@better-auth/passkey 1.7.0-beta.0 → 1.7.0-beta.10

package/dist/client.d.mts

@@ -1,4 +1,4 @@
-import { a as PasskeyExtensionsResolver, c as PasskeyRegistrationUser, i as PasskeyAuthenticationOptions, l as WebAuthnChallengeValue, n as PASSKEY_ERROR_CODES, o as PasskeyOptions, r as Passkey, s as PasskeyRegistrationOptions, t as passkey } from "./index-DD5Lute1.mjs";
+import { a as Passkey, c as PasskeyOptions, d as WebAuthnChallengeValue, l as PasskeyRegistrationOptions, n as PASSKEY_ERROR_CODES, o as PasskeyAuthenticationOptions, s as PasskeyExtensionsResolver, t as passkey, u as PasskeyRegistrationUser } from "./index-z0BvlclO.mjs";
 import { AuthenticationExtensionsClientInputs, AuthenticationExtensionsClientOutputs, AuthenticationResponseJSON, RegistrationResponseJSON } from "@simplewebauthn/server";
 import * as better_auth_client0 from "better-auth/client";
 import * as nanostores from "nanostores";
@@ -39,6 +39,14 @@ declare const getPasskeyActions: ($fetch: BetterFetch, {
         user: User;
       };
       error: null;
+    } | {
+      data: null;
+      error: {
+        code: string;
+        message: string;
+        status: number;
+        statusText: string;
+      };
     } | {
       webauthn: {
         response: AuthenticationResponseJSON;
@@ -60,14 +68,6 @@ declare const getPasskeyActions: ($fetch: BetterFetch, {
         user: User;
       };
       error: null;
-    } | {
-      data: null;
-      error: {
-        code: string;
-        message: string;
-        status: number;
-        statusText: string;
-      };
     }>;
   };
   passkey: {
@@ -165,6 +165,14 @@ declare const passkeyClient: () => {
           user: User;
         };
         error: null;
+      } | {
+        data: null;
+        error: {
+          code: string;
+          message: string;
+          status: number;
+          statusText: string;
+        };
       } | {
         webauthn: {
           response: AuthenticationResponseJSON;
@@ -186,14 +194,6 @@ declare const passkeyClient: () => {
           user: User;
         };
         error: null;
-      } | {
-        data: null;
-        error: {
-          code: string;
-          message: string;
-          status: number;
-          statusText: string;
-        };
       }>;
     };
     passkey: {

package/dist/client.mjs

@@ -1,4 +1,4 @@
-import { n as PASSKEY_ERROR_CODES, t as PACKAGE_VERSION } from "./version-Bpv4-Vmt.mjs";
+import { n as PASSKEY_ERROR_CODES, t as PACKAGE_VERSION } from "./version-vleaxnrJ.mjs";
 import { WebAuthnError, startAuthentication, startRegistration } from "@simplewebauthn/browser";
 import { useAuthQuery } from "better-auth/client";
 import { atom } from "nanostores";
@@ -10,18 +10,31 @@ const getPasskeyActions = ($fetch, { $listPasskeys, $store }) => {
 			throw: false
 		});
 		if (!response.data) return response;
+		const mergedExtensions = response.data.extensions || opts?.extensions ? {
+			...response.data.extensions || {},
+			...opts?.extensions || {}
+		} : void 0;
+		let res;
 		try {
-			const mergedExtensions = response.data.extensions || opts?.extensions ? {
-				...response.data.extensions || {},
-				...opts?.extensions || {}
-			} : void 0;
-			const res = await startAuthentication({
+			res = await startAuthentication({
 				optionsJSON: {
 					...response.data,
 					extensions: mergedExtensions
 				},
 				useBrowserAutofill: opts?.autoFill
 			});
+		} catch (err) {
+			return {
+				data: null,
+				error: {
+					code: err instanceof WebAuthnError ? err.code : "AUTH_CANCELLED",
+					message: PASSKEY_ERROR_CODES.AUTH_CANCELLED.message,
+					status: 400,
+					statusText: "BAD_REQUEST"
+				}
+			};
+		}
+		try {
 			const { clientExtensionResults, ...responseBody } = res;
 			const verified = await $fetch("/passkey/verify-authentication", {
 				body: { response: responseBody },

