Release history

AuthCore change log

You are browsing documentation for v3.3.1. Track every feature, fix, and breaking change across recent versions below.

Version

3.3.1

October 17, 2025

Highlights

  • AuthForm now ships with glassmorphic containers, a rebalanced mode switcher, and elevated social login styling to match the latest design system.
  • Registration flows include the upgraded password strength indicator with gradient progress, requirement tracking, and contextual recommendations.
  • Password inputs across AuthCore expose an inline visibility toggle powered by the shared TextInput component.

Fixes & maintenance

  • Aligned magic link toggles and CTA hierarchy after the AuthForm refresh to ensure consistent spacing in both themes.
  • Polished copy and typography around the onboarding headlines so the new visuals remain legible at small breakpoints.

Version

3.3.0

October 17, 2025

Highlights

  • Main Template Mode: New --template-mode=main flag makes AuthCore your primary source code - all components, hooks, server logic, types, and utilities become direct imports from your project (@/components, @/hooks, @/lib/auth, etc.)
  • Complete Source Code Ownership: Main template copies everything including database schema, API routes, environment templates, and configuration files
  • Three Installation Modes: Choose between main (primary source), full (source copy), or standard (package imports) based on your ownership preferences
  • Enhanced Package Keywords: Updated npm keywords to include "main-template", "source-code-ownership", "better-auth", "complete-auth-solution", "auth-framework", and "auth-platform"
  • Improved Documentation: Comprehensive coverage of all three template modes with clear guidance on when to use each approach

Fixes & maintenance

  • CLI now supports --template-mode=main option for complete source code ownership
  • Updated installation guides and CLI reference with main template mode documentation
  • Enhanced package metadata with better discoverability keywords
  • Improved build process with proper TypeScript compilation exclusions

Version

3.2.0

October 17, 2025

Highlights

  • Full Template Mode: New --template-mode=full flag copies ALL source code (components, hooks, server utilities) directly into your project for 100% ownership
  • Import Rewriting: Automatically converts package imports to local paths (@/components/authcore, @/hooks/authcore, @/lib/auth)
  • Update Management: New check-updates command fetches latest version from npm with breaking change warnings and customized file detection
  • Diff Command: Compare your local files with template originals using git diff integration and file statistics
  • File Classification System: All templates include metadata headers (@authcore-version, @authcore-safe-to-update, @authcore-customization-level)
  • Enhanced Manifest: Tracks template mode (standard vs full), customized files, update strategy, and pinned files
  • Two Usage Modes: Choose between full template (own all code) or standard mode (import from package)
  • Optional Package Dependency: In full template mode, codalware-auth becomes optional after initial setup

Fixes & maintenance

  • CLI now supports --template-mode option for init command with user confirmation prompt
  • Import paths automatically rewritten for components, hooks, server utilities, types, validation, and i18n
  • Generated barrel exports (index.ts files) for clean import patterns
  • Created AUTHCORE_TEMPLATE_README.md documentation in user projects
  • Enhanced error handling in diff command with proper manifest validation
  • Improved version comparison with semantic versioning (major/minor/patch detection)

Version

3.1.1

October 2025

Highlights

  • Provider Abstraction Layer: Unified authentication system supporting both NextAuth and Better-Auth without configuration changes
  • Universal Hooks API: useSession(), useSignIn(), and useSignOut() work seamlessly with either provider
  • Better-Auth Support: Full integration with Better-Auth as an alternative to NextAuth, including all social OAuth providers
  • Automatic Provider Detection: Switch providers via NEXT_PUBLIC_AUTH_PROVIDER environment variable
  • Zero Breaking Changes: Existing NextAuth implementations continue working without modifications
  • Optional Peer Dependencies: Install only the authentication provider you need
  • Type-Safe Implementation: Full TypeScript support with proper typing for both authentication systems
  • Production Ready: All components auto-wire to authentication endpoints after installation

