@clerk/vue@2.3.3

Patch Changes

• Updated dependencies [afb75e6, c3df67a, 86fd38f, 8d6bb56, 43dfefa, 5fc7b21, c2ba134]:
  • @clerk/shared@4.15.0

@clerk/upgrade@2.0.3

Patch Changes

• Removed unused generate-changelog script (#8686) by @dominic-clerk

@clerk/ui@1.15.0

Minor Changes

• Internal <ConfigureSSO /> refactor to call new org-scoped enterprise connections FAPI endpoints, replacing the /me/ deprecated scope. (#8671) by @iagodahlem

Patch Changes

• Add support for Google Workspace SAML provider to self-serve SSO (#8690) by @LauraBeatris

• Layer architecture for configure steps per IdP and protocol on <ConfigureSSO /> (#8651) by @LauraBeatris

• Reworks the <ConfigureSSO /> confirmation step and adds a dedicated reset connection dialog: (#8706) by @iagodahlem

  • Introduces <ResetConnectionDialog /> — a modal-based, type-to-confirm dialog scoped to the wizard container that replaces the inline reset confirmation card. Wraps the destructive delete behind useReverification, clears the local provider selection, and rewinds the wizard to provider selection on success.
  • Restyles the confirmation step body: unified status header with an inline Active / Inactive badge, grouped Enable SSO and Domain rows, two-column configuration details rendered through ProfileSection.ItemList, outlined Configure again, destructive Reset connection, and an inactive-state banner inside the step footer.
  • Step.Header now accepts a badge prop so a step can render an inline status pill next to its title without crowding the right-aligned children slot.
  • OrganizationProfile forwards the shared content ref to <ConfigureSSO /> so the new dialog portals into the wizard chrome when the component is embedded inside the organization profile.

• "Fix rendering issue for free trial badge." (#8712) by @l-armstrong

• Fix the legal consent checkbox growing in size when its label wraps to a second line while using the simple theme. The checkbox is now aligned to the start of the row so it no longer stretches to match the label height. (#8705) by @dmoerner

• Avoid sending duplicate verification codes when persisted email or phone code verifications are already pending. (#8548) by @jacekradko

• Adds a wizard-wide reset connection entry on the <ConfigureSSO /> step footers: (#8711) by @iagodahlem

  • New Step.Footer.Reset compound part that renders a destructive ghost button on the leading edge of the footer and opens the existing ResetConnectionDialog. The slot owns its own open state and gates itself on the current enterprise connection, so it stays hidden on the provider selection step.
  • Wires the reset entry into the Verify Domain, Configure (Okta and Custom SAML), and Test steps so the reset action is reachable from anywhere in the wizard. The confirmation step keeps its in-body destructive button.
  • Exposes a configureSSOFooterResetButton element descriptor so the new button surface can be themed via appearance customizations.

• Fix stepper chevron wrapping in <ConfigureSSO /> (#8693) by @alexcarpenter

• Add support for Microsoft Entra SAML provider to self-serve SSO (#8695) by @LauraBeatris

• Add mobile support for <ConfigureSSO /> navbar to display application name, logo and organization name (#8675) by @LauraBeatris

• Scope the UserProfile active-devices fetch cache by user.id so a session switch or sign-out/sign-in on a shared device no longer renders the previous user's device activity (IP, location, browser/device) from the module-scoped cache. (#8703) by @dominic-clerk

• Updated dependencies [afb75e6, c3df67a, 86fd38f, 8d6bb56, 43dfefa, 5fc7b21, c2ba134]:

  • @clerk/localizations@4.7.1
  • @clerk/shared@4.15.0

@clerk/testing@2.0.35

Patch Changes

• Updated dependencies [1c42351, 1701e0f, afb75e6, c3df67a, ff0cfef, 86fd38f, be55c4e, fb184de, 8d6bb56, 43dfefa, 5fc7b21, c2ba134]:
  • @clerk/backend@3.5.0
  • @clerk/shared@4.15.0

@clerk/tanstack-react-start@1.3.3

Patch Changes

• Prevent keyless mode from activating in CI and other automated environments in framework SDKs. (#8676) by @mwickett

