diff --git a/.changeset/brave-mammals-burn.md b/.changeset/brave-mammals-burn.md
deleted file mode 100644
index 233a8b48ddb..00000000000
--- a/.changeset/brave-mammals-burn.md
+++ /dev/null
@@ -1,5 +0,0 @@
----
-'@clerk/ui': patch
----
-
-Fix the payment method form getting stuck in a loading state after a failed card setup. Non-validation errors such as 3DS authentication failures are now displayed.
diff --git a/.changeset/configure-sso-modal-close-button-height.md b/.changeset/configure-sso-modal-close-button-height.md
deleted file mode 100644
index 8314861b5de..00000000000
--- a/.changeset/configure-sso-modal-close-button-height.md
+++ /dev/null
@@ -1,5 +0,0 @@
----
-'@clerk/ui': patch
----
-
-Fix the organization profile modal close button overlapping the SSO configuration wizard's step header.
diff --git a/.changeset/fix-touch-session-doc-link.md b/.changeset/fix-touch-session-doc-link.md
deleted file mode 100644
index 534821e05f5..00000000000
--- a/.changeset/fix-touch-session-doc-link.md
+++ /dev/null
@@ -1,5 +0,0 @@
----
-'@clerk/shared': patch
----
-
-Fix the `touchSession` option documentation to link directly to the Frontend API touch endpoint.
diff --git a/.changeset/localizations-generate-align.md b/.changeset/localizations-generate-align.md
deleted file mode 100644
index a845151cc84..00000000000
--- a/.changeset/localizations-generate-align.md
+++ /dev/null
@@ -1,2 +0,0 @@
----
----
diff --git a/.changeset/nextjs-deprecate-route-matcher.md b/.changeset/nextjs-deprecate-route-matcher.md
deleted file mode 100644
index b1110fc1c1f..00000000000
--- a/.changeset/nextjs-deprecate-route-matcher.md
+++ /dev/null
@@ -1,22 +0,0 @@
----
-'@clerk/nextjs': patch
----
-
-Deprecate `createRouteMatcher()` in favor of resource-based auth checks.
-
-Middleware-based auth checks rely on path matching, which can diverge from how Next.js routes requests and leave protected resources reachable.
-
-For a migration guide, see:
- https://clerk.com/docs/guides/development/upgrading/upgrade-guides/migrate-from-create-route-matcher
-
-Instead of protecting routes from middleware, move auth checks into each protected page, layout, API route, or Server Function, for example:
-
-```ts
-import { auth } from '@clerk/nextjs/server'
-
-export default async function Page() {
- await auth.protect()
-
- return
Dashboard
-}
-```
diff --git a/.changeset/nuxt-deprecate-route-matcher.md b/.changeset/nuxt-deprecate-route-matcher.md
deleted file mode 100644
index f297891d51a..00000000000
--- a/.changeset/nuxt-deprecate-route-matcher.md
+++ /dev/null
@@ -1,20 +0,0 @@
----
-'@clerk/nuxt': patch
----
-
-Deprecate `createRouteMatcher()` in favor of Nuxt's native route matching.
-
-To protect API routes, match paths natively inside `clerkMiddleware()`:
-
-```ts
-export default clerkMiddleware(event => {
- const { isAuthenticated } = event.context.auth();
- const { pathname } = getRequestURL(event);
-
- if (!isAuthenticated && pathname.startsWith('/api/admin')) {
- throw createError({ statusCode: 401, statusMessage: 'Unauthorized' });
- }
-});
-```
-
-To protect pages, use Nuxt's built-in route middleware with `definePageMeta({ middleware: 'auth' })`.
diff --git a/.changeset/password-toggle-hit-area.md b/.changeset/password-toggle-hit-area.md
deleted file mode 100644
index 415b3e1e43f..00000000000
--- a/.changeset/password-toggle-hit-area.md
+++ /dev/null
@@ -1,5 +0,0 @@
----
-'@clerk/ui': patch
----
-
-Enlarge the show/hide password toggle button's hit area with added padding and rounded corners, making it easier to tap and giving it a clearer hover/focus target.
diff --git a/.changeset/protect-check-spinner-widget-visibility.md b/.changeset/protect-check-spinner-widget-visibility.md
deleted file mode 100644
index 2c6c2f8238a..00000000000
--- a/.changeset/protect-check-spinner-widget-visibility.md
+++ /dev/null
@@ -1,6 +0,0 @@
----
-'@clerk/shared': patch
-'@clerk/ui': patch
----
-
-Polish the Protect check card: the loading spinner now hides while a challenge widget (e.g. Turnstile) is visible instead of spinning alongside it, only appears after a short delay so near-instant checks never flash it, and the card no longer reserves empty space above the spinner before a widget has rendered.
