>
• two-factor:
  • Wire twoFactorTable option to schema modelName  -  by @himself65 in https://github.com/better-auth/better-auth/issues/8443 <samp>(a92a7)</samp>

    View changes on GitHub