npm - create-croissant - Versions diffs - 0.1.1 → 0.1.2 - Mend

create-croissant 0.1.1 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (56) hide show

package/package.json CHANGED Viewed

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "0.1.1",
+  "version": "0.1.2",
   "description": "Scaffold a new project using the Croissant Stack",
   "repository": {
     "type": "git",
@@ -32,7 +32,7 @@
     "execa": "^9.3.0",
     "fs-extra": "^11.2.0",
     "inquirer": "^13.4.2",
-    "ora": "^9.3.0"
+    "ora": "^9.4.0"
   },
   "devDependencies": {
     "@types/fs-extra": "^11.0.4",

package/template/apps/web/node_modules/@better-auth/core/dist/api/index.mjs CHANGED Viewed

@@ -1,6 +1,23 @@
 import { runWithEndpointContext } from "../context/endpoint-context.mjs";
-import { createEndpoint, createMiddleware } from "better-call";
+import { isAPIError } from "../utils/is-api-error.mjs";
+import { createEndpoint, createMiddleware, kAPIErrorHeaderSymbol } from "better-call";
 //#region src/api/index.ts
+/**
+* Better-call's createEndpoint re-throws APIError without exposing the headers
+* accumulated on ctx.responseHeaders (e.g. Set-Cookie from deleteSessionCookie
+* before throw). Attach them to the error via kAPIErrorHeaderSymbol — matching
+* better-call's createMiddleware contract so the outer pipeline can merge them
+* into the response.
+*/
+function attachResponseHeadersToAPIError(responseHeaders, e) {
+	if (!isAPIError(e) || !responseHeaders) return;
+	Object.defineProperty(e, kAPIErrorHeaderSymbol, {
+		enumerable: false,
+		configurable: true,
+		value: responseHeaders,
+		writable: false
+	});
+}
 const optionsMiddleware = createMiddleware(async () => {
 	/**
 	* This will be passed on the instance of
@@ -17,14 +34,23 @@ function createAuthEndpoint(pathOrOptions, handlerOrOptions, handlerOrNever) {
 	const path = typeof pathOrOptions === "string" ? pathOrOptions : void 0;
 	const options = typeof handlerOrOptions === "object" ? handlerOrOptions : pathOrOptions;
 	const handler = typeof handlerOrOptions === "function" ? handlerOrOptions : handlerOrNever;
+	const wrapped = async (ctx) => {
+		const runtimeCtx = ctx;
+		try {
+			return await runWithEndpointContext(ctx, () => handler(ctx));
+		} catch (e) {
+			attachResponseHeadersToAPIError(runtimeCtx.responseHeaders, e);
+			throw e;
+		}
+	};
 	if (path) return createEndpoint(path, {
 		...options,
 		use: [...options?.use || [], ...use]
-	}, async (ctx) => runWithEndpointContext(ctx, () => handler(ctx)));
+	}, wrapped);
 	return createEndpoint({
 		...options,
 		use: [...options?.use || [], ...use]
-	}, async (ctx) => runWithEndpointContext(ctx, () => handler(ctx)));
+	}, wrapped);
 }
 //#endregion
 export { createAuthEndpoint, createAuthMiddleware, optionsMiddleware };

package/template/apps/web/node_modules/@better-auth/core/dist/context/global.mjs CHANGED Viewed

@@ -2,7 +2,7 @@
 const symbol = Symbol.for("better-auth:global");
 let bind = null;
 const __context = {};
-const __betterAuthVersion = "1.6.6";
+const __betterAuthVersion = "1.6.7";
 /**
 * We store context instance in the globalThis.
 *

package/template/apps/web/node_modules/@better-auth/core/dist/db/adapter/factory.mjs CHANGED Viewed

@@ -1,7 +1,7 @@
+import { BetterAuthError } from "../../error/index.mjs";
 import { getAuthTables } from "../get-tables.mjs";
 import { getColorDepth } from "../../env/color-depth.mjs";
 import { TTY_COLORS, createLogger } from "../../env/logger.mjs";
-import { BetterAuthError } from "../../error/index.mjs";
 import { ATTR_DB_COLLECTION_NAME, ATTR_DB_OPERATION_NAME } from "../../instrumentation/attributes.mjs";
 import { withSpan } from "../../instrumentation/tracer.mjs";
 import { safeJSONParse } from "../../utils/json.mjs";

package/template/apps/web/node_modules/@better-auth/core/dist/instrumentation/api.mjs CHANGED Viewed

