You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
- Add missing support for legacy chunked cookies [\#2071](https://github.com/auth0/nextjs-auth0/pull/2071) ([tusharpandey13](https://github.com/tusharpandey13))
9
11
10
12
**Changed**
13
+
11
14
- Update middleware combination example to prevent unintended backend execution [\#2076](https://github.com/auth0/nextjs-auth0/pull/2076) ([tusharpandey13](https://github.com/tusharpandey13))
12
15
- Bump eslint-plugin-react from 7.37.4 to 7.37.5 [\#2091](https://github.com/auth0/nextjs-auth0/pull/2091) ([dependabot[bot]](https://github.com/apps/dependabot))
13
16
- Bump @playwright/test from 1.50.1 to 1.52.0 [\#2092](https://github.com/auth0/nextjs-auth0/pull/2092) ([dependabot[bot]](https://github.com/apps/dependabot))
@@ -31,57 +34,72 @@
31
34
- chore(deps-dev): bump prettier from 3.4.2 to 3.5.3 [\#1967](https://github.com/auth0/nextjs-auth0/pull/1967) ([dependabot[bot]](https://github.com/apps/dependabot))
32
35
33
36
**Fixed**
37
+
34
38
- Usability upgrades to V4 Migration Guide [\#2095](https://github.com/auth0/nextjs-auth0/pull/2095) ([nandan-bhat](https://github.com/nandan-bhat))
35
39
- Bugfix: Add clockTolerance to cookie decryption [\#2097](https://github.com/auth0/nextjs-auth0/pull/2097) ([tusharpandey13](https://github.com/tusharpandey13))
36
40
- Fix stacking transaction cookies [\#2077](https://github.com/auth0/nextjs-auth0/pull/2077) ([tusharpandey13](https://github.com/tusharpandey13))
- Update tests for getAccessToken refresh flow [\#2068](https://github.com/auth0/nextjs-auth0/pull/2068) ([tusharpandey13](https://github.com/tusharpandey13))
57
67
- fix: make configuration validation not throw [\#2034](https://github.com/auth0/nextjs-auth0/pull/2034) ([tusharpandey13](https://github.com/tusharpandey13))
58
68
- feat: ensure cookie path is configurable [\#2050](https://github.com/auth0/nextjs-auth0/pull/2050) ([frederikprijck](https://github.com/frederikprijck))
- revert: fix: Properly configure SDK to be distributed as ESM [\#2046](https://github.com/auth0/nextjs-auth0/pull/2046) ([frederikprijck](https://github.com/frederikprijck))
65
77
66
78
**Fixed**
79
+
67
80
- fix: Add id_token_hint on logout [\#2041](https://github.com/auth0/nextjs-auth0/pull/2041) ([frederikprijck](https://github.com/frederikprijck))
- fix: Properly configure SDK to be distributed as ESM [\#2028](https://github.com/auth0/nextjs-auth0/pull/2028) ([frederikprijck](https://github.com/frederikprijck))
74
89
- Fix broken links in jsdocs [\#2031](https://github.com/auth0/nextjs-auth0/pull/2031) ([frederikprijck](https://github.com/frederikprijck))
75
90
- fix: Throw ConfigurationError when invalid Auth0Client configuration [\#2026](https://github.com/auth0/nextjs-auth0/pull/2026) ([tusharpandey13](https://github.com/tusharpandey13))
- Add note about access-token endpoint to README [\#2020](https://github.com/auth0/nextjs-auth0/pull/2020) ([frederikprijck](https://github.com/frederikprijck))
82
99
- Add support for Connection Access Token [\#2010](https://github.com/auth0/nextjs-auth0/pull/2010) ([frederikprijck](https://github.com/frederikprijck))
83
100
84
101
**Fixed**
102
+
85
103
- fix: Delete legacy cookie once v4 cookie is set [\#2019](https://github.com/auth0/nextjs-auth0/pull/2019) ([frederikprijck](https://github.com/frederikprijck))
86
104
- fix: Ensure to delete cookies when switching from single to chunks and vica versa [\#2013](https://github.com/auth0/nextjs-auth0/pull/2013) ([frederikprijck](https://github.com/frederikprijck))
87
105
- fix: Clean up cookie chunks when cookie size shrinks [\#2014](https://github.com/auth0/nextjs-auth0/pull/2014) ([frederikprijck](https://github.com/frederikprijck))
@@ -90,51 +108,65 @@
90
108
- fix: Remove obsolete warning about cookie-size [\#2012](https://github.com/auth0/nextjs-auth0/pull/2012) ([frederikprijck](https://github.com/frederikprijck))
- Access Token Exposure Control [\#1979](https://github.com/auth0/nextjs-auth0/pull/1979) ([tusharpandey13](https://github.com/tusharpandey13))
97
117
- Cookie chunking support [\#1975](https://github.com/auth0/nextjs-auth0/pull/1975) ([tusharpandey13](https://github.com/tusharpandey13))
98
118
- Add idToken to TokenSet in SessionData [\#1978](https://github.com/auth0/nextjs-auth0/pull/1978) ([tusharpandey13](https://github.com/tusharpandey13))
- Enforce nextjs peerDependency to 14.2.25 and 15.2.3 [\#1988](https://github.com/auth0/nextjs-auth0/pull/1988) ([frederikprijck](https://github.com/frederikprijck))
111
135
112
136
The above security fix was done to help prevent customers being vulnerable to [Authorization Bypass in Next.js Middleware](https://github.com/advisories/GHSA-f82v-jwr5-mffw).
- Programmatic PAR [\#1946](https://github.com/auth0/nextjs-auth0/pull/1946) ([tusharpandey13](https://github.com/tusharpandey13))
119
145
120
146
**Fixed**
147
+
121
148
- fix: stop importing named export from package.json [\#1962](https://github.com/auth0/nextjs-auth0/pull/1962) ([tusharpandey13](https://github.com/tusharpandey13))
- Fix route matching when Next.js trailingSlash is enabled [\#1948](https://github.com/auth0/nextjs-auth0/pull/1948) ([tusharpandey13](https://github.com/tusharpandey13))
128
157
- fix: allow appBaseUrl to not be the root [\#1941](https://github.com/auth0/nextjs-auth0/pull/1941) ([frederikprijck](https://github.com/frederikprijck))
@@ -160,7 +192,7 @@ We will continue to add features and security upgrades in V4 going further. Plea
160
192
161
193
**⚠️ BREAKING CHANGES**.
162
194
163
-
Significant updates have been introduced in this release. Please refer to the V3 → V4 [MIGRATION GUIDE](https://github.com/auth0/nextjs-auth0/blob/v4/V4_MIGRATION_GUIDE.md) for details on upgrading.
195
+
Significant updates have been introduced in this release. Please refer to the V3 → V4 [MIGRATION GUIDE](./V4_MIGRATION_GUIDE.md) for details on upgrading.
0 commit comments