diff --git a/.changeset/protect-check-standalone-signup.md b/.changeset/protect-check-standalone-signup.md
deleted file mode 100644
index a056f4268ee..00000000000
--- a/.changeset/protect-check-standalone-signup.md
+++ /dev/null
@@ -1,5 +0,0 @@
----
-'@clerk/ui': patch
----
-
-Fix standalone `` Protect checks so the verification card stays mounted while a solved challenge routes to the next step, while stale direct visits to the protect-check route return to the start of the sign-up flow.
diff --git a/.changeset/protect-check-support.md b/.changeset/protect-check-support.md
deleted file mode 100644
index 8376d734734..00000000000
--- a/.changeset/protect-check-support.md
+++ /dev/null
@@ -1,30 +0,0 @@
----
-'@clerk/clerk-js': minor
-'@clerk/localizations': minor
-'@clerk/react': minor
-'@clerk/shared': minor
-'@clerk/ui': minor
----
-
-Add support for Clerk Protect mid-flow SDK challenges (`protect_check`) on both sign-up and sign-in.
-
-When the Protect antifraud service issues a challenge, responses now carry a `protectCheck` field
-with `{ status, token, sdkUrl, expiresAt?, uiHints? }`. Clients resolve the gate by loading the
-SDK at `sdkUrl`, executing the challenge, and submitting the resulting proof token via
-`signUp.submitProtectCheck({ proofToken })` or `signIn.submitProtectCheck({ proofToken })`. The
-response may carry a chained challenge, which the SDK resolves iteratively.
-
-Sign-in adds a new `'needs_protect_check'` value to the `SignInStatus` union. **Upgrading this
-package is type-only and does not change runtime behavior**: the server returns the new status
-(and the `protectCheck` field) only for instances where Protect mid-flow challenges have been
-explicitly enabled — the feature is off by default and is not enabled for existing instances by
-upgrading. The server additionally only emits the new status value to SDK versions that
-understand it, so older clients never receive an unknown status.
-
-If an exhaustive `switch` on `signIn.status` flags the new value after upgrading, handle it by
-running the challenge described by `protectCheck` and submitting the proof via
-`submitProtectCheck()`. Clients should treat the `protectCheck` field as the authoritative gate
-signal and fall back to the status value for defense in depth.
-
-The pre-built `` and `` components handle the gate automatically by routing
-to a new `protect-check` route that runs the challenge SDK and resumes the flow on completion.
diff --git a/.changeset/tooltip-above-modal.md b/.changeset/tooltip-above-modal.md
deleted file mode 100644
index 11809b73cf0..00000000000
--- a/.changeset/tooltip-above-modal.md
+++ /dev/null
@@ -1,5 +0,0 @@
----
-'@clerk/ui': patch
----
-
-Fix tooltips rendering behind modals (for example on the organization profile Security page). Tooltips now layer above modal content, and pressing Escape or clicking outside while a tooltip is open inside a modal closes only the tooltip instead of also dismissing the modal.
diff --git a/.changeset/warm-spies-double.md b/.changeset/warm-spies-double.md
deleted file mode 100644
index 4d588c6960b..00000000000
--- a/.changeset/warm-spies-double.md
+++ /dev/null
@@ -1,5 +0,0 @@
----
-'@clerk/backend': patch
----
-
-Enforce the `azp` (authorized party) claim when `authorizedParties` is configured. Previously, a session token that was missing the `azp` claim was accepted even when `authorizedParties` was set, allowing the authorized-parties check to be bypassed by omitting the claim. Now, when `authorizedParties` is configured, a token with a missing or empty `azp` claim is rejected. Tokens without `azp` continue to be accepted when no `authorizedParties` are configured.
