@better-auth/core 1.4.2 → 1.4.4-beta.1

package/.turbo/turbo-build.log

@@ -1,13 +1,13 @@
 
-> @better-auth/core@1.4.2 build /home/runner/work/better-auth/better-auth/packages/core
+> @better-auth/core@1.4.4-beta.1 build /home/runner/work/better-auth/better-auth/packages/core
 > tsdown
 
-ℹ tsdown v0.16.5 powered by rolldown v1.0.0-beta.50
+ℹ tsdown v0.16.6 powered by rolldown v1.0.0-beta.51
 ℹ Using tsdown config: /home/runner/work/better-auth/better-auth/packages/core/tsdown.config.ts
 ℹ entry: src/index.ts, src/db/index.ts, src/db/adapter/index.ts, src/async_hooks/index.ts, src/context/index.ts, src/env/index.ts, src/oauth2/index.ts, src/api/index.ts, src/social-providers/index.ts, src/utils/index.ts, src/error/index.ts
 ℹ tsconfig: tsconfig.json
 ℹ Build start
-ℹ dist/social-providers/index.mjs     78.27 kB │ gzip: 10.18 kB
+ℹ dist/social-providers/index.mjs     79.87 kB │ gzip: 10.31 kB
 ℹ dist/db/index.mjs                    1.58 kB │ gzip:  0.49 kB
 ℹ dist/api/index.mjs                   0.83 kB │ gzip:  0.40 kB
 ℹ dist/context/index.mjs               0.74 kB │ gzip:  0.27 kB
@@ -18,16 +18,16 @@
 ℹ dist/utils/index.mjs                 0.09 kB │ gzip:  0.09 kB
 ℹ dist/db/adapter/index.mjs            0.01 kB │ gzip:  0.03 kB
 ℹ dist/index.mjs                       0.01 kB │ gzip:  0.03 kB
-ℹ dist/oauth2-DmgZmPEg.mjs             9.17 kB │ gzip:  2.13 kB
+ℹ dist/oauth2-B2XPHgx5.mjs             9.19 kB │ gzip:  2.13 kB
 ℹ dist/env-DwlNAN_D.mjs                7.67 kB │ gzip:  2.54 kB
 ℹ dist/context-DgQ9XGBl.mjs            3.89 kB │ gzip:  1.00 kB
 ℹ dist/error-BhAKg8LX.mjs              1.77 kB │ gzip:  0.79 kB
 ℹ dist/async_hooks-BfRfbd1J.mjs        0.87 kB │ gzip:  0.46 kB
 ℹ dist/utils-C5EN75oV.mjs              0.13 kB │ gzip:  0.12 kB
-ℹ dist/social-providers/index.d.mts    3.78 kB │ gzip:  1.16 kB
-ℹ dist/context/index.d.mts             3.05 kB │ gzip:  0.96 kB
+ℹ dist/social-providers/index.d.mts    3.87 kB │ gzip:  1.20 kB
+ℹ dist/context/index.d.mts             3.04 kB │ gzip:  0.96 kB
 ℹ dist/error/index.d.mts               1.84 kB │ gzip:  0.72 kB
-ℹ dist/db/index.d.mts                  1.01 kB │ gzip:  0.38 kB
+ℹ dist/db/index.d.mts                  1.01 kB │ gzip:  0.37 kB
 ℹ dist/index.d.mts                     0.87 kB │ gzip:  0.34 kB
 ℹ dist/utils/index.d.mts               0.84 kB │ gzip:  0.43 kB
 ℹ dist/oauth2/index.d.mts              0.79 kB │ gzip:  0.30 kB
@@ -35,8 +35,8 @@
 ℹ dist/db/adapter/index.d.mts          0.53 kB │ gzip:  0.25 kB
 ℹ dist/api/index.d.mts                 0.29 kB │ gzip:  0.16 kB
 ℹ dist/async_hooks/index.d.mts         0.14 kB │ gzip:  0.10 kB
-ℹ dist/index-BlxTbL2l.d.mts          205.91 kB │ gzip: 32.51 kB
+ℹ dist/index-B3xax_KQ.d.mts          207.91 kB │ gzip: 32.59 kB
 ℹ dist/index-CdubV7uy.d.mts            3.31 kB │ gzip:  1.11 kB
 ℹ dist/index-DgwIISs7.d.mts            0.24 kB │ gzip:  0.16 kB
-ℹ 31 files, total: 329.56 kB
-✔ Build complete in 4669ms
+ℹ 31 files, total: 333.26 kB
+✔ Build complete in 4495ms

package/dist/api/index.d.mts

@@ -1,3 +1,3 @@
-import { a as optionsMiddleware, i as createAuthMiddleware, n as AuthMiddleware, r as createAuthEndpoint, t as AuthEndpoint } from "../index-BlxTbL2l.mjs";
+import { a as optionsMiddleware, i as createAuthMiddleware, n as AuthMiddleware, r as createAuthEndpoint, t as AuthEndpoint } from "../index-B3xax_KQ.mjs";
 import "../index-CdubV7uy.mjs";
 export { AuthEndpoint, AuthMiddleware, createAuthEndpoint, createAuthMiddleware, optionsMiddleware };

package/dist/context/index.d.mts

@@ -1,4 +1,4 @@
-import { Wn as DBAdapter, Yn as DBTransactionAdapter, f as AuthContext } from "../index-BlxTbL2l.mjs";
+import { Qn as DBTransactionAdapter, f as AuthContext, qn as DBAdapter } from "../index-B3xax_KQ.mjs";
 import "../index-CdubV7uy.mjs";
 import { t as AsyncLocalStorage } from "../index-DgwIISs7.mjs";
 import { EndpointContext, InputContext } from "better-call";
@@ -12,7 +12,7 @@ type AuthEndpointContext = Partial<InputContext<string, any> & EndpointContext<s
  *
  * It is exposed for advanced use cases where you need direct access to the AsyncLocalStorage instance.
  */
-declare function getCurrentAuthContextAsyncLocalStorage(): Promise<AsyncLocalStorage<AuthEndpointContext>>;
+declare function getCurrentAuthContextAsyncLocalStorage(): Promise<AsyncLocalStorage<any>>;
 declare function getCurrentAuthContext(): Promise<AuthEndpointContext>;
 declare function runWithEndpointContext<T>(context: AuthEndpointContext, fn: () => T): Promise<T>;
 //#endregion