package/dist/{index-DD5Lute1.d.mts → index-z0BvlclO.d.mts}

@@ -100,7 +100,13 @@ interface PasskeyRegistrationOptions {
   }) => Awaitable<PasskeyRegistrationUser>) | undefined;
   /**
    * Callback after a successful registration verification.
-   * Useful for user linking or auditing.
+   * Useful for user linking, auditing, or labeling the passkey.
+   *
+   * Return `userId` to attribute the passkey to a different user. Return `name`
+   * to set the stored label when the client did not provide one; the AAGUID is
+   * available via `verification.registrationInfo?.aaguid`. A non-empty
+   * client-supplied name always takes precedence over the returned `name`;
+   * whitespace-only input is treated as absent.
    */
   afterVerification?: ((args: {
     ctx: GenericEndpointContext;
@@ -110,6 +116,7 @@ interface PasskeyRegistrationOptions {
     context?: string | null | undefined;
   }) => Awaitable<{
     userId?: string;
+    name?: string;
   } | void>) | undefined;
   /**
    * Optional WebAuthn extensions to include in registration options.
@@ -196,6 +203,30 @@ type Passkey = {
   aaguid?: string | undefined;
 };
 //#endregion
+//#region src/authenticator-metadata.d.ts
+/**
+ * Best-effort map of common authenticator AAGUIDs to a human-readable provider
+ * name, for labeling passkeys in management UIs.
+ *
+ * An AAGUID identifies an authenticator *model* (not a device or a user) and is
+ * present only in the registration response. Better Auth stores it on every
+ * passkey row and returns it from `listPasskeys`, so a display label can be
+ * resolved wherever passkeys are rendered.
+ *
+ * This list is intentionally small and not authoritative. Many authenticators
+ * are missing, and privacy-preserving platforms report an all-zero AAGUID
+ * (`00000000-0000-0000-0000-000000000000`) that matches nothing here. Notably,
+ * Apple devices zero the AAGUID under the default `attestation: "none"` flow, so
+ * the Apple entries below only appear in attested or managed contexts. For full
+ * coverage, resolve against the community-maintained source instead:
+ *
+ * - https://github.com/passkeydeveloper/passkey-authenticator-aaguids
+ *
+ * Names mirror that source verbatim.
+ */
+declare const commonAuthenticatorNames: Record<string, string>;
+declare const getAuthenticatorName: (aaguid: string | null | undefined) => string | undefined;
+//#endregion
 //#region src/error-codes.d.ts
 declare const PASSKEY_ERROR_CODES: {
   CHALLENGE_NOT_FOUND: better_auth0.RawError<"CHALLENGE_NOT_FOUND">;
@@ -250,7 +281,7 @@ declare const passkey: (options?: PasskeyOptions | undefined) => {
             image?: string | null | undefined;
           };
         };
-      }>)[] | undefined;
+      }>)[];
       query: zod.ZodOptional<zod.ZodObject<{
         authenticatorAttachment: zod.ZodOptional<zod.ZodEnum<{
           platform: "platform";
@@ -263,25 +294,10 @@ declare const passkey: (options?: PasskeyOptions | undefined) => {
         openapi: {
           operationId: string;
           description: string;
+          parameters: better_call0.OpenAPIParameter[];
           responses: {
             200: {
               description: string;
-              parameters: {
-                query: {
-                  authenticatorAttachment: {
-                    description: string;
-                    required: boolean;
-                  };
-                  name: {
-                    description: string;
-                    required: boolean;
-                  };
-                  context: {
-                    description: string;
-                    required: boolean;
-                  };
-                };
-              };
               content: {
                 "application/json": {
                   schema: {
@@ -503,7 +519,7 @@ declare const passkey: (options?: PasskeyOptions | undefined) => {
             image?: string | null | undefined;
           };
         };
-      }>)[] | undefined;
+      }>)[];
       metadata: {
         openapi: {
           operationId: string;
@@ -573,6 +589,15 @@ declare const passkey: (options?: PasskeyOptions | undefined) => {
         ipAddress?: string | null | undefined;
         userAgent?: string | null | undefined;
       };
+      user: {
+        id: string;
+        createdAt: Date;
+        updatedAt: Date;
+        email: string;
+        emailVerified: boolean;
+        name: string;
+        image?: string | null | undefined;
+      };
     }>;
     listPasskeys: better_call0.StrictEndpoint<"/passkey/list-user-passkeys", {
       method: "GET";
@@ -808,4 +833,4 @@ declare const passkey: (options?: PasskeyOptions | undefined) => {
   options: PasskeyOptions | undefined;
 };
 //#endregion
-export { PasskeyExtensionsResolver as a, PasskeyRegistrationUser as c, PasskeyAuthenticationOptions as i, WebAuthnChallengeValue as l, PASSKEY_ERROR_CODES as n, PasskeyOptions as o, Passkey as r, PasskeyRegistrationOptions as s, passkey as t };
+export { Passkey as a, PasskeyOptions as c, WebAuthnChallengeValue as d, getAuthenticatorName as i, PasskeyRegistrationOptions as l, PASSKEY_ERROR_CODES as n, PasskeyAuthenticationOptions as o, commonAuthenticatorNames as r, PasskeyExtensionsResolver as s, passkey as t, PasskeyRegistrationUser as u };