@@ -1,35 +1,5 @@
+import { noopOpenTelemetryAPI } from "./noop.mjs";
 //#region src/instrumentation/api.ts
-function createNoopSpan() {
-	return {
-		end() {},
-		setAttribute(_key, _value) {},
-		setStatus(_status) {},
-		recordException(_exception) {}
-	};
-}
-function createNoopTracer(noopSpanInstance) {
-	function startActiveSpan(_name, _options, fn) {
-		return fn(noopSpanInstance);
-	}
-	return { startActiveSpan };
-}
-function createNoopTraceAPI() {
-	const noopTracer = createNoopTracer(createNoopSpan());
-	return { getTracer(_name, _version) {
-		return noopTracer;
-	} };
-}
-function createNoopOpenTelemetryAPI() {
-	return {
-		SpanStatusCode: {
-			UNSET: 0,
-			OK: 1,
-			ERROR: 2
-		},
-		trace: createNoopTraceAPI()
-	};
-}
-const noopOpenTelemetryAPI = createNoopOpenTelemetryAPI();
 let openTelemetryAPIPromise;
 let openTelemetryAPI;
 function getOpenTelemetryAPI() {

package/template/apps/web/node_modules/@better-auth/core/dist/instrumentation/noop.mjs ADDED Viewed

@@ -0,0 +1,42 @@
+//#region src/instrumentation/noop.ts
+function createNoopSpan() {
+	const span = {
+		end() {},
+		setAttribute(_key, _value) {},
+		setStatus(_status) {},
+		recordException(_exception) {},
+		updateName(_name) {
+			return span;
+		}
+	};
+	return span;
+}
+function createNoopTracer(noopSpan) {
+	function startActiveSpan(_name, ...rest) {
+		const fn = rest[rest.length - 1];
+		return fn(noopSpan);
+	}
+	return { startActiveSpan };
+}
+function createNoopTraceAPI() {
+	const noopTracer = createNoopTracer(createNoopSpan());
+	return {
+		getTracer(_name, _version) {
+			return noopTracer;
+		},
+		getActiveSpan() {}
+	};
+}
+function createNoopOpenTelemetryAPI() {
+	return {
+		SpanStatusCode: {
+			UNSET: 0,
+			OK: 1,
+			ERROR: 2
+		},
+		trace: createNoopTraceAPI()
+	};
+}
+const noopOpenTelemetryAPI = createNoopOpenTelemetryAPI();
+//#endregion
+export { noopOpenTelemetryAPI };

package/template/apps/web/node_modules/@better-auth/core/dist/instrumentation/pure.index.d.mts ADDED Viewed

@@ -0,0 +1,7 @@
+import { ATTR_CONTEXT, ATTR_DB_COLLECTION_NAME, ATTR_DB_OPERATION_NAME, ATTR_HOOK_TYPE, ATTR_HTTP_RESPONSE_STATUS_CODE, ATTR_HTTP_ROUTE, ATTR_OPERATION_ID } from "./attributes.mjs";
+//#region src/instrumentation/pure.index.d.ts
+declare function withSpan<T>(name: string, attributes: Record<string, string | number | boolean>, fn: () => T): T;
+declare function withSpan<T>(name: string, attributes: Record<string, string | number | boolean>, fn: () => Promise<T>): Promise<T>;
+//#endregion
+export { ATTR_CONTEXT, ATTR_DB_COLLECTION_NAME, ATTR_DB_OPERATION_NAME, ATTR_HOOK_TYPE, ATTR_HTTP_RESPONSE_STATUS_CODE, ATTR_HTTP_ROUTE, ATTR_OPERATION_ID, withSpan };

package/template/apps/web/node_modules/@better-auth/core/dist/instrumentation/pure.index.mjs ADDED Viewed