package/dist/db/adapter/index.d.mts

@@ -1,3 +1,3 @@
-import { Gn as DBAdapterDebugLogOption, Hn as CleanedWhere, Jn as DBAdapterSchemaCreation, Kn as DBAdapterFactoryConfig, Qn as Where, Un as CustomAdapter, Wn as DBAdapter, Xn as JoinConfig, Yn as DBTransactionAdapter, Zn as JoinOption, qn as DBAdapterInstance } from "../../index-BlxTbL2l.mjs";
+import { $n as JoinConfig, Gn as CleanedWhere, Jn as DBAdapterDebugLogOption, Kn as CustomAdapter, Qn as DBTransactionAdapter, Xn as DBAdapterInstance, Yn as DBAdapterFactoryConfig, Zn as DBAdapterSchemaCreation, er as JoinOption, qn as DBAdapter, tr as Where } from "../../index-B3xax_KQ.mjs";
 import "../../index-CdubV7uy.mjs";
 export { CleanedWhere, CustomAdapter, DBAdapter, DBAdapterDebugLogOption, DBAdapterFactoryConfig, DBAdapterInstance, DBAdapterSchemaCreation, DBTransactionAdapter, JoinConfig, JoinOption, Where };

package/dist/db/index.d.mts

@@ -1,3 +1,3 @@
-import { $n as AuthPluginSchema, Cr as SecondaryStorage, Sr as DBPrimitive, _r as BetterAuthDBSchema, ar as Verification, br as DBFieldType, cr as userSchema, dr as sessionSchema, er as BetterAuthDbSchema, fr as RateLimit, gr as BetterAuthPluginDBSchema, hr as accountSchema, ir as Primitive, lr as coreSchema, mr as Account, nr as FieldAttributeConfig, or as verificationSchema, pr as rateLimitSchema, rr as FieldType, sr as User, tr as FieldAttribute, ur as Session, vr as DBFieldAttribute, xr as DBPreservedModels, yr as DBFieldAttributeConfig } from "../index-BlxTbL2l.mjs";
+import { Cr as DBFieldType, Er as SecondaryStorage, Sr as DBFieldAttributeConfig, Tr as DBPrimitive, _r as Account, ar as FieldAttributeConfig, br as BetterAuthDBSchema, cr as Verification, dr as userSchema, fr as coreSchema, gr as rateLimitSchema, hr as RateLimit, ir as FieldAttribute, lr as verificationSchema, mr as sessionSchema, nr as AuthPluginSchema, or as FieldType, pr as Session, rr as BetterAuthDbSchema, sr as Primitive, ur as User, vr as accountSchema, wr as DBPreservedModels, xr as DBFieldAttribute, yr as BetterAuthPluginDBSchema } from "../index-B3xax_KQ.mjs";
 import "../index-CdubV7uy.mjs";
 export { Account, AuthPluginSchema, BetterAuthDBSchema, BetterAuthDbSchema, BetterAuthPluginDBSchema, DBFieldAttribute, DBFieldAttributeConfig, DBFieldType, DBPreservedModels, DBPrimitive, FieldAttribute, FieldAttributeConfig, FieldType, Primitive, RateLimit, SecondaryStorage, Session, User, Verification, accountSchema, coreSchema, rateLimitSchema, sessionSchema, userSchema, verificationSchema };

