chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@auth/core (source)	^0.17.0 -> ^0.37.2
@nuxt/kit (source)	^3.7.4 -> ^3.13.2
@nuxt/module-builder	^0.5.2 -> ^0.8.4
@nuxt/test-utils	^3.7.4 -> ^3.14.4
@panva/hkdf	^1.1.1 -> ^1.2.1
@types/node (source)	^20.8.7 -> ^20.17.1
bumpp	^9.2.0 -> ^9.7.1
bun-types (source)	^1.0.6 -> ^1.1.33
cookie-es	^1.0.0 -> ^1.2.2
defu	^6.1.2 -> ^6.1.4
eslint (source)	8.51.0 -> 8.57.1
eslint-plugin-import	^2.28.1 -> ^2.31.0
immer	^10.0.3 -> ^10.1.1
jose	^4.15.4 -> ^4.15.9
lint-staged	^15.0.1 -> ^15.2.10
nuxt (source)	^3.7.4 -> ^3.13.2
pnpm (source)	8.9.2 -> 8.15.9
prettier (source)	^3.0.3 -> ^3.3.3
rimraf	^5.0.5 -> ^5.0.10
simple-git-hooks	^2.9.0 -> ^2.11.1
taze	^0.11.4 -> ^0.17.2
typescript (source)	^5.2.2 -> ^5.6.3
vitepress (source)	1.0.0-rc.22 -> 1.4.1

---

Release Notes

nextauthjs/next-auth (@​auth/core)

v0.37.2

Compare Source

Bugfixes

• core: adds 'none' token endpoint auth method for oauth and oidc (#​12066) (be6d169)
• providers: conform Apple (#​12068) (2810f6b)

v0.37.1

Compare Source

Bugfixes

• providers: conform Entra ID when responding with the wrong issuer (#​11980) (e981e4d)

v0.37.0

Compare Source

Features

• providers: re-introduce Atlassian (with OAuth 2) (#​11987) (2d67f11)

v0.36.0

Compare Source

Features

• oauth: expose custom fetch (#​11975) (fedff04)

Bugfixes

• correctly set isNewUser during account linking & user creation

Other

• core: upgrade deps (917cb2c)
• stricter isDate (#​11953)

v0.35.3

Compare Source

Bugfixes

• providers: convert Salesforce to OIDC (#​11918) (f6b7228)
• proxy: improve redirect proxy logic (#​11517) (cce637c)

v0.35.2

Compare Source

Bugfixes

• providers: make identifier param optional (3e8a648)
• providers: optionally check identifier (54ba689)

v0.35.1

Compare Source

Bugfixes

• getToken: make 'secret' optional when raw JWT is requested (#​11894) (3744f56)
• providers: bug when using nodemailer with SES (#​11865) (181c6b8)
• providers: set the issue url to be the correct production one in vipps provider (#​11869) (4b784c5)
• test: improve adapter test suite (#​11904) (96f49e0)
• typo "propery" -> "property" (#​11871)

v0.35.0

Compare Source

Features

• providers: add Forward Email provider (#​11836) (1073030)
• providers: Add Concept2 provider (#​11817) (edfa5e5)
• providers: add Vipps provider (#​11832) (120f550)
• providers: add Mailgun email provider (#​11723) (cfcb221)
• providers: Add Eventbrite provider (#​11645) (e65759b)
• providers: Add Ping Identity provider (#​6614) (ed6b48c)
• providers: Add Roblox provider (#​11515) (208410d)
• providers: add wechat provider (#​10236) (d1dfb52)
• providers: Add Kinde OAuth provider (#​11581) (51c0bbd)