@@ -0,0 +1,7 @@
+import { ATTR_CONTEXT, ATTR_DB_COLLECTION_NAME, ATTR_DB_OPERATION_NAME, ATTR_HOOK_TYPE, ATTR_HTTP_RESPONSE_STATUS_CODE, ATTR_HTTP_ROUTE, ATTR_OPERATION_ID } from "./attributes.mjs";
+//#region src/instrumentation/pure.index.ts
+function withSpan(_name, _attributes, fn) {
+	return fn();
+}
+//#endregion
+export { ATTR_CONTEXT, ATTR_DB_COLLECTION_NAME, ATTR_DB_OPERATION_NAME, ATTR_HOOK_TYPE, ATTR_HTTP_RESPONSE_STATUS_CODE, ATTR_HTTP_ROUTE, ATTR_OPERATION_ID, withSpan };

package/template/apps/web/node_modules/@better-auth/core/dist/instrumentation/tracer.mjs CHANGED Viewed

@@ -2,7 +2,7 @@ import { ATTR_HTTP_RESPONSE_STATUS_CODE } from "./attributes.mjs";
 import { getOpenTelemetryAPI } from "./api.mjs";
 //#region src/instrumentation/tracer.ts
 const INSTRUMENTATION_SCOPE = "better-auth";
-const INSTRUMENTATION_VERSION = "1.6.6";
+const INSTRUMENTATION_VERSION = "1.6.7";
 /**
 * Better-auth uses `throw ctx.redirect(url)` for flow control (e.g. OAuth
 * callbacks). These are APIErrors with 3xx status codes and should not be

package/template/apps/web/node_modules/@better-auth/core/dist/oauth2/index.d.mts CHANGED Viewed

@@ -2,7 +2,7 @@ import { OAuth2Tokens, OAuth2UserInfo, OAuthProvider, ProviderOptions } from "./
 import { clientCredentialsToken, clientCredentialsTokenRequest, createClientCredentialsTokenRequest } from "./client-credentials-token.mjs";
 import { createAuthorizationURL } from "./create-authorization-url.mjs";
 import { createRefreshAccessTokenRequest, refreshAccessToken, refreshAccessTokenRequest } from "./refresh-access-token.mjs";
-import { generateCodeChallenge, getOAuth2Tokens } from "./utils.mjs";
+import { generateCodeChallenge, getOAuth2Tokens, getPrimaryClientId } from "./utils.mjs";
 import { authorizationCodeRequest, createAuthorizationCodeRequest, validateAuthorizationCode, validateToken } from "./validate-authorization-code.mjs";
 import { getJwks, verifyAccessToken, verifyJwsAccessToken } from "./verify.mjs";
-export { type OAuth2Tokens, type OAuth2UserInfo, type OAuthProvider, type ProviderOptions, authorizationCodeRequest, clientCredentialsToken, clientCredentialsTokenRequest, createAuthorizationCodeRequest, createAuthorizationURL, createClientCredentialsTokenRequest, createRefreshAccessTokenRequest, generateCodeChallenge, getJwks, getOAuth2Tokens, refreshAccessToken, refreshAccessTokenRequest, validateAuthorizationCode, validateToken, verifyAccessToken, verifyJwsAccessToken };
+export { type OAuth2Tokens, type OAuth2UserInfo, type OAuthProvider, type ProviderOptions, authorizationCodeRequest, clientCredentialsToken, clientCredentialsTokenRequest, createAuthorizationCodeRequest, createAuthorizationURL, createClientCredentialsTokenRequest, createRefreshAccessTokenRequest, generateCodeChallenge, getJwks, getOAuth2Tokens, getPrimaryClientId, refreshAccessToken, refreshAccessTokenRequest, validateAuthorizationCode, validateToken, verifyAccessToken, verifyJwsAccessToken };

package/template/apps/web/node_modules/@better-auth/core/dist/oauth2/index.mjs CHANGED Viewed