package/dist/{index-BlxTbL2l.d.mts → index-B3xax_KQ.d.mts}

@@ -2,7 +2,6 @@ import { i as Logger, o as createLogger } from "./index-CdubV7uy.mjs";
 import * as z from "zod";
 import { BetterFetch, BetterFetchOption, BetterFetchPlugin } from "@better-fetch/fetch";
 import * as jose0 from "jose";
-import * as better_call0 from "better-call";
 import { CookieOptions, Endpoint, EndpointContext, EndpointOptions, InputContext, Middleware } from "better-call";
 import { StandardSchemaV1, StandardSchemaV1 as StandardSchemaV1$1 } from "@standard-schema/spec";
 import { Database } from "bun:sqlite";
@@ -1010,7 +1009,7 @@ declare function createAuthorizationURL({
   authorizationEndpoint: string;
   state: string;
   codeVerifier?: string | undefined;
-  scopes: string[];
+  scopes?: string[] | undefined;
   claims?: string[] | undefined;
   duration?: string | undefined;
   prompt?: string | undefined;
@@ -4159,6 +4158,66 @@ declare const polar: (options: PolarOptions) => {
   options: PolarOptions;
 };
 //#endregion
+//#region src/social-providers/vercel.d.ts
+interface VercelProfile {
+  sub: string;
+  name?: string;
+  preferred_username?: string;
+  email?: string;
+  email_verified?: boolean;
+  picture?: string;
+}
+interface VercelOptions extends ProviderOptions<VercelProfile> {
+  clientId: string;
+}
+declare const vercel: (options: VercelOptions) => {
+  id: "vercel";
+  name: string;
+  createAuthorizationURL({
+    state,
+    scopes,
+    codeVerifier,
+    redirectURI
+  }: {
+    state: string;
+    codeVerifier: string;
+    scopes?: string[] | undefined;
+    redirectURI: string;
+    display?: string | undefined;
+    loginHint?: string | undefined;
+  }): Promise<URL>;
+  validateAuthorizationCode: ({
+    code,
+    codeVerifier,
+    redirectURI
+  }: {
+    code: string;
+    redirectURI: string;
+    codeVerifier?: string | undefined;
+    deviceId?: string | undefined;
+  }) => Promise<OAuth2Tokens>;
+  getUserInfo(token: OAuth2Tokens & {
+    user?: {
+      name?: {
+        firstName?: string;
+        lastName?: string;
+      };
+      email?: string;
+    } | undefined;
+  }): Promise<{
+    user: {
+      id: string;
+      name?: string;
+      email?: string | null;
+      image?: string;
+      emailVerified: boolean;
+      [key: string]: any;
+    };
+    data: any;
+  } | null>;
+  options: VercelOptions;
+};
+//#endregion
 //#region src/social-providers/index.d.ts
 declare const socialProviders: {
   apple: (options: AppleOptions) => {
@@ -5788,6 +5847,53 @@ declare const socialProviders: {
     } | null>;
     options: PolarOptions;
   };
+  vercel: (options: VercelOptions) => {
+    id: "vercel";
+    name: string;
+    createAuthorizationURL({
+      state,
+      scopes,
+      codeVerifier,
+      redirectURI
+    }: {
+      state: string;
+      codeVerifier: string;
+      scopes?: string[] | undefined;
+      redirectURI: string;
+      display?: string | undefined;
+      loginHint?: string | undefined;
+    }): Promise<URL>;
+    validateAuthorizationCode: ({
+      code,
+      codeVerifier,
+      redirectURI
+    }: {
+      code: string;
+      redirectURI: string;
+      codeVerifier?: string | undefined;
+      deviceId?: string | undefined;
+    }) => Promise<OAuth2Tokens>;
+    getUserInfo(token: OAuth2Tokens & {
+      user?: {
+        name?: {
+          firstName?: string;
+          lastName?: string;
+        };
+        email?: string;
+      } | undefined;
+    }): Promise<{
+      user: {
+        id: string;
+        name?: string;
+        email?: string | null;
+        image?: string;
+        emailVerified: boolean;
+        [key: string]: any;
+      };
+      data: any;
+    } | null>;
+    options: VercelOptions;
+  };
 };
 declare const socialProviderList: ["github", ...(keyof typeof socialProviders)[]];
 declare const SocialProviderListEnum: z.ZodType<SocialProviderList[number] | (string & {})>;
@@ -6111,6 +6217,19 @@ type BetterAuthAdvancedOptions = {
      */
     generateId?: GenerateIdFn | false | "serial" | "uuid";
   } | undefined;
+  /**
+   * Trusted proxy headers
+   *
+    * - `x-forwarded-host`
+   * - `x-forwarded-proto`
+   *
+   * If set to `true` and no `baseURL` option is provided, we will use the headers to infer the
+   * base URL.
+   *
+   * ⚠︎ This may expose your application to security vulnerabilities if not
+   * used correctly. Please use this with caution.
+   */
+  trustedProxyHeaders?: boolean | undefined;
 };
 type BetterAuthOptions = {
   /**
@@ -7336,21 +7455,10 @@ interface BetterAuthClientPlugin {
 }
 //#endregion
 //#region src/api/index.d.ts
-declare const optionsMiddleware: <InputCtx extends better_call0.MiddlewareInputContext<better_call0.MiddlewareOptions>>(inputContext: InputCtx) => Promise<AuthContext>;
-declare const createAuthMiddleware: {
-  <Options extends better_call0.MiddlewareOptions, R>(options: Options, handler: (ctx: better_call0.MiddlewareContext<Options, AuthContext & {
-    returned?: unknown | undefined;
-    responseHeaders?: Headers | undefined;
-  }>) => Promise<R>): (inputContext: better_call0.MiddlewareInputContext<Options>) => Promise<R>;
-  <Options extends better_call0.MiddlewareOptions, R_1>(handler: (ctx: better_call0.MiddlewareContext<Options, AuthContext & {
-    returned?: unknown | undefined;
-    responseHeaders?: Headers | undefined;
-  }>) => Promise<R_1>): (inputContext: better_call0.MiddlewareInputContext<Options>) => Promise<R_1>;
-};
-declare const createAuthEndpoint: <Path extends string, Opts extends EndpointOptions, R>(path: Path, options: Opts, handler: (ctx: EndpointContext<Path, Opts, AuthContext>) => Promise<R>) => better_call0.StrictEndpoint<Path, Opts & {
-  use: any[];
-}, R>;
+declare const optionsMiddleware: any;
+declare const createAuthMiddleware: any;
+declare const createAuthEndpoint: <Path extends string, Opts extends EndpointOptions, R>(path: Path, options: Opts, handler: (ctx: EndpointContext<Path, Opts, AuthContext>) => Promise<R>) => any;
 type AuthEndpoint = ReturnType<typeof createAuthEndpoint>;
 type AuthMiddleware = ReturnType<typeof createAuthMiddleware>;
 //#endregion