Bugfixes

• core: Improve object merging (#​11685) (b080a49)
• core: invalid url error when using custom error page (#​11381) (4a8ab0f)
• eslint: all outstanding eslint/test issues (re:eslint9/flatconfig upgrade) (#​11750) (abb4dcd)
• next-auth: Avoid excessive basePath redundant warning (#​11636) (69c0b58)
• provider: Fix import path in Eventbrite provider (#​11652) (9b8614f)
• provider: update TikTok provider (#​11308) (a681cba)
• provider: update tiktok token url (#​10728) (0410ae5)
• providers: support different applications in Descope + Widget docs (#​11847) (a5dacb3)
• providers: allow for custom http mail implementations off of nodemailer (#​11686) (bbc6710)
• providers: Azure AD image fetch try catch (#​11821) (270fc6c)
• providers: fix Eventbrite config (5c721d7)
• providers: update Descope docs, tweak default config (#​11377) (0d73205)
• providers: dropbox userinfo request is post (#​11397) (#​11446) (bbd3af6)
• ts: update GetTokenParams type definition to make salt optional (#​11572) (1279593)
• tsconfig: update extends property in packages configuration (#​11666) (e6eaa95)
• Update Apple provider config (#​11453)
• Use sub instead of id in Gitlab (#​11176)
• remove global logger (#​11565)

Other

• next-auth: fix e2e tests (#​11737) (8c52012)
• fix
• fix lint
• Fix formatting (#​11592)
• add link to providers page (#​11178)
• feat(providers): add Nextcloud provider (#​11837)
• Enable prettier plugins (#​11623)

v0.34.2

Compare Source

Bugfixes

• core: revert #​11050 (#​11469) (0f83056)
• providers: add State check to Eveonline (#​11111) (b690dac)
• providers: Apple checks should be ['state', 'nonce'] (#​11239) (8ea51aa)
• providers: make connection optional on WorkOS (#​11270) (14b075d)

Other

• core: remove extra dot in some AuthError messages (#​10964) (aefae63)
• providers: update Foursquare API Docs URL (#​11310) (3cba5e2)
• change MissingCSRF reference path (#​11464)
• fix grammatical error (#​11260)

v0.34.1

Compare Source

Bugfixes

• Add default exports to package.json for better module support (#​11224)

v0.34.0

Compare Source

Features

• providers: add threads (#​11215) (4e9d2a2)

v0.33.0

Compare Source

Features

• core: support private_key_jwt token auth method (#​11132) (d8a9188)
• core: re-introduce idToken: boolean (#​11161) (b56b928)
• providers: Add BankID Norge provider (#​11162) (d38fdef)
• Add form-post specification (#​8428)

Bugfixes

• core/providers/osu: Correct the type of OsuProfile.id (#​10340) (0e0c7b6)
• providers: Correct Coinbase endpoints (#​11153) (28e780f)
• change API domain for twitter provider (#​11047)

Other

• providers: update Netsuite button rendering colors (#​11099) (63fd886)
• pnpm format (#​11078)
• Fix some documentation issues (#​10980)

v0.32.0

Compare Source

Features

• providers: add SimpleLogin oidc (#​10491) (0b321a0)
• use NodeNext module resolution (#​9953)

Bugfixes

• core: Ensure oauth4webapi uses a stable customFetch API (#​10978) (f1bf7ae)
• core: centralize isDate util fn and use in all adapters (#​10872) (e2eacc2)
• errors: do not log authjs message with CredentialsSiginin error (#​11050) (d089923)

Other

• docs: clean up missing npm2yarn and other formatting (#​11041) (77b20d5)
• docs: Microsoft Entra ID typos (#​10834) (d53d47c)
• docs: fix bold style to AuthAction types (#​10893) (4ab5f71)
• fix core prettier

v0.31.0

Compare Source

Features

• providers: add NetSuite OAuth Provider (#​8865) (4c4d036)
• sveltekit: webauthn provider support (#​9924) (e17cc71)

Bugfixes

• core: update WebAuthn authenticator schemas and types (#​10861) (5e55331)
• core: support trailingSlash in providerAndAccountId parsing (#​10752) (46f9582)
• providers: update linkedin oidc issuer (#​10671) (6cb874e)
• correct contributor lists (#​10742)
• strip code_verifier from request body when the provider doesn't support PKCE (#​10765)