@@ -1,7 +1,7 @@
 import { clientCredentialsToken, clientCredentialsTokenRequest, createClientCredentialsTokenRequest } from "./client-credentials-token.mjs";
-import { generateCodeChallenge, getOAuth2Tokens } from "./utils.mjs";
+import { generateCodeChallenge, getOAuth2Tokens, getPrimaryClientId } from "./utils.mjs";
 import { createAuthorizationURL } from "./create-authorization-url.mjs";
 import { createRefreshAccessTokenRequest, refreshAccessToken, refreshAccessTokenRequest } from "./refresh-access-token.mjs";
 import { authorizationCodeRequest, createAuthorizationCodeRequest, validateAuthorizationCode, validateToken } from "./validate-authorization-code.mjs";
 import { getJwks, verifyAccessToken, verifyJwsAccessToken } from "./verify.mjs";
-export { authorizationCodeRequest, clientCredentialsToken, clientCredentialsTokenRequest, createAuthorizationCodeRequest, createAuthorizationURL, createClientCredentialsTokenRequest, createRefreshAccessTokenRequest, generateCodeChallenge, getJwks, getOAuth2Tokens, refreshAccessToken, refreshAccessTokenRequest, validateAuthorizationCode, validateToken, verifyAccessToken, verifyJwsAccessToken };
+export { authorizationCodeRequest, clientCredentialsToken, clientCredentialsTokenRequest, createAuthorizationCodeRequest, createAuthorizationURL, createClientCredentialsTokenRequest, createRefreshAccessTokenRequest, generateCodeChallenge, getJwks, getOAuth2Tokens, getPrimaryClientId, refreshAccessToken, refreshAccessTokenRequest, validateAuthorizationCode, validateToken, verifyAccessToken, verifyJwsAccessToken };

package/template/apps/web/node_modules/@better-auth/core/dist/oauth2/utils.d.mts CHANGED Viewed

@@ -2,6 +2,15 @@ import { OAuth2Tokens } from "./oauth-provider.mjs";
 //#region src/oauth2/utils.d.ts
 declare function getOAuth2Tokens(data: Record<string, any>): OAuth2Tokens;
+/**
+ * Return the provider's primary Client ID: the single string, or the entry at
+ * array index 0 for the cross-platform form used by ID token audience
+ * verification. Index 0 is the designated primary and pairs with
+ * `clientSecret` for the authorization code flow; later array entries are
+ * only used as additional accepted audiences. Returns `undefined` when the
+ * primary value is missing or an empty string.
+ */
+declare function getPrimaryClientId(clientId: unknown): string | undefined;
 declare function generateCodeChallenge(codeVerifier: string): Promise<string>;
 //#endregion
-export { generateCodeChallenge, getOAuth2Tokens };
+export { generateCodeChallenge, getOAuth2Tokens, getPrimaryClientId };

package/template/apps/web/node_modules/@better-auth/core/dist/oauth2/utils.mjs CHANGED Viewed

@@ -16,10 +16,22 @@ function getOAuth2Tokens(data) {
 		raw: data
 	};
 }
+/**
+* Return the provider's primary Client ID: the single string, or the entry at
+* array index 0 for the cross-platform form used by ID token audience
+* verification. Index 0 is the designated primary and pairs with
+* `clientSecret` for the authorization code flow; later array entries are
+* only used as additional accepted audiences. Returns `undefined` when the
+* primary value is missing or an empty string.
+*/
+function getPrimaryClientId(clientId) {
+	const value = Array.isArray(clientId) ? clientId[0] : clientId;
+	return typeof value === "string" && value.length > 0 ? value : void 0;
+}
 async function generateCodeChallenge(codeVerifier) {
 	const data = new TextEncoder().encode(codeVerifier);
 	const hash = await crypto.subtle.digest("SHA-256", data);
 	return base64Url.encode(new Uint8Array(hash), { padding: false });
 }
 //#endregion
-export { generateCodeChallenge, getOAuth2Tokens };
+export { generateCodeChallenge, getOAuth2Tokens, getPrimaryClientId };

package/template/apps/web/node_modules/@better-auth/core/dist/social-providers/apple.d.mts CHANGED Viewed

