Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

better-auth

Ecosystem:
npm
Package URL:
pkg:npm/better-auth
Total PRs:
2,419 Dependabot PRs
Latest PR:
40 minutes ago
Unique Repositories:
835 repositories
Unique Repos (30 days):
108 repositories
Security Advisories
Better Auth: Device authorization approve and deny accept any authenticated session while the user code is pending
GHSA-cq3f-vc6p-68fh CVE-2026-45337 HIGH published 3 days ago • updated 3 days ago
### Am I affected? You are affected if all of the following are true: - You use `better-auth` at a version `>= 1.6.0, < 1.6.11`. - The `deviceAut...
Better Auth's rou3 Dependency has Double-Slash Path Normalization which can Bypass disabledPaths Config and Rate Limits
GHSA-x732-6j76-qmhm HIGH published 6 months ago • updated 2 days ago
## Summary An issue in the underlying router library **rou3** can cause `/path` and `//path` to be treated as identical routes. If your environmen...
Better Auth affected by external request basePath modification DoS
GHSA-569q-mpph-wgww LOW published 6 months ago • updated 2 days ago
# Summary Affected versions of Better Auth allow an external request to configure `baseURL` when it isn’t defined through any other means. This ca...
Better Auth allows bypassing the trustedOrigins Protection which leads to ATO
GHSA-vp58-j275-797x HIGH published over 1 year ago • updated 2 days ago
### Summary A bypass was discovered in the trustedOrigins validation logic—affecting both absolute URL entries and wildcard domain patterns. This ...
Better Auth URL parameter HTML Injection (Reflected Cross-Site scripting)
GHSA-9x4v-xfq5-m8x5 MODERATE published over 1 year ago • updated 2 days ago
### Summary The better-auth `/api/auth/error` page was vulnerable to HTML injection, resulting in a reflected cross-site scripting (XSS) vulnerabil...
View all 13 advisories
Recent PRs
RSS Feed
chore(deps): bump the production-dependencies group across 1 directory with 12 updates

xconics-dev/proptryx-server #80

1.6.11 → 1.6.14 Patch PR
Open 40 minutes ago 1 comment
xconics-dev
build(deps): Bump the npm-production group with 5 updates

SafetyMP/Autonomous-EHS-Management #26

1.6.12 → 1.6.14 Patch PR
Open about 13 hours ago 2 comments
SafetyMP
Bump the minor-and-patch group across 1 directory with 19 updates

akshitkrnagpal/edgepush #26

1.6.11 → 1.6.14 Patch PR
Open about 17 hours ago 1 comment
akshitkrnagpal
chore(deps): bump the npm_and_yarn group across 8 directories with 3 updates

Sherlock999xxx/lobe-chat #11

1.4.6 → 1.6.11 Minor PR
Open 1 day ago 2 comments
Sherlock999xxx
chore: bump the npm-deps group with 19 updates

mitsailing/mitsailing #183

1.6.13 → 1.6.14 Patch PR
Open 1 day ago 3 comments
mitsailing
Node (Frontend)(deps): Bump better-auth from 1.6.14 to 1.6.13 in /src/Clients in the better-auth group

foxminchan/BookWorm #1169

1.6.14 → 1.6.13
Open 3 days ago 4 comments
foxminchan
chore(deps): bump the npm_and_yarn group across 2 directories with 10 updates

EmilynnJ/awesome-llm-apps #7

1.2.8 → 1.6.11 Minor PR
Open 3 days ago 4 comments
EmilynnJ
chore(deps-dev): bump better-auth from 1.6.5 to 1.6.11 in the npm_and_yarn group across 1 directory

yultyyev/better-auth-firebase-auth #19

1.6.5 → 1.6.11 Patch PR
Closed 3 days ago 1 comment
yultyyev
chore(deps): bump the npm_and_yarn group across 4 directories with 8 updates

dculussoftwares/dculus-forms #52

1.4.17 → 1.6.2 Minor PR
Closed 5 days ago 2 comments
dculussoftwares
deps(deps): bump the minor-and-patch group across 1 directory with 7 updates

Divkix/Logwell #121

1.6.11 → 1.6.14 Patch PR
Closed 5 days ago 5 comments
Divkix
deps(deps): bump the patch-minor group across 1 directory with 29 updates

idolrun/expenso #26

1.6.5 → 1.6.13 Patch PR
Open 6 days ago 1 comment
idolrun
Bump the npm_and_yarn group across 7 directories with 3 updates