Other

• adapters: cleanup extraneous documentation in adapter and fix testing and release GHA (#​10854) (8751fa4)
• docs: specify exact version for simpleweabuthn peer dep installation (e332a41)
• providers: cleanup NetSuite (#​10783) (e6f90b2)
• types: separately export AdapterAccountType (#​10832) (bfa7079)
• fix casings (#​10782)
• fix GitHub typo (#​10781)

v0.30.0

Compare Source

Features

• providers: add Microsoft Entra ID provider (#​10497) (536f208)
• providers: drop Atlassian (OAuth 1.0) (22860bb)

Bugfixes

• pages: cleanup oauth provider branded buttons (#​10542) (710df18)
• providers: update providers config from verification walk-throughs (#​10582) (85ab5fa)
• ts: reduce public type surface (#​10557) (6ddc329)
• don't require secret at build-time (#​10592)

Other

• core: update links in typedocs to new docs URLs (#​10560) (6aa4c44)
• core: rm unnecessary typedoc callout (ff7810f)
• salesforce: fix multiple typos in provider (1de6bc7)

v0.29.0

Compare Source

Features

• providers: Add Postmark email provider (#​10512) (c97431b)
• providers: add Microsoft Entra ID provider (#​10497) (2f64701)
• providers: drop Atlassian (OAuth 1.0) (cb1a260)

Bugfixes

• docs: correct link to list of adapters (#​10451) (bb4dc18)
• env: handle provider id's with - durinv env inference (4dfc8af)
• providers: update Facebook OAuth dialog API (5dec6fd)
• providers: make webex apiBaseUrl optional (#​10354) (edc4fe4)
• infer providers logo filename (#​10496)

Other

• docs: update azure-ad.ts (#​10448) (8120fd4)
• examples: use string as authorization (5ae5009)
• revert
• comment todo

v0.28.2

Compare Source

Bugfixes

• core: createActionURL set detectedProtocol correctly (#​10421) (246a838)

v0.28.1

Compare Source

Bugfixes

• core: ignore basePath if pages configuration (#​10288) (9c56e69)
• core: cannot parse action at /session (#​10094) (4a2d511)
• tests: setEnvDefaults test with AUTH_SECRET/config.secret values (#​10400) (86c8822)
• export CredentialsSignin class to extend in custom authorize errors (#​10200)
• throw MissingSecret when secret missing (#​10305)

Other

• adapters: fix link leading to 404 (#​10217) (52758a9)
• core: fix failed tests for webauthn (#​10281) (9a5416b)
• jsdoc: note different default basePaths (#​10239) (e9a3e8e)
• cleanup nextjs dev/example middleware.ts file (#​10222)
• fix punctuation in error logging wrapper (#​10186)

v0.28.0

Compare Source

Features

• customizable authorize() error (#​9871)

Bugfixes

• docs: webex provider jsdoc (#​10126) (5081a62)

Other

• docs: fix typo in types.ts (#​10053) (e9f387f)
• tests: reenable unit tests in CI and cleanup docker test setups (#​10190) (5136ca4)
• add new example app for nextjs and Docker (#​10118)
• high-level tests (#​10017)

v0.27.0

Compare Source

Features

• providers: add webex oauth (#​9653) (8be77d3)
• support Cloudflare Pages (#​9895)

Bugfixes

• providers: missing profile.id field in OIDC providers (#​10008) (744043b)
• bump @​simplewebauth/server@​9.0.2 (#​9980)
• put email helpers into own files to avoid nodemailer import (#​9964)