Fixes & maintenance

  • Refactored all client components to use provider abstraction instead of direct next-auth imports
  • Added ESLint configuration for dynamic imports in provider layer
  • Enhanced type safety with AuthSession interface across all components
  • Updated LoginForm, ProfileDropdown, ProfileTabs, PageLayout, AdminSettings, and DashboardLayout
  • Improved hook patterns with useSignIn() and useSignOut() returning provider-specific functions
  • Fixed React Hooks compliance by moving conditional provider logic into hook implementations

Version

3.0.0

October 2025

Highlights

  • Component Auto-Wiring: All 84 client components and 50 server exports automatically connect to APIs, actions, and auth policies after installation
  • Complete CLI overhaul: added --router, --db, --dry-run, --theme, --seed-admin flags for flexible, auditable scaffolding
  • App Router templates: 14 new templates including server actions (auth.ts, waitlist.ts), adapters, and typed services for Next.js 13+
  • Verification workflow: npx authcore verify tests 5 critical endpoints (register, check-2fa, policy, waitlist, organizations)
  • Manifest tracking: every init generates .scaffold-auth/manifest.json with rollback support via npx authcore rollback
  • Enhanced package exports: 84 client exports (components, hooks, utilities) + 50 server exports (services, middleware)
  • Smart templates with CUSTOMIZE comments: guides for adapting code to your database schema without breaking builds
  • Components auto-fetch /api/auth/policy and render forms based on tenant rules (magic link, 2FA, email verification)
  • All hooks (useAuth, useLogin, useRegister, useMagicLink, useTwoFactor) work immediately after CLI setup

Fixes & maintenance

  • CLI now returns tracked file lists from copyDirectoryRecursive for accurate manifest generation
  • Fixed App Router template packaging: templates/app folder now includes 10 route handlers + 2 actions + 2 adapters
  • Dry-run mode prevents file writes and shows preview of files that would be created
  • Improved error handling in verification script with colored output and troubleshooting tips
  • Templates use CUSTOMIZE comments for database imports, preventing TypeScript errors in consumer projects
  • Build process uses tsconfig.build.json to exclude template errors from package compilation
  • Package size optimized to 212.6 kB compressed (246 files total)

⚠️ Breaking Changes

  • CLI flag --with-api now defaults to "none" instead of "pages" (use --with-api=app or --with-api=pages explicitly)
  • Removed legacy --skip-migrations flag; use --migrate to opt-in to automatic migrations

Version

2.9.0

October 14, 2025

Highlights

  • AuthForm, LoginForm, and RegisterForm now react to tenant policy toggles (magic link, enforced 2FA, approval messaging) across modals and standalone pages.
  • Introduced `/api/auth/policy` so client apps can render the correct sign-in choices and copy in real time.
  • Documentation refresh: new adaptive flow diagram, policy payload reference, and updated quick start guidance.

Fixes & maintenance

  • RegisterForm pulls the runtime password minimum from configuration so UI validation mirrors server rules.
  • Trimmed the README to reference the hosted documentation and aligned all version markers with v2.9.0.

Version

2.8.10

October 13, 2025

Highlights

  • Root barrel (`codalware-auth`) now re-exports every client hook, helper, and i18n utility for single-line imports.
  • Bundled locale dictionaries and `buildTranslator` factory so multilingual apps ship without extra wiring.
  • CLI install script pins Prisma migrations and Tailwind presets to the package version for reproducible scaffolding.

Fixes & maintenance

  • Regenerated ESM/CJS artifacts to include the new audit/device/profile helpers in type definitions.
  • Pruned duplicate locale payloads from the dist bundle, trimming package size by 18%.

Version

2.8.9

October 12, 2025

Highlights

  • Stripped runtime imports from `@prisma/client` in the Node adapter, unblocking serverless deploy targets.
  • Neon + Prisma connection bootstrap now defers to environment hints for pooled versus direct connections.

Fixes & maintenance

  • Patched validation schemas to use local enum mirrors, eliminating optional peer dependency lookups.

Version

2.8.4

September 30, 2025

Highlights

  • Released waitlist, billing, and organization scaffolds in the CLI seed script for rapid prototypes.
  • Added policy-driven security defaults (lockout, enumeration guard, email restriction) to the config loader.

Fixes & maintenance

  • Expanded package type definitions so every hook overload ships with full TypeScript coverage.