@@ -60,7 +60,7 @@ interface AppleNonConformUser {
   email: string;
 }
 interface AppleOptions extends ProviderOptions<AppleProfile> {
-  clientId: string;
+  clientId: string | string[];
   appBundleIdentifier?: string | undefined;
   audience?: (string | string[]) | undefined;
 }
@@ -93,7 +93,16 @@ declare const apple: (options: AppleOptions) => {
   refreshAccessToken: (refreshToken: string) => Promise<OAuth2Tokens>;
   getUserInfo(token: OAuth2Tokens & {
     user?: {
-      name?: {
+      name?
+      /**
+      * An Integer value that indicates whether the user appears to be a real
+      * person. Use the value of this claim to mitigate fraud. The possible
+      * values are: 0 (or Unsupported), 1 (or Unknown), 2 (or LikelyReal). For
+      * more information, see ASUserDetectionStatus. This claim is present only
+      * in iOS 14 and later, macOS 11 and later, watchOS 7 and later, tvOS 14
+      * and later. The claim isn’t present or supported for web-based apps.
+      */
+      : {
         firstName?: string;
         lastName?: string;
       };

package/template/apps/web/node_modules/@better-auth/core/dist/social-providers/apple.mjs CHANGED Viewed

@@ -1,4 +1,6 @@
-import { APIError } from "../error/index.mjs";
+import { APIError, BetterAuthError } from "../error/index.mjs";
+import { logger } from "../env/logger.mjs";
+import { getPrimaryClientId } from "../oauth2/utils.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";
@@ -11,6 +13,10 @@ const apple = (options) => {
 		id: "apple",
 		name: "Apple",
 		async createAuthorizationURL({ state, scopes, redirectURI }) {
+			if (!getPrimaryClientId(options.clientId) || !options.clientSecret) {
+				logger.error("Client ID and client secret are required for Apple. Make sure to provide them in the options.");
+				throw new BetterAuthError("CLIENT_ID_AND_SECRET_REQUIRED");
+			}
 			const _scope = options.disableDefaultScope ? [] : ["email", "name"];
 			if (options.scope) _scope.push(...options.scope);
 			if (scopes) _scope.push(...scopes);

package/template/apps/web/node_modules/@better-auth/core/dist/social-providers/atlassian.mjs CHANGED Viewed

@@ -1,5 +1,5 @@
-import { logger } from "../env/logger.mjs";
 import { BetterAuthError } from "../error/index.mjs";
+import { logger } from "../env/logger.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";

package/template/apps/web/node_modules/@better-auth/core/dist/social-providers/cognito.d.mts CHANGED Viewed

@@ -19,7 +19,7 @@ interface CognitoProfile {
   [key: string]: any;
 }
 interface CognitoOptions extends ProviderOptions<CognitoProfile> {
-  clientId: string;
+  clientId: string | string[];
   /**
    * The Cognito domain (e.g., "your-app.auth.us-east-1.amazoncognito.com")
    */

package/template/apps/web/node_modules/@better-auth/core/dist/social-providers/cognito.mjs CHANGED Viewed

@@ -1,5 +1,6 @@
-import { logger } from "../env/logger.mjs";
 import { APIError, BetterAuthError } from "../error/index.mjs";
+import { logger } from "../env/logger.mjs";
+import { getPrimaryClientId } from "../oauth2/utils.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";
@@ -19,7 +20,7 @@ const cognito = (options) => {
 		id: "cognito",
 		name: "Cognito",
 		async createAuthorizationURL({ state, scopes, codeVerifier, redirectURI }) {
-			if (!options.clientId) {
+			if (!getPrimaryClientId(options.clientId)) {
 				logger.error("ClientId is required for Amazon Cognito. Make sure to provide them in the options.");
 				throw new BetterAuthError("CLIENT_ID_AND_SECRET_REQUIRED");
 			}

package/template/apps/web/node_modules/@better-auth/core/dist/social-providers/facebook.d.mts CHANGED Viewed