-export { PronounOption as $, AuthPluginSchema as $n, MicrosoftOptions as $t, PayPalOptions as A, validateToken as An, kick as At, line as B, OAuthProvider as Bn, SpotifyOptions as Bt, SocialProviderListEnum as C, apple as Cn, SecondaryStorage as Cr, linkedin as Ct, PolarOptions as D, BetterAuthCookies as Dn, linear as Dt, socialProviders as E, LiteralUnion as En, LinearUser as Et, PaybinProfile as F, createAuthorizationURL as Fn, TwitterProfile as Ft, KakaoProfile as G, DBAdapterDebugLogOption as Gn, slack as Gt, NaverProfile as H, CleanedWhere as Hn, spotify as Ht, paybin as I, clientCredentialsToken as In, twitter as It, NotionProfile as J, DBAdapterSchemaCreation as Jn, huggingface as Jt, kakao as K, DBAdapterFactoryConfig as Kn, HuggingFaceOptions as Kt, LineIdTokenPayload as L, createClientCredentialsTokenRequest as Ln, TwitchOptions as Lt, PayPalTokenResponse as M, getOAuth2Tokens as Mn, DropboxProfile as Mt, paypal as N, createRefreshAccessTokenRequest as Nn, dropbox as Nt, PolarProfile as O, createAuthorizationCodeRequest as On, KickOptions as Ot, PaybinOptions as P, refreshAccessToken as Pn, TwitterOption as Pt, PhoneNumber as Q, Where as Qn, MicrosoftEntraIDProfile as Qt, LineOptions as R, OAuth2Tokens as Rn, TwitchProfile as Rt, SocialProviderList as S, AppleProfile as Sn, DBPrimitive as Sr, LinkedInProfile as St, socialProviderList as T, LiteralString as Tn, LinearProfile as Tt, naver as U, CustomAdapter as Un, SlackOptions as Ut, NaverOptions as V, ProviderOptions as Vn, SpotifyProfile as Vt, KakaoOptions as W, DBAdapter as Wn, SlackProfile as Wt, AccountStatus as X, JoinConfig as Xn, GoogleProfile as Xt, notion as Y, DBTransactionAdapter as Yn, GoogleOptions as Yt, LoginType as Z, JoinOption as Zn, google as Zt, BetterAuthRateLimitOptions as _, AtlassianOptions as _n, BetterAuthDBSchema as _r, tiktok as _t, optionsMiddleware as a, FigmaProfile as an, Verification as ar, vk as at, HookEndpointContext as b, AppleNonConformUser as bn, DBFieldType as br, gitlab as bt, BetterAuthClientPlugin as c, FacebookProfile as cn, userSchema as cr, salesforce as ct, ClientStore as d, DiscordProfile as dn, sessionSchema as dr, roblox as dt, microsoft as en, BetterAuthDbSchema as er, ZoomOptions as et, AuthContext as f, discord as fn, RateLimit as fr, RedditOptions as ft, BetterAuthOptions as g, getCognitoPublicKey as gn, BetterAuthPluginDBSchema as gr, TiktokProfile as gt, BetterAuthAdvancedOptions as h, cognito as hn, accountSchema as hr, TiktokOptions as ht, createAuthMiddleware as i, FigmaOptions as in, Primitive$1 as ir, VkProfile as it, PayPalProfile as j, generateCodeChallenge as jn, DropboxOptions as jt, polar as k, validateAuthorizationCode as kn, KickProfile as kt, ClientAtomListener as l, facebook as ln, coreSchema as lr, RobloxOptions as lt, InternalAdapter as m, CognitoProfile as mn, Account as mr, reddit as mt, AuthMiddleware as n, GithubProfile as nn, FieldAttributeConfig as nr, zoom as nt, StandardSchemaV1$1 as o, figma as on, verificationSchema as or, SalesforceOptions as ot, GenericEndpointContext as p, CognitoOptions as pn, rateLimitSchema as pr, RedditProfile as pt, NotionOptions as q, DBAdapterInstance as qn, HuggingFaceProfile as qt, createAuthEndpoint as r, github as rn, FieldType as rr, VkOption as rt, BetterAuthClientOptions as s, FacebookOptions as sn, User as sr, SalesforceProfile as st, AuthEndpoint as t, GithubOptions as tn, FieldAttribute as tr, ZoomProfile as tt, ClientFetchOption as u, DiscordOptions as un, Session as ur, RobloxProfile as ut, GenerateIdFn as v, AtlassianProfile as vn, DBFieldAttribute as vr, GitlabOptions as vt, SocialProviders as w, getApplePublicKey as wn, LinearOptions as wt, SocialProvider as x, AppleOptions as xn, DBPreservedModels as xr, LinkedInOptions as xt, BetterAuthPlugin as y, atlassian as yn, DBFieldAttributeConfig as yr, GitlabProfile as yt, LineUserInfo as z, OAuth2UserInfo as zn, twitch as zt };
+export { AccountStatus as $, JoinConfig as $n, GoogleProfile as $t, PolarOptions as A, BetterAuthCookies as An, linear as At, LineIdTokenPayload as B, createClientCredentialsTokenRequest as Bn, TwitchOptions as Bt, SocialProviderListEnum as C, AppleNonConformUser as Cn, DBFieldType as Cr, gitlab as Ct, VercelOptions as D, getApplePublicKey as Dn, LinearOptions as Dt, socialProviders as E, apple as En, SecondaryStorage as Er, linkedin as Et, PayPalTokenResponse as F, getOAuth2Tokens as Fn, DropboxProfile as Ft, NaverProfile as G, CleanedWhere as Gn, spotify as Gt, LineUserInfo as H, OAuth2UserInfo as Hn, twitch as Ht, paypal as I, createRefreshAccessTokenRequest as In, dropbox as It, KakaoProfile as J, DBAdapterDebugLogOption as Jn, slack as Jt, naver as K, CustomAdapter as Kn, SlackOptions as Kt, PaybinOptions as L, refreshAccessToken as Ln, TwitterOption as Lt, polar as M, validateAuthorizationCode as Mn, KickProfile as Mt, PayPalOptions as N, validateToken as Nn, kick as Nt, VercelProfile as O, LiteralString as On, LinearProfile as Ot, PayPalProfile as P, generateCodeChallenge as Pn, DropboxOptions as Pt, notion as Q, DBTransactionAdapter as Qn, GoogleOptions as Qt, PaybinProfile as R, createAuthorizationURL as Rn, TwitterProfile as Rt, SocialProviderList as S, atlassian as Sn, DBFieldAttributeConfig as Sr, GitlabProfile as St, socialProviderList as T, AppleProfile as Tn, DBPrimitive as Tr, LinkedInProfile as Tt, line as U, OAuthProvider as Un, SpotifyOptions as Ut, LineOptions as V, OAuth2Tokens as Vn, TwitchProfile as Vt, NaverOptions as W, ProviderOptions as Wn, SpotifyProfile as Wt, NotionOptions as X, DBAdapterInstance as Xn, HuggingFaceProfile as Xt, kakao as Y, DBAdapterFactoryConfig as Yn, HuggingFaceOptions as Yt, NotionProfile as Z, DBAdapterSchemaCreation as Zn, huggingface as Zt, BetterAuthRateLimitOptions as _, CognitoProfile as _n, Account as _r, reddit as _t, optionsMiddleware as a, GithubProfile as an, FieldAttributeConfig as ar, zoom as at, HookEndpointContext as b, AtlassianOptions as bn, BetterAuthDBSchema as br, tiktok as bt, BetterAuthClientPlugin as c, FigmaProfile as cn, Verification as cr, vk as ct, ClientStore as d, FacebookProfile as dn, userSchema as dr, salesforce as dt, google as en, JoinOption as er, LoginType as et, AuthContext as f, facebook as fn, coreSchema as fr, RobloxOptions as ft, BetterAuthOptions as g, CognitoOptions as gn, rateLimitSchema as gr, RedditProfile as gt, BetterAuthAdvancedOptions as h, discord as hn, RateLimit as hr, RedditOptions as ht, createAuthMiddleware as i, GithubOptions as in, FieldAttribute as ir, ZoomProfile as it, PolarProfile as j, createAuthorizationCodeRequest as jn, KickOptions as jt, vercel as k, LiteralUnion as kn, LinearUser as kt, ClientAtomListener as l, figma as ln, verificationSchema as lr, SalesforceOptions as lt, InternalAdapter as m, DiscordProfile as mn, sessionSchema as mr, roblox as mt, AuthMiddleware as n, MicrosoftOptions as nn, AuthPluginSchema as nr, PronounOption as nt, StandardSchemaV1$1 as o, github as on, FieldType as or, VkOption as ot, GenericEndpointContext as p, DiscordOptions as pn, Session as pr, RobloxProfile as pt, KakaoOptions as q, DBAdapter as qn, SlackProfile as qt, createAuthEndpoint as r, microsoft as rn, BetterAuthDbSchema as rr, ZoomOptions as rt, BetterAuthClientOptions as s, FigmaOptions as sn, Primitive$1 as sr, VkProfile as st, AuthEndpoint as t, MicrosoftEntraIDProfile as tn, Where as tr, PhoneNumber as tt, ClientFetchOption as u, FacebookOptions as un, User as ur, SalesforceProfile as ut, GenerateIdFn as v, cognito as vn, accountSchema as vr, TiktokOptions as vt, SocialProviders as w, AppleOptions as wn, DBPreservedModels as wr, LinkedInOptions as wt, SocialProvider as x, AtlassianProfile as xn, DBFieldAttribute as xr, GitlabOptions as xt, BetterAuthPlugin as y, getCognitoPublicKey as yn, BetterAuthPluginDBSchema as yr, TiktokProfile as yt, paybin as z, clientCredentialsToken as zn, twitter as zt };