Other

• update playwright setup with poms (#​10012)
• fix E2E @playwright/test tests (#​9944)

v0.26.3

Compare Source

Bugfixes

• ts: correctly type Auth overload (8cbf38c)
• remove unnecessary /signout appending to signout form action URL (#​9901)
• mismatched account.providerAccountId (#​9932)

v0.26.2

Compare Source

Bugfixes

• fix .js imports
• use correct script src for @simplewebauthn/browser

v0.26.1

Compare Source

Bugfixes

• don't break on Edge runtime when WebAuthn isn't used (#​9919)

v0.26.0

Compare Source

Features

• Passkey / WebAuthn provider (experimental) (#​8808)

Other

• swap sass css-nesting for css standard nesting postcss plugin (#​9887)

v0.25.1

Compare Source

Bugfixes

• properly extend NodemailerConfig by EmailConfig (#​9890)

Other

• core: export isAuthAction (#​9896) (bb741d9)
• re-introduce E2E, add basic login/logout tests (#​9881)

v0.25.0

Compare Source

Features

• add getEnvDefaults and createActionURL to @auth/core for use in client libs (#​9817)

Bugfixes

• allow Facebook authorization config to be merged (#​9866)
• filter client error response, error on missing host (#​9837)
• allow string return signIn callback (#​9829)

v0.24.0

Compare Source

Features

• support secret rotation (#​9804)

Other

• add badge & tweak config
• add test coverage (#​9805)
• replace jest with vitest (#​9818)
• global vite/vitest, move express (#​9806)

v0.23.0

Compare Source

Features

• @​auth/core: add Ory Hydra provider (#​7755) (1483efb)
• @​auth/core: support new username system in Discord (#​8114) (96908df)
• @​auth/core: nodemailer (prev Email), Resend, SendGrid (#​9753) (8f0226b)
• @​auth/core: expose full session in session callback (#​9712) (ab49b3d)

Bugfixes

• @​auth/core: Add email to VK provider (#​9705) (5214131)
• @​auth/core: include new BattleNet OAuth endpoints (#​6697) (0ff0566)
• @​auth/core: drop confusing links/wording from core (b3c7a6c)
• @​auth/core: always use a generated id for User.id (#​9793) (80c8695)
• @​auth/core: show user and token in session callback (#​9756) (62f24f5)
• @​auth/core: use match instead of split when parsing action (#​9746) (fc358df)
• @​auth/core: correct typo in yandex documentation (#​9734) (b89a0a8)

Other

• ts: fix build (d85269d)
• fix build
• bump vite and clean lock file (#​9720)
• update JWT enc (#​9788)

v0.22.0

Compare Source

Features

• @​auth/core: add basePath option (#​9686) (963086b)

v0.21.0

Compare Source

Features

• @​auth/core: support self-hosted github (#​9271) (05bf014)

Bugfixes

• @​auth/core: bad intersection caused type to be 'never' (#​9477) (bdb4019)
• @​auth/core: add state as default check to Okta (#​9648) (e45492a)
• @​auth/core: Github provider tests (#​9619) (0ddb8cc)

v0.20.0

Compare Source

Features

• @​auth/core: add experimental flag in options (#​9178) (76d8f27)

v0.19.1

Compare Source

Bugfixes

• @​auth/core: typo in errors.ts (#​9523) (2693b74)
• @​auth/core: update kakao.md - clarify callbackUrl format (#​9502) (a14fe18)
• @​auth/core: 42 changed their way to return images (#​9472) (7e17781)
• @​auth/core: typo in well-known url in azure-ad (#​9288) (a7034c5)

Other

• core: add some tests for callback action (#​9353) (0c11823)
• bump Prettier to v3 (#​9464)

v0.19.0

Compare Source

Features

• @​auth/core: deep-merge cookies options (#​9386) (17c4426)
• @​auth/core: add default user id generation (#​9380) (87b037f)

Bugfixes

• @​auth/core: document all Adapter method (5254ff7)
• **[@​au

---

Configuration

📅 Schedule: Branch creation - "every 7 day" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[cloudflare-workers-and-pages]

Deploying authjs-nuxt with    Cloudflare Pages

Latest commit:	7f2f9ab
Status:	🚫  Build failed.

View logs