@@ -15,7 +15,7 @@ interface FacebookProfile {
   };
 }
 interface FacebookOptions extends ProviderOptions<FacebookProfile> {
-  clientId: string;
+  clientId: string | string[];
   /**
    * Extend list of fields to retrieve from the Facebook user profile.
    *

package/template/apps/web/node_modules/@better-auth/core/dist/social-providers/facebook.mjs CHANGED Viewed

@@ -1,3 +1,6 @@
+import { BetterAuthError } from "../error/index.mjs";
+import { logger } from "../env/logger.mjs";
+import { getPrimaryClientId } from "../oauth2/utils.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";
@@ -9,6 +12,10 @@ const facebook = (options) => {
 		id: "facebook",
 		name: "Facebook",
 		async createAuthorizationURL({ state, scopes, redirectURI, loginHint }) {
+			if (!getPrimaryClientId(options.clientId) || !options.clientSecret) {
+				logger.error("Client ID and client secret are required for Facebook. Make sure to provide them in the options.");
+				throw new BetterAuthError("CLIENT_ID_AND_SECRET_REQUIRED");
+			}
 			const _scopes = options.disableDefaultScope ? [] : ["email", "public_profile"];
 			if (options.scope) _scopes.push(...options.scope);
 			if (scopes) _scopes.push(...scopes);

package/template/apps/web/node_modules/@better-auth/core/dist/social-providers/figma.mjs CHANGED Viewed

@@ -1,5 +1,5 @@
-import { logger } from "../env/logger.mjs";
 import { BetterAuthError } from "../error/index.mjs";
+import { logger } from "../env/logger.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";

package/template/apps/web/node_modules/@better-auth/core/dist/social-providers/google.d.mts CHANGED Viewed

@@ -27,7 +27,7 @@ interface GoogleProfile {
   sub: string;
 }
 interface GoogleOptions extends ProviderOptions<GoogleProfile> {
-  clientId: string;
+  clientId: string | string[];
   /**
    * The access type to use for the authorization code request
    */

package/template/apps/web/node_modules/@better-auth/core/dist/social-providers/google.mjs CHANGED Viewed

@@ -1,5 +1,6 @@
-import { logger } from "../env/logger.mjs";
 import { APIError, BetterAuthError } from "../error/index.mjs";
+import { logger } from "../env/logger.mjs";
+import { getPrimaryClientId } from "../oauth2/utils.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";
@@ -11,7 +12,7 @@ const google = (options) => {
 		id: "google",
 		name: "Google",
 		async createAuthorizationURL({ state, scopes, codeVerifier, redirectURI, loginHint, display }) {
-			if (!options.clientId || !options.clientSecret) {
+			if (!getPrimaryClientId(options.clientId) || !options.clientSecret) {
 				logger.error("Client Id and Client Secret is required for Google. Make sure to provide them in the options.");
 				throw new BetterAuthError("CLIENT_ID_AND_SECRET_REQUIRED");
 			}

package/template/apps/web/node_modules/@better-auth/core/dist/social-providers/microsoft-entra-id.d.mts CHANGED Viewed

@@ -104,7 +104,7 @@ interface MicrosoftEntraIDProfile extends Record<string, any> {
   given_name: string;
 }
 interface MicrosoftOptions extends ProviderOptions<MicrosoftEntraIDProfile> {
-  clientId: string;
+  clientId: string | string[];
   /**
    * The tenant ID of the Microsoft account
    * @default "common"
@@ -151,7 +151,7 @@ declare const microsoft: (options: MicrosoftOptions) => {
     user?: {
       name?: {
         firstName?: string;
-        lastName?: string;
+        lastName? /** The primary username that represents the user */: string;
       };
       email?: string;
     } | undefined;

package/template/apps/web/node_modules/@better-auth/core/dist/social-providers/microsoft-entra-id.mjs CHANGED Viewed