package/dist/index.d.mts

@@ -1,3 +1,3 @@
-import { Dn as BetterAuthCookies, En as LiteralUnion, Tn as LiteralString, _ as BetterAuthRateLimitOptions, b as HookEndpointContext, c as BetterAuthClientPlugin, d as ClientStore, f as AuthContext, g as BetterAuthOptions, h as BetterAuthAdvancedOptions, l as ClientAtomListener, m as InternalAdapter, o as StandardSchemaV1, p as GenericEndpointContext, s as BetterAuthClientOptions, u as ClientFetchOption, v as GenerateIdFn, y as BetterAuthPlugin } from "./index-BlxTbL2l.mjs";
+import { An as BetterAuthCookies, On as LiteralString, _ as BetterAuthRateLimitOptions, b as HookEndpointContext, c as BetterAuthClientPlugin, d as ClientStore, f as AuthContext, g as BetterAuthOptions, h as BetterAuthAdvancedOptions, kn as LiteralUnion, l as ClientAtomListener, m as InternalAdapter, o as StandardSchemaV1, p as GenericEndpointContext, s as BetterAuthClientOptions, u as ClientFetchOption, v as GenerateIdFn, y as BetterAuthPlugin } from "./index-B3xax_KQ.mjs";
 import "./index-CdubV7uy.mjs";
 export { AuthContext, BetterAuthAdvancedOptions, BetterAuthClientOptions, BetterAuthClientPlugin, BetterAuthCookies, BetterAuthOptions, BetterAuthPlugin, BetterAuthRateLimitOptions, ClientAtomListener, ClientFetchOption, ClientStore, GenerateIdFn, GenericEndpointContext, HookEndpointContext, InternalAdapter, LiteralString, LiteralUnion, StandardSchemaV1 };

package/dist/oauth2/index.d.mts

@@ -1,3 +1,3 @@
-import { An as validateToken, Bn as OAuthProvider, Fn as createAuthorizationURL, In as clientCredentialsToken, Ln as createClientCredentialsTokenRequest, Mn as getOAuth2Tokens, Nn as createRefreshAccessTokenRequest, On as createAuthorizationCodeRequest, Pn as refreshAccessToken, Rn as OAuth2Tokens, Vn as ProviderOptions, jn as generateCodeChallenge, kn as validateAuthorizationCode, zn as OAuth2UserInfo } from "../index-BlxTbL2l.mjs";
+import { Bn as createClientCredentialsTokenRequest, Fn as getOAuth2Tokens, Hn as OAuth2UserInfo, In as createRefreshAccessTokenRequest, Ln as refreshAccessToken, Mn as validateAuthorizationCode, Nn as validateToken, Pn as generateCodeChallenge, Rn as createAuthorizationURL, Un as OAuthProvider, Vn as OAuth2Tokens, Wn as ProviderOptions, jn as createAuthorizationCodeRequest, zn as clientCredentialsToken } from "../index-B3xax_KQ.mjs";
 import "../index-CdubV7uy.mjs";
 export { OAuth2Tokens, OAuth2UserInfo, OAuthProvider, ProviderOptions, clientCredentialsToken, createAuthorizationCodeRequest, createAuthorizationURL, createClientCredentialsTokenRequest, createRefreshAccessTokenRequest, generateCodeChallenge, getOAuth2Tokens, refreshAccessToken, validateAuthorizationCode, validateToken };

package/dist/oauth2/index.mjs

@@ -1,3 +1,3 @@
-import { a as refreshAccessToken, c as getOAuth2Tokens, i as createRefreshAccessTokenRequest, l as clientCredentialsToken, n as validateAuthorizationCode, o as createAuthorizationURL, r as validateToken, s as generateCodeChallenge, t as createAuthorizationCodeRequest, u as createClientCredentialsTokenRequest } from "../oauth2-DmgZmPEg.mjs";
+import { a as refreshAccessToken, c as getOAuth2Tokens, i as createRefreshAccessTokenRequest, l as clientCredentialsToken, n as validateAuthorizationCode, o as createAuthorizationURL, r as validateToken, s as generateCodeChallenge, t as createAuthorizationCodeRequest, u as createClientCredentialsTokenRequest } from "../oauth2-B2XPHgx5.mjs";
 
 export { clientCredentialsToken, createAuthorizationCodeRequest, createAuthorizationURL, createClientCredentialsTokenRequest, createRefreshAccessTokenRequest, generateCodeChallenge, getOAuth2Tokens, refreshAccessToken, validateAuthorizationCode, validateToken };

package/dist/{oauth2-DmgZmPEg.mjs → oauth2-B2XPHgx5.mjs}

@@ -83,7 +83,7 @@ async function createAuthorizationURL({ id, options, authorizationEndpoint, stat
 	const primaryClientId = Array.isArray(options.clientId) ? options.clientId[0] : options.clientId;
 	url.searchParams.set("client_id", primaryClientId);
 	url.searchParams.set("state", state);
-	url.searchParams.set("scope", scopes.join(scopeJoiner || " "));
+	if (scopes) url.searchParams.set("scope", scopes.join(scopeJoiner || " "));
 	url.searchParams.set("redirect_uri", options.redirectURI || redirectURI);
 	duration && url.searchParams.set("duration", duration);
 	display && url.searchParams.set("display", display);