package/dist/index.d.mts

@@ -1,2 +1,2 @@
-import { n as PASSKEY_ERROR_CODES, o as PasskeyOptions, r as Passkey, t as passkey } from "./index-DD5Lute1.mjs";
-export { PASSKEY_ERROR_CODES, Passkey, PasskeyOptions, passkey };
+import { a as Passkey, c as PasskeyOptions, i as getAuthenticatorName, n as PASSKEY_ERROR_CODES, r as commonAuthenticatorNames, t as passkey } from "./index-z0BvlclO.mjs";
+export { PASSKEY_ERROR_CODES, Passkey, PasskeyOptions, commonAuthenticatorNames, getAuthenticatorName, passkey };

package/dist/index.mjs

@@ -1,4 +1,4 @@
-import { n as PASSKEY_ERROR_CODES, t as PACKAGE_VERSION } from "./version-Bpv4-Vmt.mjs";
+import { n as PASSKEY_ERROR_CODES, t as PACKAGE_VERSION } from "./version-vleaxnrJ.mjs";
 import { mergeSchema } from "better-auth/db";
 import { createAuthEndpoint } from "@better-auth/core/api";
 import { APIError } from "@better-auth/core/error";
@@ -52,33 +52,46 @@ const generatePasskeyQuerySchema = z.object({
 	name: z.string().optional(),
 	context: z.string().optional()
 }).optional();
+const generatePasskeyRegistrationOptionsOpenAPIParameters = [
+	{
+		name: "authenticatorAttachment",
+		in: "query",
+		required: false,
+		description: `Type of authenticator to use for registration.
+                          "platform" for device-specific authenticators,
+                          "cross-platform" for authenticators that can be used across devices.`,
+		schema: {
+			type: "string",
+			enum: ["platform", "cross-platform"]
+		}
+	},
+	{
+		name: "name",
+		in: "query",
+		required: false,
+		description: `Optional custom name for the passkey.
+                          This can help identify the passkey when managing multiple credentials.`,
+		schema: { type: "string" }
+	},
+	{
+		name: "context",
+		in: "query",
+		required: false,
+		description: "Optional context for passkey-first registration flows.",
+		schema: { type: "string" }
+	}
+];
 const generatePasskeyRegistrationOptions = (opts, { maxAgeInSeconds }) => {
 	return createAuthEndpoint("/passkey/generate-register-options", {
 		method: "GET",
-		use: opts.registration?.requireSession ?? true ? [freshSessionMiddleware] : void 0,
+		use: opts.registration?.requireSession ?? true ? [freshSessionMiddleware] : [],
 		query: generatePasskeyQuerySchema,
 		metadata: { openapi: {
 			operationId: "generatePasskeyRegistrationOptions",
 			description: "Generate registration options for a new passkey",
+			parameters: generatePasskeyRegistrationOptionsOpenAPIParameters,
 			responses: { 200: {
 				description: "Success",
-				parameters: { query: {
-					authenticatorAttachment: {
-						description: `Type of authenticator to use for registration.
-                          "platform" for device-specific authenticators,
-                          "cross-platform" for authenticators that can be used across devices.`,
-						required: false
-					},
-					name: {
-						description: `Optional custom name for the passkey.
-                          This can help identify the passkey when managing multiple credentials.`,
-						required: false
-					},
-					context: {
-						description: "Optional context for passkey-first registration flows.",
-						required: false
-					}
-				} },
 				content: { "application/json": { schema: {
 					type: "object",
 					properties: {
@@ -178,6 +191,7 @@ const generatePasskeyRegistrationOptions = (opts, { maxAgeInSeconds }) => {
 		await ctx.context.internalAdapter.createVerificationValue({
 			identifier: verificationToken,
 			value: JSON.stringify({
+				type: "registration",
 				expectedChallenge: options.challenge,
 				userData: {
 					id: user.id,
@@ -268,6 +282,7 @@ const generatePasskeyAuthenticationOptions = (opts, { maxAgeInSeconds }) => crea
 		})) } : {}
 	});
 	const data = {
+		type: "authentication",
 		expectedChallenge: options.challenge,
 		userData: { id: session?.user.id || "" }
 	};
@@ -287,14 +302,14 @@ const generatePasskeyAuthenticationOptions = (opts, { maxAgeInSeconds }) => crea
 });
 const verifyPasskeyRegistrationBodySchema = z.object({
 	response: z.any(),
-	name: z.string().meta({ description: "Name of the passkey" }).optional()
+	name: z.string().trim().meta({ description: "Name of the passkey" }).optional()
 });
 const verifyPasskeyRegistration = (options) => {