diff --git a/.changeset/wise-drawers-appear.md b/.changeset/wise-drawers-appear.md
deleted file mode 100644
index a845151cc84..00000000000
--- a/.changeset/wise-drawers-appear.md
+++ /dev/null
@@ -1,2 +0,0 @@
----
----
diff --git a/packages/astro/CHANGELOG.md b/packages/astro/CHANGELOG.md
index 1b4dc890cfc..3b9df382002 100644
--- a/packages/astro/CHANGELOG.md
+++ b/packages/astro/CHANGELOG.md
@@ -1,5 +1,13 @@
# @clerk/astro
+## 3.4.13
+
+### Patch Changes
+
+- Updated dependencies [[`6f97ef5`](https://github.com/clerk/javascript/commit/6f97ef59429a88af14534df895e52893b4f160a6), [`bab1f29`](https://github.com/clerk/javascript/commit/bab1f2978d6fed5aab62721b85a7066cd771d5c9), [`f2d9e4b`](https://github.com/clerk/javascript/commit/f2d9e4b9eeac4cb9a2b1c9d4278ff11cf49555b1), [`80afb69`](https://github.com/clerk/javascript/commit/80afb69ecf2d1a3525e46a919952a47ff1fe924b)]:
+ - @clerk/shared@4.25.0
+ - @clerk/backend@3.11.1
+
## 3.4.12
### Patch Changes
diff --git a/packages/astro/package.json b/packages/astro/package.json
index 9054d23b552..e8b9b2fd520 100644
--- a/packages/astro/package.json
+++ b/packages/astro/package.json
@@ -1,6 +1,6 @@
{
"name": "@clerk/astro",
- "version": "3.4.12",
+ "version": "3.4.13",
"description": "Clerk SDK for Astro",
"keywords": [
"auth",
diff --git a/packages/backend/CHANGELOG.md b/packages/backend/CHANGELOG.md
index eed10681fb4..e597cf49540 100644
--- a/packages/backend/CHANGELOG.md
+++ b/packages/backend/CHANGELOG.md
@@ -1,5 +1,14 @@
# Change Log
+## 3.11.1
+
+### Patch Changes
+
+- Enforce the `azp` (authorized party) claim when `authorizedParties` is configured. Previously, a session token that was missing the `azp` claim was accepted even when `authorizedParties` was set, allowing the authorized-parties check to be bypassed by omitting the claim. Now, when `authorizedParties` is configured, a token with a missing or empty `azp` claim is rejected. Tokens without `azp` continue to be accepted when no `authorizedParties` are configured. ([#8877](https://github.com/clerk/javascript/pull/8877)) by [@dominic-clerk](https://github.com/dominic-clerk)
+
+- Updated dependencies [[`6f97ef5`](https://github.com/clerk/javascript/commit/6f97ef59429a88af14534df895e52893b4f160a6), [`bab1f29`](https://github.com/clerk/javascript/commit/bab1f2978d6fed5aab62721b85a7066cd771d5c9), [`f2d9e4b`](https://github.com/clerk/javascript/commit/f2d9e4b9eeac4cb9a2b1c9d4278ff11cf49555b1)]:
+ - @clerk/shared@4.25.0
+
## 3.11.0
### Minor Changes
diff --git a/packages/backend/package.json b/packages/backend/package.json
index f7785fc871e..6b4612920ac 100644
--- a/packages/backend/package.json
+++ b/packages/backend/package.json
@@ -1,6 +1,6 @@
{
"name": "@clerk/backend",
- "version": "3.11.0",
+ "version": "3.11.1",
"description": "Clerk Backend SDK - REST Client for Backend API & JWT verification utilities",
"homepage": "https://clerk.com/",
"bugs": {
diff --git a/packages/chrome-extension/CHANGELOG.md b/packages/chrome-extension/CHANGELOG.md
index 0afbe853a8c..225fb1d17ac 100644
--- a/packages/chrome-extension/CHANGELOG.md
+++ b/packages/chrome-extension/CHANGELOG.md
@@ -1,5 +1,15 @@
# Change Log
+## 3.1.49
+
+### Patch Changes
+
+- Updated dependencies [[`3995e8a`](https://github.com/clerk/javascript/commit/3995e8a0edc721a972d7d817c830f48867bedb6c), [`409cdae`](https://github.com/clerk/javascript/commit/409cdaebfb5bfb05a6d78b92a78171b0c7edb772), [`6f97ef5`](https://github.com/clerk/javascript/commit/6f97ef59429a88af14534df895e52893b4f160a6), [`5f2e749`](https://github.com/clerk/javascript/commit/5f2e74908c434848ab863dd9ece05c7ea4d36c98), [`bab1f29`](https://github.com/clerk/javascript/commit/bab1f2978d6fed5aab62721b85a7066cd771d5c9), [`4aebb88`](https://github.com/clerk/javascript/commit/4aebb88c51423132911ee87445c631d373e76981), [`f2d9e4b`](https://github.com/clerk/javascript/commit/f2d9e4b9eeac4cb9a2b1c9d4278ff11cf49555b1), [`f9afa48`](https://github.com/clerk/javascript/commit/f9afa489a10b47e7609743ad2d2eddc019661acb)]:
+ - @clerk/ui@1.25.0
+ - @clerk/shared@4.25.0
+ - @clerk/clerk-js@6.25.0
+ - @clerk/react@6.12.0
+
## 3.1.48
### Patch Changes
diff --git a/packages/chrome-extension/package.json b/packages/chrome-extension/package.json
index d7ec8562bb1..1fee5846fc8 100644
--- a/packages/chrome-extension/package.json
+++ b/packages/chrome-extension/package.json
@@ -1,6 +1,6 @@
{
"name": "@clerk/chrome-extension",
- "version": "3.1.48",
+ "version": "3.1.49",
"description": "Clerk SDK for Chrome extensions",
"keywords": [
"auth",
diff --git a/packages/clerk-js/CHANGELOG.md b/packages/clerk-js/CHANGELOG.md
index 6caf256f508..32b3ba98223 100644
--- a/packages/clerk-js/CHANGELOG.md
+++ b/packages/clerk-js/CHANGELOG.md
@@ -1,5 +1,37 @@
# Change Log
+## 6.25.0
+
+### Minor Changes
+
+- Add support for Clerk Protect mid-flow SDK challenges (`protect_check`) on both sign-up and sign-in. ([#8329](https://github.com/clerk/javascript/pull/8329)) by [@zourzouvillys](https://github.com/zourzouvillys)
+
+ When the Protect antifraud service issues a challenge, responses now carry a `protectCheck` field
+ with `{ status, token, sdkUrl, expiresAt?, uiHints? }`. Clients resolve the gate by loading the
+ SDK at `sdkUrl`, executing the challenge, and submitting the resulting proof token via
+ `signUp.submitProtectCheck({ proofToken })` or `signIn.submitProtectCheck({ proofToken })`. The
+ response may carry a chained challenge, which the SDK resolves iteratively.
+
+ Sign-in adds a new `'needs_protect_check'` value to the `SignInStatus` union. **Upgrading this
+ package is type-only and does not change runtime behavior**: the server returns the new status
+ (and the `protectCheck` field) only for instances where Protect mid-flow challenges have been
+ explicitly enabled — the feature is off by default and is not enabled for existing instances by
+ upgrading. The server additionally only emits the new status value to SDK versions that
+ understand it, so older clients never receive an unknown status.
+
+ If an exhaustive `switch` on `signIn.status` flags the new value after upgrading, handle it by
+ running the challenge described by `protectCheck` and submitting the proof via
+ `submitProtectCheck()`. Clients should treat the `protectCheck` field as the authoritative gate
+ signal and fall back to the status value for defense in depth.
+
+ The pre-built `` and `` components handle the gate automatically by routing
+ to a new `protect-check` route that runs the challenge SDK and resumes the flow on completion.
+
+### Patch Changes
+
+- Updated dependencies [[`6f97ef5`](https://github.com/clerk/javascript/commit/6f97ef59429a88af14534df895e52893b4f160a6), [`bab1f29`](https://github.com/clerk/javascript/commit/bab1f2978d6fed5aab62721b85a7066cd771d5c9), [`f2d9e4b`](https://github.com/clerk/javascript/commit/f2d9e4b9eeac4cb9a2b1c9d4278ff11cf49555b1)]:
+ - @clerk/shared@4.25.0
+
## 6.24.0
### Minor Changes
diff --git a/packages/clerk-js/package.json b/packages/clerk-js/package.json
index df73700f17e..2e81e780300 100644
--- a/packages/clerk-js/package.json
+++ b/packages/clerk-js/package.json
@@ -1,6 +1,6 @@
{
"name": "@clerk/clerk-js",
- "version": "6.24.0",
+ "version": "6.25.0",
"description": "Clerk JS library",
"keywords": [
"clerk",
diff --git a/packages/electron/CHANGELOG.md b/packages/electron/CHANGELOG.md
index fc01fa061e0..9c4129313fa 100644
--- a/packages/electron/CHANGELOG.md
+++ b/packages/electron/CHANGELOG.md
@@ -1,5 +1,14 @@
# @clerk/electron
+## 0.0.10
+
+### Patch Changes
+