package/dist/social-providers/index.d.mts

@@ -1,3 +1,3 @@
-import { $ as PronounOption, $t as MicrosoftOptions, A as PayPalOptions, At as kick, B as line, Bt as SpotifyOptions, C as SocialProviderListEnum, Cn as apple, Ct as linkedin, D as PolarOptions, Dt as linear, E as socialProviders, Et as LinearUser, F as PaybinProfile, Ft as TwitterProfile, G as KakaoProfile, Gt as slack, H as NaverProfile, Ht as spotify, I as paybin, It as twitter, J as NotionProfile, Jt as huggingface, K as kakao, Kt as HuggingFaceOptions, L as LineIdTokenPayload, Lt as TwitchOptions, M as PayPalTokenResponse, Mt as DropboxProfile, N as paypal, Nt as dropbox, O as PolarProfile, Ot as KickOptions, P as PaybinOptions, Pt as TwitterOption, Q as PhoneNumber, Qt as MicrosoftEntraIDProfile, R as LineOptions, Rt as TwitchProfile, S as SocialProviderList, Sn as AppleProfile, St as LinkedInProfile, T as socialProviderList, Tt as LinearProfile, U as naver, Ut as SlackOptions, V as NaverOptions, Vt as SpotifyProfile, W as KakaoOptions, Wt as SlackProfile, X as AccountStatus, Xt as GoogleProfile, Y as notion, Yt as GoogleOptions, Z as LoginType, Zt as google, _n as AtlassianOptions, _t as tiktok, an as FigmaProfile, at as vk, bn as AppleNonConformUser, bt as gitlab, cn as FacebookProfile, ct as salesforce, dn as DiscordProfile, dt as roblox, en as microsoft, et as ZoomOptions, fn as discord, ft as RedditOptions, gn as getCognitoPublicKey, gt as TiktokProfile, hn as cognito, ht as TiktokOptions, in as FigmaOptions, it as VkProfile, j as PayPalProfile, jt as DropboxOptions, k as polar, kt as KickProfile, ln as facebook, lt as RobloxOptions, mn as CognitoProfile, mt as reddit, nn as GithubProfile, nt as zoom, on as figma, ot as SalesforceOptions, pn as CognitoOptions, pt as RedditProfile, q as NotionOptions, qt as HuggingFaceProfile, rn as github, rt as VkOption, sn as FacebookOptions, st as SalesforceProfile, tn as GithubOptions, tt as ZoomProfile, un as DiscordOptions, ut as RobloxProfile, vn as AtlassianProfile, vt as GitlabOptions, w as SocialProviders, wn as getApplePublicKey, wt as LinearOptions, x as SocialProvider, xn as AppleOptions, xt as LinkedInOptions, yn as atlassian, yt as GitlabProfile, z as LineUserInfo, zt as twitch } from "../index-BlxTbL2l.mjs";
+import { $ as AccountStatus, $t as GoogleProfile, A as PolarOptions, At as linear, B as LineIdTokenPayload, Bt as TwitchOptions, C as SocialProviderListEnum, Cn as AppleNonConformUser, Ct as gitlab, D as VercelOptions, Dn as getApplePublicKey, Dt as LinearOptions, E as socialProviders, En as apple, Et as linkedin, F as PayPalTokenResponse, Ft as DropboxProfile, G as NaverProfile, Gt as spotify, H as LineUserInfo, Ht as twitch, I as paypal, It as dropbox, J as KakaoProfile, Jt as slack, K as naver, Kt as SlackOptions, L as PaybinOptions, Lt as TwitterOption, M as polar, Mt as KickProfile, N as PayPalOptions, Nt as kick, O as VercelProfile, Ot as LinearProfile, P as PayPalProfile, Pt as DropboxOptions, Q as notion, Qt as GoogleOptions, R as PaybinProfile, Rt as TwitterProfile, S as SocialProviderList, Sn as atlassian, St as GitlabProfile, T as socialProviderList, Tn as AppleProfile, Tt as LinkedInProfile, U as line, Ut as SpotifyOptions, V as LineOptions, Vt as TwitchProfile, W as NaverOptions, Wt as SpotifyProfile, X as NotionOptions, Xt as HuggingFaceProfile, Y as kakao, Yt as HuggingFaceOptions, Z as NotionProfile, Zt as huggingface, _n as CognitoProfile, _t as reddit, an as GithubProfile, at as zoom, bn as AtlassianOptions, bt as tiktok, cn as FigmaProfile, ct as vk, dn as FacebookProfile, dt as salesforce, en as google, et as LoginType, fn as facebook, ft as RobloxOptions, gn as CognitoOptions, gt as RedditProfile, hn as discord, ht as RedditOptions, in as GithubOptions, it as ZoomProfile, j as PolarProfile, jt as KickOptions, k as vercel, kt as LinearUser, ln as figma, lt as SalesforceOptions, mn as DiscordProfile, mt as roblox, nn as MicrosoftOptions, nt as PronounOption, on as github, ot as VkOption, pn as DiscordOptions, pt as RobloxProfile, q as KakaoOptions, qt as SlackProfile, rn as microsoft, rt as ZoomOptions, sn as FigmaOptions, st as VkProfile, tn as MicrosoftEntraIDProfile, tt as PhoneNumber, un as FacebookOptions, ut as SalesforceProfile, vn as cognito, vt as TiktokOptions, w as SocialProviders, wn as AppleOptions, wt as LinkedInOptions, x as SocialProvider, xn as AtlassianProfile, xt as GitlabOptions, yn as getCognitoPublicKey, yt as TiktokProfile, z as paybin, zt as twitter } from "../index-B3xax_KQ.mjs";
 import "../index-CdubV7uy.mjs";
-export { AccountStatus, AppleNonConformUser, AppleOptions, AppleProfile, AtlassianOptions, AtlassianProfile, CognitoOptions, CognitoProfile, DiscordOptions, DiscordProfile, DropboxOptions, DropboxProfile, FacebookOptions, FacebookProfile, FigmaOptions, FigmaProfile, GithubOptions, GithubProfile, GitlabOptions, GitlabProfile, GoogleOptions, GoogleProfile, HuggingFaceOptions, HuggingFaceProfile, KakaoOptions, KakaoProfile, KickOptions, KickProfile, LineIdTokenPayload, LineOptions, LineUserInfo, LinearOptions, LinearProfile, LinearUser, LinkedInOptions, LinkedInProfile, LoginType, MicrosoftEntraIDProfile, MicrosoftOptions, NaverOptions, NaverProfile, NotionOptions, NotionProfile, PayPalOptions, PayPalProfile, PayPalTokenResponse, PaybinOptions, PaybinProfile, PhoneNumber, PolarOptions, PolarProfile, PronounOption, RedditOptions, RedditProfile, RobloxOptions, RobloxProfile, SalesforceOptions, SalesforceProfile, SlackOptions, SlackProfile, SocialProvider, SocialProviderList, SocialProviderListEnum, SocialProviders, SpotifyOptions, SpotifyProfile, TiktokOptions, TiktokProfile, TwitchOptions, TwitchProfile, TwitterOption, TwitterProfile, VkOption, VkProfile, ZoomOptions, ZoomProfile, apple, atlassian, cognito, discord, dropbox, facebook, figma, getApplePublicKey, getCognitoPublicKey, github, gitlab, google, huggingface, kakao, kick, line, linear, linkedin, microsoft, naver, notion, paybin, paypal, polar, reddit, roblox, salesforce, slack, socialProviderList, socialProviders, spotify, tiktok, twitch, twitter, vk, zoom };
+export { AccountStatus, AppleNonConformUser, AppleOptions, AppleProfile, AtlassianOptions, AtlassianProfile, CognitoOptions, CognitoProfile, DiscordOptions, DiscordProfile, DropboxOptions, DropboxProfile, FacebookOptions, FacebookProfile, FigmaOptions, FigmaProfile, GithubOptions, GithubProfile, GitlabOptions, GitlabProfile, GoogleOptions, GoogleProfile, HuggingFaceOptions, HuggingFaceProfile, KakaoOptions, KakaoProfile, KickOptions, KickProfile, LineIdTokenPayload, LineOptions, LineUserInfo, LinearOptions, LinearProfile, LinearUser, LinkedInOptions, LinkedInProfile, LoginType, MicrosoftEntraIDProfile, MicrosoftOptions, NaverOptions, NaverProfile, NotionOptions, NotionProfile, PayPalOptions, PayPalProfile, PayPalTokenResponse, PaybinOptions, PaybinProfile, PhoneNumber, PolarOptions, PolarProfile, PronounOption, RedditOptions, RedditProfile, RobloxOptions, RobloxProfile, SalesforceOptions, SalesforceProfile, SlackOptions, SlackProfile, SocialProvider, SocialProviderList, SocialProviderListEnum, SocialProviders, SpotifyOptions, SpotifyProfile, TiktokOptions, TiktokProfile, TwitchOptions, TwitchProfile, TwitterOption, TwitterProfile, VercelOptions, VercelProfile, VkOption, VkProfile, ZoomOptions, ZoomProfile, apple, atlassian, cognito, discord, dropbox, facebook, figma, getApplePublicKey, getCognitoPublicKey, github, gitlab, google, huggingface, kakao, kick, line, linear, linkedin, microsoft, naver, notion, paybin, paypal, polar, reddit, roblox, salesforce, slack, socialProviderList, socialProviders, spotify, tiktok, twitch, twitter, vercel, vk, zoom };