 	const requireSession = options.registration?.requireSession ?? true;
 	return createAuthEndpoint("/passkey/verify-registration", {
 		method: "POST",
 		body: verifyPasskeyRegistrationBodySchema,
-		use: requireSession ? [freshSessionMiddleware] : void 0,
+		use: requireSession ? [freshSessionMiddleware] : [],
 		metadata: { openapi: {
 			operationId: "passkeyVerifyRegistration",
 			description: "Verify registration of a new passkey",
@@ -313,9 +328,10 @@ const verifyPasskeyRegistration = (options) => {
 		const webAuthnCookie = ctx.context.createAuthCookie(options.advanced.webAuthnChallengeCookie);
 		const verificationToken = await ctx.getSignedCookie(webAuthnCookie.name, ctx.context.secret);
 		if (!verificationToken) throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.CHALLENGE_NOT_FOUND);
-		const data = await ctx.context.internalAdapter.findVerificationValue(verificationToken);
+		const data = await ctx.context.internalAdapter.consumeVerificationValue(verificationToken);
 		if (!data) throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.CHALLENGE_NOT_FOUND);
-		const { expectedChallenge, userData, context } = JSON.parse(data.value);
+		const { type: ceremony, expectedChallenge, userData, context } = JSON.parse(data.value);
+		if (ceremony !== "registration") throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.CHALLENGE_NOT_FOUND);
 		const session = requireSession ? ctx.context.session : await getSessionFromCtx(ctx);
 		if (session?.user?.id && userData.id !== session.user.id) throw APIError.from("UNAUTHORIZED", PASSKEY_ERROR_CODES.YOU_ARE_NOT_ALLOWED_TO_REGISTER_THIS_PASSKEY);
 		try {
@@ -335,6 +351,7 @@ const verifyPasskeyRegistration = (options) => {
 				displayName: userData.displayName
 			};
 			let targetUserId = resolvedUser.id;
+			let resolvedName = ctx.body.name || void 0;
 			if (options.registration?.afterVerification) {
 				const result = await options.registration.afterVerification({
 					ctx,
@@ -348,16 +365,18 @@ const verifyPasskeyRegistration = (options) => {
 					if (session?.user?.id && result.userId !== session.user.id) throw APIError.from("UNAUTHORIZED", PASSKEY_ERROR_CODES.YOU_ARE_NOT_ALLOWED_TO_REGISTER_THIS_PASSKEY);
 					targetUserId = result.userId;
 				}
+				if (!resolvedName) resolvedName = result?.name?.trim() || void 0;
 			}
+			if (!targetUserId) throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.RESOLVED_USER_INVALID);
 			const pubKey = base64.encode(credential.publicKey);
 			const newPasskey = {
-				name: ctx.body.name,
+				name: resolvedName,
 				userId: targetUserId,
 				credentialID: credential.id,
 				publicKey: pubKey,
 				counter: credential.counter,
 				deviceType: credentialDeviceType,
-				transports: resp.response.transports.join(","),
+				transports: resp.response.transports?.join(",") ?? "",
 				backedUp: credentialBackedUp,
 				createdAt: /* @__PURE__ */ new Date(),
 				aaguid
@@ -366,9 +385,9 @@ const verifyPasskeyRegistration = (options) => {
 				model: "passkey",
 				data: newPasskey
 			});
-			await ctx.context.internalAdapter.deleteVerificationByIdentifier(verificationToken);
 			return ctx.json(newPasskeyRes, { status: 200 });
 		} catch (e) {
+			if (e instanceof APIError) throw e;
 			ctx.context.logger.error("Failed to verify registration", e);
 			throw APIError.from("INTERNAL_SERVER_ERROR", PASSKEY_ERROR_CODES.FAILED_TO_VERIFY_REGISTRATION);
 		}
@@ -402,9 +421,10 @@ const verifyPasskeyAuthentication = (options) => createAuthEndpoint("/passkey/ve
 	const webAuthnCookie = ctx.context.createAuthCookie(options.advanced.webAuthnChallengeCookie);
 	const verificationToken = await ctx.getSignedCookie(webAuthnCookie.name, ctx.context.secret);
 	if (!verificationToken) throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.CHALLENGE_NOT_FOUND);
-	const data = await ctx.context.internalAdapter.findVerificationValue(verificationToken);
+	const data = await ctx.context.internalAdapter.consumeVerificationValue(verificationToken);
 	if (!data) throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.CHALLENGE_NOT_FOUND);
-	const { expectedChallenge } = JSON.parse(data.value);
+	const { type: ceremony, expectedChallenge } = JSON.parse(data.value);
+	if (ceremony !== "authentication") throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.CHALLENGE_NOT_FOUND);