@@ -1,5 +1,6 @@
+import { APIError, BetterAuthError } from "../error/index.mjs";
 import { logger } from "../env/logger.mjs";
-import { APIError } from "../error/index.mjs";
+import { getPrimaryClientId } from "../oauth2/utils.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";
@@ -16,6 +17,10 @@ const microsoft = (options) => {
 		id: "microsoft",
 		name: "Microsoft EntraID",
 		createAuthorizationURL(data) {
+			if (!getPrimaryClientId(options.clientId)) {
+				logger.error("Client Id is required for Microsoft Entra ID. Make sure to provide it in the options.");
+				throw new BetterAuthError("CLIENT_ID_AND_SECRET_REQUIRED");
+			}
 			const scopes = options.disableDefaultScope ? [] : [
 				"openid",
 				"profile",

package/template/apps/web/node_modules/@better-auth/core/dist/social-providers/paybin.mjs CHANGED Viewed

@@ -1,5 +1,5 @@
-import { logger } from "../env/logger.mjs";
 import { BetterAuthError } from "../error/index.mjs";
+import { logger } from "../env/logger.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";

package/template/apps/web/node_modules/@better-auth/core/dist/social-providers/paypal.mjs CHANGED Viewed

@@ -1,5 +1,5 @@
-import { logger } from "../env/logger.mjs";
 import { BetterAuthError } from "../error/index.mjs";
+import { logger } from "../env/logger.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { base64 } from "@better-auth/utils/base64";
 import { betterFetch } from "@better-fetch/fetch";

package/template/apps/web/node_modules/@better-auth/core/dist/social-providers/salesforce.mjs CHANGED Viewed

@@ -1,5 +1,5 @@
-import { logger } from "../env/logger.mjs";
 import { BetterAuthError } from "../error/index.mjs";
+import { logger } from "../env/logger.mjs";
 import { createAuthorizationURL } from "../oauth2/create-authorization-url.mjs";
 import { refreshAccessToken } from "../oauth2/refresh-access-token.mjs";
 import { validateAuthorizationCode } from "../oauth2/validate-authorization-code.mjs";

package/template/apps/web/node_modules/@better-auth/core/dist/utils/is-api-error.d.mts ADDED Viewed

@@ -0,0 +1,6 @@
+import { APIError } from "../error/index.mjs";
+//#region src/utils/is-api-error.d.ts
+declare function isAPIError(error: unknown): error is APIError;
+//#endregion
+export { isAPIError };

package/template/apps/web/node_modules/@better-auth/core/dist/utils/is-api-error.mjs ADDED Viewed

@@ -0,0 +1,8 @@
+import { APIError as APIError$1 } from "../error/index.mjs";
+import { APIError } from "better-call";
+//#region src/utils/is-api-error.ts
+function isAPIError(error) {
+	return error instanceof APIError || error instanceof APIError$1 || error?.name === "APIError";
+}
+//#endregion
+export { isAPIError };

package/template/apps/web/node_modules/@better-auth/core/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@better-auth/core",
-  "version": "1.6.6",
+  "version": "1.6.7",
   "description": "The most comprehensive authentication framework for TypeScript.",
   "type": "module",
   "license": "MIT",
@@ -93,6 +93,12 @@
     "./instrumentation": {
       "dev-source": "./src/instrumentation/index.ts",
       "types": "./dist/instrumentation/index.d.mts",
+      "node": "./dist/instrumentation/index.mjs",
+      "deno": "./dist/instrumentation/index.mjs",
+      "bun": "./dist/instrumentation/index.mjs",
+      "edge": "./dist/instrumentation/pure.index.mjs",
+      "workerd": "./dist/instrumentation/index.mjs",
+      "browser": "./dist/instrumentation/pure.index.mjs",
       "default": "./dist/instrumentation/index.mjs"
     }
   },

package/template/apps/web/node_modules/@better-auth/core/src/api/index.ts CHANGED Viewed