DaddyFilth/lobehubd #3

1.4.6 → 1.6.2 Minor PR
Closed 6 days ago 2 comments
DaddyFilth
chore(deps): bump the npm_and_yarn group across 1 directory with 2 updates

sazanami-notes/sazanami #171

1.4.18 → 1.6.2 Minor PR
Open 6 days ago 2 comments
sazanami-notes
chore(deps): bump the npm_and_yarn group across 8 directories with 13 updates

EmiyaKiritsugu3/paperclip #3

1.4.18 → 1.6.2 Minor PR
Closed 6 days ago 1 comment
EmiyaKiritsugu3
build(deps): bump the npm_and_yarn group across 4 directories with 3 updates

Sherlock999xxx/lobe-chat #8

1.4.6 → 1.6.2 Minor PR
Open 6 days ago 2 comments
Sherlock999xxx
chore(deps): bump the npm_and_yarn group across 5 directories with 3 updates

hezhijie0327/lobehub #70

1.4.6 → 1.6.2 Minor PR
Closed 6 days ago 1 comment
hezhijie0327
chore(deps): bump the dependencies group across 1 directory with 9 updates

CaseyHoover/FullStackSkeleton #142

1.6.11 → 1.6.13 Patch PR
Closed 6 days ago 1 comment
CaseyHoover
chore(deps): bump the npm-dependencies group with 5 updates

henchoznoe/NexTemplate #24

1.6.11 → 1.6.12 Patch PR
Open 7 days ago 3 comments
henchoznoe
chore(deps): bump the dependencies group across 1 directory with 7 updates

duck-organization/questbot #92

1.6.11 → 1.6.13 Patch PR
Closed 7 days ago 1 comment
duck-organization
chore(deps): Bump the minor-and-patch group across 1 directory with 10 updates

bwyard/artist-platform #182

1.6.12 → 1.6.13 Patch PR
Closed 7 days ago 1 comment
bwyard
chore(deps): bump the npm-production group across 1 directory with 16 updates

interdomestik/interdomestik #875

1.6.11 → 1.6.12 Patch PR
Open 8 days ago 2 comments
interdomestik
chore(deps): bump the npm_and_yarn group across 5 directories with 12 updates

rivet-dev/rivet #5119

1.5.6 → 1.6.2 Minor PR
Open 9 days ago 4 comments
rivet-dev
Bump the npm_and_yarn group across 12 directories with 4 updates

BY-SOMMER/vercel #79

1.5.5 → 1.6.2 Minor PR
Closed 9 days ago 1 comment
BY-SOMMER
chore(deps): bump the npm_and_yarn group across 4 directories with 15 updates

danielbodnar/sandbox-agent #18

1.5.5 → 1.6.2 Minor PR
Closed 10 days ago 3 comments
danielbodnar
chore(deps)(deps): bump the production-dependencies group across 1 directory with 94 updates

x907/website-badscandi #288

1.5.6 → 1.6.11 Minor PR
Closed 11 days ago 2 comments
x907
Bump the all-dependencies group across 1 directory with 52 updates

Netoun/bonne-garde-boilerplate #5

1.6.5 → 1.6.11 Patch PR
Closed 11 days ago 1 comment
Netoun
chore(deps): bump the patch-updates group across 1 directory with 77 updates

dculussoftwares/dculus-forms #48

1.4.17 → 1.6.11 Minor PR
Closed 11 days ago 1 comment
dculussoftwares
chore(deps): Bump the npm_and_yarn group across 3 directories with 12 updates

HarleyCoops/accountability #3

1.3.27 → 1.6.2 Minor PR
Open 12 days ago 3 comments
HarleyCoops
Bump the patch-and-minor group across 1 directory with 12 updates

chrishanfernando/portfolio-app #29

1.6.9 → 1.6.11 Patch PR
Closed 13 days ago 2 comments
chrishanfernando
chore(deps): bump the production-minor-patch group across 1 directory with 13 updates

tlthiago/synnerdata-web-n #193

1.4.7 → 1.6.11 Minor PR
Open 13 days ago 1 comment
tlthiago
chore(deps): bump the production-dependencies group across 1 directory with 26 updates

habibjutt/nextjs_boilerplate #177

1.4.18 → 1.6.11 Minor PR
Open 13 days ago 2 comments
habibjutt
chore(deps): bump the minor-and-patch group across 1 directory with 16 updates