package/dist/social-providers/index.mjs

@@ -1,5 +1,5 @@
 import { i as logger } from "../env-DwlNAN_D.mjs";
-import { a as refreshAccessToken, c as getOAuth2Tokens, n as validateAuthorizationCode, o as createAuthorizationURL, s as generateCodeChallenge } from "../oauth2-DmgZmPEg.mjs";
+import { a as refreshAccessToken, c as getOAuth2Tokens, n as validateAuthorizationCode, o as createAuthorizationURL, s as generateCodeChallenge } from "../oauth2-B2XPHgx5.mjs";
 import "../utils-C5EN75oV.mjs";
 import { t as BetterAuthError } from "../error-BhAKg8LX.mjs";
 import * as z from "zod";
@@ -2341,6 +2341,60 @@ const twitter = (options) => {
 	};
 };
 
+//#endregion
+//#region src/social-providers/vercel.ts
+const vercel = (options) => {
+	return {
+		id: "vercel",
+		name: "Vercel",
+		createAuthorizationURL({ state, scopes, codeVerifier, redirectURI }) {
+			if (!codeVerifier) throw new BetterAuthError("codeVerifier is required for Vercel");
+			let _scopes = void 0;
+			if (options.scope !== void 0 || scopes !== void 0) {
+				_scopes = [];
+				if (options.scope) _scopes.push(...options.scope);
+				if (scopes) _scopes.push(...scopes);
+			}
+			return createAuthorizationURL({
+				id: "vercel",
+				options,
+				authorizationEndpoint: "https://vercel.com/oauth/authorize",
+				scopes: _scopes,
+				state,
+				codeVerifier,
+				redirectURI
+			});
+		},
+		validateAuthorizationCode: async ({ code, codeVerifier, redirectURI }) => {
+			return validateAuthorizationCode({
+				code,
+				codeVerifier,
+				redirectURI,
+				options,
+				tokenEndpoint: "https://api.vercel.com/login/oauth/token"
+			});
+		},
+		async getUserInfo(token) {
+			if (options.getUserInfo) return options.getUserInfo(token);
+			const { data: profile, error } = await betterFetch("https://api.vercel.com/login/oauth/userinfo", { headers: { Authorization: `Bearer ${token.accessToken}` } });
+			if (error || !profile) return null;
+			const userMap = await options.mapProfileToUser?.(profile);
+			return {
+				user: {
+					id: profile.sub,
+					name: profile.name ?? profile.preferred_username,
+					email: profile.email,
+					image: profile.picture,
+					emailVerified: profile.email_verified ?? false,
+					...userMap
+				},
+				data: profile
+			};
+		},
+		options
+	};
+};
+
 //#endregion
 //#region src/social-providers/vk.ts
 const vk = (options) => {
@@ -2516,10 +2570,11 @@ const socialProviders = {
 	line,
 	paybin,
 	paypal,
-	polar
+	polar,
+	vercel
 };
 const socialProviderList = Object.keys(socialProviders);
 const SocialProviderListEnum = z.enum(socialProviderList).or(z.string());
 
 //#endregion
-export { SocialProviderListEnum, apple, atlassian, cognito, discord, dropbox, facebook, figma, getApplePublicKey, getCognitoPublicKey, github, gitlab, google, huggingface, kakao, kick, line, linear, linkedin, microsoft, naver, notion, paybin, paypal, polar, reddit, roblox, salesforce, slack, socialProviderList, socialProviders, spotify, tiktok, twitch, twitter, vk, zoom };
+export { SocialProviderListEnum, apple, atlassian, cognito, discord, dropbox, facebook, figma, getApplePublicKey, getCognitoPublicKey, github, gitlab, google, huggingface, kakao, kick, line, linear, linkedin, microsoft, naver, notion, paybin, paypal, polar, reddit, roblox, salesforce, slack, socialProviderList, socialProviders, spotify, tiktok, twitch, twitter, vercel, vk, zoom };

