chore: update to better-auth 1.6.15, minimum 1.6.11

[erquhart]

---

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
better-auth	Ready	Preview, Comment	Jun 10, 2026 3:47am

[pkg-pr-new]

Open in StackBlitz

npm i https://pkg.pr.new/@convex-dev/better-auth@388

commit: ad3dbe9

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository: get-convex/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: a6339c61-51b4-4c23-a3d7-e64e62385ccc

📥 Commits

Reviewing files that changed from the base of the PR and between eada9fb and ad3dbe9.

⛔ Files ignored due to path filters (1)

• e2e/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• e2e/package.json

✅ Files skipped from review due to trivial changes (1)

• e2e/package.json

---

📝 Walkthrough

Walkthrough

This PR updates better-auth versions across the repo: bumps devDependencies for better-auth, @better-auth/core, and @better-auth/test-utils to 1.6.15 and tightens peerDependencies.better-auth to >=1.6.11 <1.7.0. It updates installation snippets in framework guides (Expo, Next.js, React, SvelteKit, TanStack Start) and the migration guide to use ~1.6.15, updates an e2e Playwright dependency to ^1.60.0, and changes the Convex adapter.update to return null for empty where clauses with a corresponding test adjustment.

Possibly related PRs

• get-convex/better-auth#193: Updates the Expo guide's better-auth npm install version, similar to this PR's documentation changes.
• get-convex/better-auth#386: Updates SvelteKit guide documentation; this PR further bumps that version from 1.6.9 to 1.6.15.
• get-convex/better-auth#245: Modifies package.json's peerDependencies.better-auth range, similar to the dependency constraint changes in this PR.

🚥 Pre-merge checks | ✅ 3 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description contains only a contributor template with no meaningful information about the changeset, failing to describe any part of the actual changes.	Add a clear description explaining the purpose of the update, such as what improvements or fixes are included in better-auth 1.6.15 and why the minimum version was raised to 1.6.11.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main change: updating better-auth to version 1.6.15 and setting minimum version to 1.6.11.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch better-auth-1-6-15

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@docs/content/docs/migrations/migrate-to-0-12.mdx`:
- Line 22: Update the migration guide sentence that currently states “Better
Auth must be on 1.6.9” to read “Better Auth must be on 1.6.11” so it matches the
package.json peer range (>=1.6.11 <1.7.0); leave the existing npm install pin
line (`npm install better-auth@~1.6.15`) unchanged.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository: get-convex/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: ff81f268-4cd1-48e8-93e9-bf0c83044750

📥 Commits

Reviewing files that changed from the base of the PR and between 580dd53 and 529b0cb.

⛔ Files ignored due to path filters (4)

• examples/next/package-lock.json is excluded by !**/package-lock.json
• examples/react/package-lock.json is excluded by !**/package-lock.json
• examples/tanstack/package-lock.json is excluded by !**/package-lock.json
• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (7)

• docs/content/docs/framework-guides/expo.mdx
• docs/content/docs/framework-guides/next.mdx
• docs/content/docs/framework-guides/react.mdx
• docs/content/docs/framework-guides/sveltekit.mdx
• docs/content/docs/framework-guides/tanstack-start.mdx
• docs/content/docs/migrations/migrate-to-0-12.mdx
• package.json

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify mismatched Better Auth minimum/version references in docs vs package contract.
rg -n -C2 '1\.6\.9|1\.6\.11|better-auth@\~1\.6\.15' docs/content/docs
rg -n -C2 '"better-auth":\s*">=1\.6\.11 <1\.7\.0"' package.json

Repository: get-convex/better-auth

Length of output: 2893

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Find all mentions of 1.6.9 in docs
rg -n "1\.6\.9" docs/content/docs

# Show exact context around the migration sentence mentioning 1.6.9
rg -n -C3 "Better Auth must be on `1\.6\.9`" docs/content/docs/migrations/migrate-to-0-12.mdx || true
# Fallback: show lines around first occurrence of 1.6.9 in that file
rg -n -C5 "1\.6\.9" docs/content/docs/migrations/migrate-to-0-12.mdx || true

# Confirm peerDependencies stanza in package.json with context
rg -n -C3 '"better-auth"\s*:\s*">=1\.6\.11 <1\.7\.0"' package.json || true

Repository: get-convex/better-auth

Length of output: 973

---

Update the documented Better Auth minimum version in the 0.12 migration guide

In docs/content/docs/migrations/migrate-to-0-12.mdx, the text says “Better Auth must be on 1.6.9…”, but package.json peer range is "better-auth": ">=1.6.11 <1.7.0". Update that minimum-version sentence to 1.6.11 (the npm install better-auth@~1.6.15 pin can remain).

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/content/docs/migrations/migrate-to-0-12.mdx` at line 22, Update the
migration guide sentence that currently states “Better Auth must be on 1.6.9” to
read “Better Auth must be on 1.6.11” so it matches the package.json peer range
(>=1.6.11 <1.7.0); leave the existing npm install pin line (`npm install
better-auth@~1.6.15`) unchanged.

[coderabbitai]

🧹 Nitpick comments (1)

src/test/adapter-factory/convex-custom.ts (1)

430-452: ⚡ Quick win

Add a companion regression assertion for where being undefined/missing.

This test locks in where: [], but the adapter guard is !data.where?.length (so undefined/missing is also part of the contract). Add one more assertion to cover that path explicitly.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/test/adapter-factory/convex-custom.ts` around lines 430 - 452, Add a
sibling assertion to the existing test that covers the case where the update
`where` is undefined (missing) in addition to the empty array case: call
adapter.update with the same model and update payload but omit the `where` key
entirely and assert it returns null and that the record was not modified (use
adapter.findOne with the original user's id to verify equality). Update the test
named "should return null and not modify records when update where is empty" to
include this extra check so it exercises the adapter.guard condition
`!data.where?.length`.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@src/test/adapter-factory/convex-custom.ts`:
- Around line 430-452: Add a sibling assertion to the existing test that covers
the case where the update `where` is undefined (missing) in addition to the
empty array case: call adapter.update with the same model and update payload but
omit the `where` key entirely and assert it returns null and that the record was
not modified (use adapter.findOne with the original user's id to verify
equality). Update the test named "should return null and not modify records when
update where is empty" to include this extra check so it exercises the
adapter.guard condition `!data.where?.length`.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository: get-convex/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 7550212e-0a57-4983-a88d-53d1c04314a4

📥 Commits

Reviewing files that changed from the base of the PR and between 529b0cb and eada9fb.

📒 Files selected for processing (2)

• src/client/adapter.ts
• src/test/adapter-factory/convex-custom.ts