• Updated dependencies [1c42351, 1701e0f, afb75e6, c3df67a, ff0cfef, 86fd38f, be55c4e, fb184de, 8d6bb56, 43dfefa, 5fc7b21, c2ba134]:

  • @clerk/backend@3.5.0
  • @clerk/shared@4.15.0
  • @clerk/react@6.7.3

@clerk/shared@4.15.0

Minor Changes

• Internal <ConfigureSSO /> refactor to call new org-scoped enterprise connections FAPI endpoints, replacing the /me/ deprecated scope. (#8671) by @iagodahlem

Patch Changes

• Add support for Google Workspace SAML provider to self-serve SSO (#8690) by @LauraBeatris

• Layer architecture for configure steps per IdP and protocol on <ConfigureSSO /> (#8651) by @LauraBeatris

• Prevent keyless mode from activating in CI and other automated environments in framework SDKs. (#8676) by @mwickett

• Add support for Microsoft Entra SAML provider to self-serve SSO (#8695) by @LauraBeatris

• Replace the telemetry postinstall script with a one-time runtime notice, printed once per process on server runtimes (Node, excluding CI) when the telemetry collector boots against a development instance. Drops the std-env dependency. (#8549) by @jacekradko

  Removing postinstall improves the package's supply-chain posture: @clerk/shared no longer executes arbitrary code at install time, aligning with package-manager defaults that increasingly disable install scripts.

  Browser-only applications with no server-side Clerk runtime (e.g. a Vite SPA) will not surface an in-band notice. Telemetry behavior and opt-out (telemetry={false} or *_CLERK_TELEMETRY_DISABLED) are unchanged; disclosure for these setups is provided at https://clerk.com/docs/telemetry.

• Nest rolldown's shared build chunks under dist/runtime/_chunks/ instead of emitting them flat next to the entry points. The package exposes "./*", which resolves to dist/runtime/*, so the content-hashed internal chunks were being picked up by API-diff tooling whenever a chunk hash shifted. Entry and type resolution are unchanged; the chunks are still referenced by relative path, and external ./_chunks/* package subpaths are blocked. (#8717) by @jacekradko

@clerk/react@6.7.3

Patch Changes

• Updated dependencies [afb75e6, c3df67a, 86fd38f, 8d6bb56, 43dfefa, 5fc7b21, c2ba134]:
  • @clerk/shared@4.15.0

@clerk/react-router@3.3.3

Patch Changes

• Prevent keyless mode from activating in CI and other automated environments in framework SDKs. (#8676) by @mwickett

• Read VITE_CLERK_UNSAFE_DISABLE_DEVELOPMENT_MODE_CONSOLE_WARNING on the client when React Router is used in SPA mode (or as a library). Previously the env-var shortcut only took effect through the SSR rootAuthLoader, so client-only setups had no way to suppress the development-keys warning without passing unsafe_disableDevelopmentModeConsoleWarning to <ClerkProvider> directly. (#8682) by @jacekradko

• Updated dependencies [1c42351, 1701e0f, afb75e6, c3df67a, ff0cfef, 86fd38f, be55c4e, fb184de, 8d6bb56, 43dfefa, 5fc7b21, c2ba134]:

  • @clerk/backend@3.5.0
  • @clerk/shared@4.15.0
  • @clerk/react@6.7.3

@clerk/nuxt@2.5.3

Patch Changes

• Prevent keyless mode from activating in CI and other automated environments in framework SDKs. (#8676) by @mwickett

• Updated dependencies [1c42351, 1701e0f, afb75e6, c3df67a, ff0cfef, 86fd38f, be55c4e, fb184de, 8d6bb56, 43dfefa, 5fc7b21, c2ba134]:

  • @clerk/backend@3.5.0
  • @clerk/shared@4.15.0
  • @clerk/vue@2.3.3

@clerk/nextjs@7.4.3

Patch Changes

• Prevent keyless mode from activating in CI and other automated environments in framework SDKs. (#8676) by @mwickett

• Updated dependencies [1c42351, 1701e0f, afb75e6, c3df67a, ff0cfef, 86fd38f, be55c4e, fb184de, 8d6bb56, 43dfefa, 5fc7b21, c2ba134]:

  • @clerk/backend@3.5.0
  • @clerk/shared@4.15.0
  • @clerk/react@6.7.3