@@ -3,9 +3,34 @@ import type {
 	EndpointOptions,
 	StrictEndpoint,
 } from "better-call";
-import { createEndpoint, createMiddleware } from "better-call";
+import {
+	createEndpoint,
+	createMiddleware,
+	kAPIErrorHeaderSymbol,
+} from "better-call";
 import { runWithEndpointContext } from "../context";
 import type { AuthContext } from "../types";
+import { isAPIError } from "../utils/is-api-error";
+/**
+ * Better-call's createEndpoint re-throws APIError without exposing the headers
+ * accumulated on ctx.responseHeaders (e.g. Set-Cookie from deleteSessionCookie
+ * before throw). Attach them to the error via kAPIErrorHeaderSymbol — matching
+ * better-call's createMiddleware contract so the outer pipeline can merge them
+ * into the response.
+ */
+function attachResponseHeadersToAPIError(
+	responseHeaders: Headers | undefined,
+	e: unknown,
+): void {
+	if (!isAPIError(e) || !responseHeaders) return;
+	Object.defineProperty(e, kAPIErrorHeaderSymbol, {
+		enumerable: false,
+		configurable: true,
+		value: responseHeaders,
+		writable: false,
+	});
+}
 export const optionsMiddleware = createMiddleware(async () => {
 	/**
@@ -76,6 +101,17 @@ export function createAuthEndpoint<
 	const handler: EndpointHandler<Path, Opts, R> =
 		typeof handlerOrOptions === "function" ? handlerOrOptions : handlerOrNever;
+	// todo: prettify the code, we want to call `runWithEndpointContext` to top level
+	const wrapped: EndpointHandler<Path, Opts, R> = async (ctx) => {
+		const runtimeCtx = ctx as unknown as { responseHeaders?: Headers };
+		try {
+			return await runWithEndpointContext(ctx as any, () => handler(ctx));
+		} catch (e) {
+			attachResponseHeadersToAPIError(runtimeCtx.responseHeaders, e);
+			throw e;
+		}
+	};
 	if (path) {
 		return createEndpoint(
 			path,
@@ -83,8 +119,7 @@ export function createAuthEndpoint<
 				...options,
 				use: [...(options?.use || []), ...use],
 			},
-			// todo: prettify the code, we want to call `runWithEndpointContext` to top level
-			async (ctx) => runWithEndpointContext(ctx as any, () => handler(ctx)),
+			wrapped,
 		);
 	}
@@ -93,8 +128,7 @@ export function createAuthEndpoint<
 			...options,
 			use: [...(options?.use || []), ...use],
 		},
-		// todo: prettify the code, we want to call `runWithEndpointContext` to top level
-		async (ctx) => runWithEndpointContext(ctx as any, () => handler(ctx)),
+		wrapped,
 	);
 }

package/template/apps/web/node_modules/@better-auth/core/src/instrumentation/api.ts CHANGED Viewed

@@ -1,52 +1,5 @@
-import type { Span, Tracer } from "@opentelemetry/api";
-type OpenTelemetryAPI = Pick<
-	typeof import("@opentelemetry/api"),
-	"trace" | "SpanStatusCode"
->;
-function createNoopSpan(): Span {
-	return {
-		end(): void {},
-		setAttribute(_key: string, _value: unknown): void {},
-		setStatus(_status: unknown): void {},
-		recordException(_exception: unknown): void {},
-	} as Span;
-}
-function createNoopTracer(noopSpanInstance: Span): Tracer {
-	function startActiveSpan<F extends (span: Span) => unknown>(
-		_name: string,
-		_options: { attributes?: Record<string, string | number | boolean> },
-		fn: F,
-	): ReturnType<F> {
-		return fn(noopSpanInstance) as ReturnType<F>;
-	}
-	return { startActiveSpan } as Tracer;
-}
-function createNoopTraceAPI() {
-	const noopTracer = createNoopTracer(createNoopSpan());
-	return {
-		getTracer(_name?: string, _version?: string) {
-			return noopTracer;
-		},
-	};
-}
-function createNoopOpenTelemetryAPI(): OpenTelemetryAPI {
-	return {
-		SpanStatusCode: {
-			UNSET: 0,
-			OK: 1,
-			ERROR: 2,
-		},
-		trace: createNoopTraceAPI(),
-	} as OpenTelemetryAPI;
-}
-const noopOpenTelemetryAPI = createNoopOpenTelemetryAPI();
+import type { OpenTelemetryAPI } from "./noop";
+import { noopOpenTelemetryAPI } from "./noop";
 let openTelemetryAPIPromise: Promise<void> | undefined;
 let openTelemetryAPI: OpenTelemetryAPI | undefined;