 	const passkey = await ctx.context.adapter.findOne({
 		model: "passkey",
 		where: [{
@@ -450,9 +470,12 @@ const verifyPasskeyAuthentication = (options) => createAuthEndpoint("/passkey/ve
 			session: s,
 			user
 		});
-		await ctx.context.internalAdapter.deleteVerificationByIdentifier(verificationToken);
-		return ctx.json({ session: s }, { status: 200 });
+		return ctx.json({
+			session: s,
+			user
+		}, { status: 200 });
 	} catch (e) {
+		if (e instanceof APIError) throw e;
 		ctx.context.logger.error("Failed to verify authentication", e);
 		throw APIError.from("BAD_REQUEST", PASSKEY_ERROR_CODES.AUTHENTICATION_FAILED);
 	}
@@ -573,7 +596,7 @@ const updatePasskey = createAuthEndpoint("/passkey/update-passkey", {
 	method: "POST",
 	body: z.object({
 		id: z.string().meta({ description: `The ID of the passkey which will be updated. Eg: \"passkey-id\"` }),
-		name: z.string().meta({ description: `The new name which the passkey will be updated to. Eg: \"my-new-passkey-name\"` })
+		name: z.string().trim().min(1).meta({ description: `The new name which the passkey will be updated to. Eg: \"my-new-passkey-name\"` })
 	}),
 	use: [sessionMiddleware, requireResourceOwnership({
 		model: "passkey",
@@ -657,6 +680,63 @@ const schema = { passkey: { fields: {
 	}
 } } };
 //#endregion
+//#region src/authenticator-metadata.ts
+/**
+* Best-effort map of common authenticator AAGUIDs to a human-readable provider
+* name, for labeling passkeys in management UIs.
+*
+* An AAGUID identifies an authenticator *model* (not a device or a user) and is
+* present only in the registration response. Better Auth stores it on every
+* passkey row and returns it from `listPasskeys`, so a display label can be
+* resolved wherever passkeys are rendered.
+*
+* This list is intentionally small and not authoritative. Many authenticators
+* are missing, and privacy-preserving platforms report an all-zero AAGUID
+* (`00000000-0000-0000-0000-000000000000`) that matches nothing here. Notably,
+* Apple devices zero the AAGUID under the default `attestation: "none"` flow, so
+* the Apple entries below only appear in attested or managed contexts. For full
+* coverage, resolve against the community-maintained source instead:
+*
+* - https://github.com/passkeydeveloper/passkey-authenticator-aaguids
+*
+* Names mirror that source verbatim.
+*/
+const commonAuthenticatorNames = {
+	"ea9b8d66-4d01-1d21-3ce4-b6b48cb575d4": "Google Password Manager",
+	"fbfc3007-154e-4ecc-8c0b-6e020557d7bd": "Apple Passwords",
+	"dd4ec289-e01d-41c9-bb89-70fa845d4bf2": "iCloud Keychain (Managed)",
+	"08987058-cadc-4b81-b6e1-30de50dcbe96": "Windows Hello",
+	"9ddd1817-af5a-4672-a2b9-3e3dd95000a9": "Windows Hello",
+	"6028b017-b1d4-4c02-b4b3-afcdafc96bb2": "Windows Hello",
+	"bada5566-a7aa-401f-bd96-45619a55120d": "1Password",
+	"d548826e-79b4-db40-a3d8-11116f7e8349": "Bitwarden",
+	"531126d6-e717-415c-9320-3d9aa6981239": "Dashlane",
+	"b78a0a55-6ef8-d246-a042-ba0f6d55050c": "LastPass",
+	"b84e4048-15dc-4dd0-8640-f4f60813c8af": "NordPass",
+	"50726f74-6f6e-5061-7373-50726f746f6e": "Proton Pass",
+	"0ea242b4-43c4-4a1b-8b17-dd6d0b6baec6": "Keeper",
+	"53414d53-554e-4700-0000-000000000000": "Samsung Pass"
+};
+/**
+* Resolve a best-effort provider name for an authenticator AAGUID.
+*
+* Returns `undefined` when the AAGUID is unknown, empty, or the all-zero value
+* reported by privacy-preserving platforms. Casing and surrounding whitespace
+* are normalized before lookup.
+*
+* @example
+* ```ts
+* const label = passkey.name || getAuthenticatorName(passkey.aaguid) || "Passkey";
+* ```
+*/
+const ANONYMOUS_AAGUID = "00000000-0000-0000-0000-000000000000";
+const getAuthenticatorName = (aaguid) => {
+	const normalized = aaguid?.trim().toLowerCase();
+	if (!normalized || normalized === ANONYMOUS_AAGUID) return void 0;
+	const name = commonAuthenticatorNames[normalized];
+	return typeof name === "string" ? name : void 0;
+};
+//#endregion
 //#region src/index.ts
 const MAX_AGE_IN_SECONDS = 300;
 const passkey = (options) => {
@@ -686,4 +766,4 @@ const passkey = (options) => {
 	};
 };
 //#endregion
-export { PASSKEY_ERROR_CODES, passkey };
+export { PASSKEY_ERROR_CODES, commonAuthenticatorNames, getAuthenticatorName, passkey };