JamesTroy/AiAuditor #16

1.5.5 → 1.6.11 Minor PR
Closed 13 days ago 3 comments
JamesTroy
chore(deps): bump better-auth from 1.6.10 to 1.6.11

kaelys-js/heron #120

1.6.10 → 1.6.11 Patch PR
Open 14 days ago 9 comments
kaelys-js
deps(deps): bump the all-dependencies group across 1 directory with 68 updates

sowmyagsrohini2032-blip/Portfolio- #2

1.4.18 → 1.6.11 Minor PR
Open 14 days ago 1 comment
sowmyagsrohini2032-blip
deps(deps): bump the all-dependencies group across 1 directory with 68 updates

nabashi404/saas-test #4

1.4.18 → 1.6.11 Minor PR
Closed 14 days ago 2 comments
nabashi404
deps(deps): bump the all-dependencies group across 1 directory with 68 updates

mr-ElAmine/test-1 #8

1.4.18 → 1.6.11 Minor PR
Open 14 days ago 1 comment
mr-ElAmine
deps(deps): bump the all-dependencies group across 1 directory with 65 updates

jetmobsol/serene #12

1.5.4 → 1.6.11 Minor PR
Open 14 days ago 1 comment
jetmobsol
chore(deps)(deps): bump the production-dependencies group across 1 directory with 93 updates

x907/website-badscandi #285

1.5.6 → 1.6.11 Minor PR
Closed 14 days ago 2 comments
x907
chore: bump the npm_and_yarn group across 1 directory with 4 updates

deadlock-mod-manager/deadlock-mod-manager #494

1.5.6 → 1.6.2 Minor PR
Open 14 days ago 2 comments
deadlock-mod-manager
chore(deps): bump the npm-all group with 67 updates

MatHoyer/hypertube #217

1.3.7 → 1.6.11 Minor PR
Closed 14 days ago 1 comment
MatHoyer
chore(deps): Bump the minor-and-patch group across 1 directory with 33 updates

Yambr/openwhispr-server #17

1.6.9 → 1.6.11 Patch PR
Open 16 days ago 1 comment
Yambr
chore(deps): bump the npm_and_yarn group across 23 directories with 9 updates

c6ai/helicone #97

1.2.8 → 1.6.2 Minor PR
Closed 16 days ago 1 comment
c6ai
chore(deps): bump the npm_and_yarn group across 1 directory with 6 updates

stvn101/typescript-sdk #1

1.5.6 → 1.6.2 Minor PR
Open 16 days ago 2 comments
stvn101
chore(deps): bump the npm_and_yarn group across 3 directories with 2 updates

simstudioai/sim #4731

1.3.12 → 1.6.2 Minor PR
Open 16 days ago 3 comments
simstudioai
chore(deps): Bump the minor-and-patch group with 34 updates

Yambr/openwhispr-server #6

1.6.9 → 1.6.11 Patch PR
Closed 16 days ago 1 comment
Yambr
chore(deps): bump the npm_and_yarn group across 3 directories with 2 updates

simstudioai/sim #4709

1.3.12 → 1.6.2 Minor PR
Open 17 days ago 4 comments
simstudioai
chore(deps): bump the production-dependencies group with 70 updates

mariobarrr/mi-primera-web #29

1.5.6 → 1.6.11 Minor PR
Closed 17 days ago 2 comments
mariobarrr
chore(deps): bump the production-dependencies group across 1 directory with 19 updates

hlebtkachenko/monorepo #237

1.6.10 → 1.6.11 Patch PR
Open 17 days ago 2 comments
hlebtkachenko
chore(deps): bump the patch-updates group with 44 updates

dculussoftwares/dculus-forms #21

1.4.17 → 1.6.11 Minor PR
Closed 18 days ago 1 comment
dculussoftwares
Bump better-auth from 1.6.2 to 1.6.3 in /server

nish3451/paperclip #3

1.6.2 → 1.6.3 Patch PR
Closed 19 days ago 2 comments
nish3451
Package Details
Name: better-auth
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/better-auth
JSON API: View JSON
Security Advisories

13

Active advisories
CRITICAL 1
HIGH 6
MODERATE 3
LOW 3
View All npm Advisories
Package Information
Description:

The most comprehensive authentication library for TypeScript.

Repository: https://github.com/better-auth/better-auth
Homepage: https://github.com/better-auth/better-auth#readme
Latest Release: 1.2.8
about 1 year ago
Dependent Repos: 0
Dependent Packages: 0
Downloads: 422,738
Ranking: Top 30.4529% by dependent repos Top 43.5938% by dependent pkgs
PR Status
Open 1,277 (52.9%)
Merged 88 (3.6%)
Closed 989 (41.0%)
PR Types
Major 8 (0.3%)
Minor 1,177 (48.8%)
Patch 1,166 (48.3%)