package/package.json

@@ -1,8 +1,13 @@
 {
   "name": "@better-auth/core",
-  "version": "1.4.2",
+  "version": "1.4.4-beta.1",
   "description": "The most comprehensive authentication framework for TypeScript.",
   "type": "module",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/better-auth/better-auth",
+    "directory": "packages/core"
+  },
   "main": "./dist/index.mjs",
   "module": "./dist/index.mjs",
   "exports": {
@@ -103,12 +108,12 @@
     "@better-auth/utils": "0.3.0",
     "@better-fetch/fetch": "1.1.18",
     "@types/better-sqlite3": "^7.6.13",
-    "better-call": "1.1.0",
+    "better-call": "1.1.1",
     "better-sqlite3": "^12.4.1",
     "jose": "^6.1.0",
     "kysely": "^0.28.5",
     "nanostores": "^1.0.1",
-    "tsdown": "^0.16.0"
+    "tsdown": "^0.16.6"
   },
   "dependencies": {
     "@standard-schema/spec": "^1.0.0",
@@ -117,7 +122,7 @@
   "peerDependencies": {
     "@better-auth/utils": "0.3.0",
     "@better-fetch/fetch": "1.1.18",
-    "better-call": "1.1.0",
+    "better-call": "1.1.1",
     "jose": "^6.1.0",
     "kysely": "^0.28.5",
     "nanostores": "^1.0.1"
@@ -125,6 +130,7 @@
   "scripts": {
     "build": "tsdown",
     "dev": "tsdown --watch",
+    "lint:package": "publint run --strict",
     "typecheck": "tsc --project tsconfig.json",
     "test": "vitest"
   }

package/src/oauth2/create-authorization-url.ts

@@ -27,7 +27,7 @@ export async function createAuthorizationURL({
 	authorizationEndpoint: string;
 	state: string;
 	codeVerifier?: string | undefined;
-	scopes: string[];
+	scopes?: string[] | undefined;
 	claims?: string[] | undefined;
 	duration?: string | undefined;
 	prompt?: string | undefined;
@@ -47,7 +47,9 @@ export async function createAuthorizationURL({
 		: options.clientId;
 	url.searchParams.set("client_id", primaryClientId);
 	url.searchParams.set("state", state);
-	url.searchParams.set("scope", scopes.join(scopeJoiner || " "));
+	if (scopes) {
+		url.searchParams.set("scope", scopes.join(scopeJoiner || " "));
+	}
 	url.searchParams.set("redirect_uri", options.redirectURI || redirectURI);
 	duration && url.searchParams.set("duration", duration);
 	display && url.searchParams.set("display", display);

package/src/social-providers/index.ts

@@ -29,6 +29,7 @@ import { spotify } from "./spotify";
 import { tiktok } from "./tiktok";
 import { twitch } from "./twitch";
 import { twitter } from "./twitter";
+import { vercel } from "./vercel";
 import { vk } from "./vk";
 import { zoom } from "./zoom";
 
@@ -65,6 +66,7 @@ export const socialProviders = {
 	paybin,
 	paypal,
 	polar,
+	vercel,
 };
 
 export const socialProviderList = Object.keys(socialProviders) as [
@@ -118,6 +120,7 @@ export * from "./spotify";
 export * from "./tiktok";
 export * from "./twitch";
 export * from "./twitter";
+export * from "./vercel";
 export * from "./vk";
 export * from "./zoom";
 

package/src/social-providers/vercel.ts

@@ -0,0 +1,87 @@
+import { betterFetch } from "@better-fetch/fetch";
+import { BetterAuthError } from "../error";
+import type { OAuthProvider, ProviderOptions } from "../oauth2";
+import { createAuthorizationURL, validateAuthorizationCode } from "../oauth2";
+
+export interface VercelProfile {
+	sub: string;
+	name?: string;
+	preferred_username?: string;
+	email?: string;
+	email_verified?: boolean;
+	picture?: string;
+}
+
+export interface VercelOptions extends ProviderOptions<VercelProfile> {
+	clientId: string;
+}
+
+export const vercel = (options: VercelOptions) => {
+	return {
+		id: "vercel",
+		name: "Vercel",
+		createAuthorizationURL({ state, scopes, codeVerifier, redirectURI }) {
+			if (!codeVerifier) {
+				throw new BetterAuthError("codeVerifier is required for Vercel");
+			}
+
+			let _scopes: string[] | undefined = undefined;
+			if (options.scope !== undefined || scopes !== undefined) {
+				_scopes = [];
+				if (options.scope) _scopes.push(...options.scope);
+				if (scopes) _scopes.push(...scopes);
+			}
+
+			return createAuthorizationURL({
+				id: "vercel",
+				options,
+				authorizationEndpoint: "https://vercel.com/oauth/authorize",
+				scopes: _scopes,
+				state,
+				codeVerifier,
+				redirectURI,
+			});
+		},
+		validateAuthorizationCode: async ({ code, codeVerifier, redirectURI }) => {
+			return validateAuthorizationCode({
+				code,
+				codeVerifier,
+				redirectURI,
+				options,
+				tokenEndpoint: "https://api.vercel.com/login/oauth/token",
+			});
+		},
+		async getUserInfo(token) {
+			if (options.getUserInfo) {
+				return options.getUserInfo(token);
+			}
+
+			const { data: profile, error } = await betterFetch<VercelProfile>(
+				"https://api.vercel.com/login/oauth/userinfo",
+				{
+					headers: {
+						Authorization: `Bearer ${token.accessToken}`,
+					},
+				},
+			);
+
+			if (error || !profile) {
+				return null;
+			}
+
+			const userMap = await options.mapProfileToUser?.(profile);
+			return {
+				user: {
+					id: profile.sub,
+					name: profile.name ?? profile.preferred_username,
+					email: profile.email,
+					image: profile.picture,
+					emailVerified: profile.email_verified ?? false,
+					...userMap,
+				},
+				data: profile,
+			};
+		},
+		options,
+	} satisfies OAuthProvider<VercelProfile>;
+};

package/src/types/init-options.ts

@@ -257,6 +257,20 @@ export type BetterAuthAdvancedOptions = {
 				generateId?: GenerateIdFn | false | "serial" | "uuid";
 		  }
 		| undefined;
+	/**
+	 * Trusted proxy headers
+	 *
+
+	 * - `x-forwarded-host`
+	 * - `x-forwarded-proto`
+	 *
+	 * If set to `true` and no `baseURL` option is provided, we will use the headers to infer the
+	 * base URL.
+	 *
+	 * ⚠︎ This may expose your application to security vulnerabilities if not
+	 * used correctly. Please use this with caution.
+	 */
+	trustedProxyHeaders?: boolean | undefined;
 };
 
 export type BetterAuthOptions = {