package/dist/{version-Bpv4-Vmt.mjs → version-vleaxnrJ.mjs}

@@ -18,6 +18,6 @@ const PASSKEY_ERROR_CODES = defineErrorCodes({
 });
 //#endregion
 //#region src/version.ts
-const PACKAGE_VERSION = "1.7.0-beta.0";
+const PACKAGE_VERSION = "1.7.0-beta.10";
 //#endregion
 export { PASSKEY_ERROR_CODES as n, PACKAGE_VERSION as t };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@better-auth/passkey",
-  "version": "1.7.0-beta.0",
+  "version": "1.7.0-beta.10",
   "description": "Passkey plugin for Better Auth",
   "type": "module",
   "license": "MIT",
@@ -49,22 +49,23 @@
     }
   },
   "dependencies": {
-    "@simplewebauthn/browser": "^13.2.2",
-    "@simplewebauthn/server": "^13.2.3",
+    "@simplewebauthn/browser": "^13.3.0",
+    "@simplewebauthn/server": "^13.3.1",
     "zod": "^4.3.6"
   },
   "devDependencies": {
+    "nanostores": "^1.3.0",
     "tsdown": "0.21.1",
-    "@better-auth/core": "1.7.0-beta.0",
-    "better-auth": "1.7.0-beta.0"
+    "@better-auth/core": "1.7.0-beta.10",
+    "better-auth": "1.7.0-beta.10"
   },
   "peerDependencies": {
-    "@better-auth/utils": "0.4.0",
-    "@better-fetch/fetch": "1.1.21",
-    "better-call": "1.3.5",
+    "@better-auth/utils": "0.4.2",
+    "@better-fetch/fetch": "1.3.1",
+    "better-call": "1.3.7",
     "nanostores": "^1.0.1",
-    "@better-auth/core": "^1.7.0-beta.0",
-    "better-auth": "^1.7.0-beta.0"
+    "@better-auth/core": "^1.7.0-beta.10",
+    "better-auth": "^1.7.0-beta.10"
   },
   "scripts": {
     "build": "tsdown",