+- Updated dependencies [[`6f97ef5`](https://github.com/clerk/javascript/commit/6f97ef59429a88af14534df895e52893b4f160a6), [`bab1f29`](https://github.com/clerk/javascript/commit/bab1f2978d6fed5aab62721b85a7066cd771d5c9), [`f2d9e4b`](https://github.com/clerk/javascript/commit/f2d9e4b9eeac4cb9a2b1c9d4278ff11cf49555b1)]:
+ - @clerk/shared@4.25.0
+ - @clerk/clerk-js@6.25.0
+ - @clerk/react@6.12.0
+
## 0.0.9
### Patch Changes
diff --git a/packages/electron/package.json b/packages/electron/package.json
index 7a1789942b5..49c0de3ce64 100644
--- a/packages/electron/package.json
+++ b/packages/electron/package.json
@@ -1,6 +1,6 @@
{
"name": "@clerk/electron",
- "version": "0.0.9",
+ "version": "0.0.10",
"description": "Clerk SDK for Electron",
"keywords": [
"clerk",
diff --git a/packages/expo-passkeys/CHANGELOG.md b/packages/expo-passkeys/CHANGELOG.md
index f77315935cd..d245b680f72 100644
--- a/packages/expo-passkeys/CHANGELOG.md
+++ b/packages/expo-passkeys/CHANGELOG.md
@@ -1,5 +1,12 @@
# @clerk/expo-passkeys
+## 1.2.1
+
+### Patch Changes
+
+- Updated dependencies [[`6f97ef5`](https://github.com/clerk/javascript/commit/6f97ef59429a88af14534df895e52893b4f160a6), [`bab1f29`](https://github.com/clerk/javascript/commit/bab1f2978d6fed5aab62721b85a7066cd771d5c9), [`f2d9e4b`](https://github.com/clerk/javascript/commit/f2d9e4b9eeac4cb9a2b1c9d4278ff11cf49555b1)]:
+ - @clerk/shared@4.25.0
+
## 1.2.0
### Minor Changes
diff --git a/packages/expo-passkeys/package.json b/packages/expo-passkeys/package.json
index 872ebbfe951..ece1a10186f 100644
--- a/packages/expo-passkeys/package.json
+++ b/packages/expo-passkeys/package.json
@@ -1,6 +1,6 @@
{
"name": "@clerk/expo-passkeys",
- "version": "1.2.0",
+ "version": "1.2.1",
"description": "Passkeys library to be used with Clerk for expo",
"keywords": [
"react-native",
diff --git a/packages/expo/CHANGELOG.md b/packages/expo/CHANGELOG.md
index 27165028c06..8f4ca3fa221 100644
--- a/packages/expo/CHANGELOG.md
+++ b/packages/expo/CHANGELOG.md
@@ -1,5 +1,14 @@
# Change Log
+## 3.7.1
+
+### Patch Changes
+
+- Updated dependencies [[`6f97ef5`](https://github.com/clerk/javascript/commit/6f97ef59429a88af14534df895e52893b4f160a6), [`bab1f29`](https://github.com/clerk/javascript/commit/bab1f2978d6fed5aab62721b85a7066cd771d5c9), [`f2d9e4b`](https://github.com/clerk/javascript/commit/f2d9e4b9eeac4cb9a2b1c9d4278ff11cf49555b1)]:
+ - @clerk/shared@4.25.0
+ - @clerk/clerk-js@6.25.0
+ - @clerk/react@6.12.0
+
## 3.7.0
### Minor Changes
diff --git a/packages/expo/package.json b/packages/expo/package.json
index 2c82d2531b1..3110fbbfa2b 100644
--- a/packages/expo/package.json
+++ b/packages/expo/package.json
@@ -1,6 +1,6 @@
{
"name": "@clerk/expo",
- "version": "3.7.0",
+ "version": "3.7.1",
"description": "Clerk React Native/Expo library",
"keywords": [
"react",
diff --git a/packages/express/CHANGELOG.md b/packages/express/CHANGELOG.md
index a3a3ce6fded..8e2e686ee3d 100644
--- a/packages/express/CHANGELOG.md
+++ b/packages/express/CHANGELOG.md
@@ -1,5 +1,13 @@
# Change Log
+## 2.1.37
+
+### Patch Changes
+
+- Updated dependencies [[`6f97ef5`](https://github.com/clerk/javascript/commit/6f97ef59429a88af14534df895e52893b4f160a6), [`bab1f29`](https://github.com/clerk/javascript/commit/bab1f2978d6fed5aab62721b85a7066cd771d5c9), [`f2d9e4b`](https://github.com/clerk/javascript/commit/f2d9e4b9eeac4cb9a2b1c9d4278ff11cf49555b1), [`80afb69`](https://github.com/clerk/javascript/commit/80afb69ecf2d1a3525e46a919952a47ff1fe924b)]:
+ - @clerk/shared@4.25.0
+ - @clerk/backend@3.11.1
+
## 2.1.36
### Patch Changes
diff --git a/packages/express/package.json b/packages/express/package.json
index 62d919ae17a..cbec4d6040f 100644
--- a/packages/express/package.json
+++ b/packages/express/package.json
@@ -1,6 +1,6 @@
{
"name": "@clerk/express",
- "version": "2.1.36",
+ "version": "2.1.37",
"description": "Clerk server SDK for usage with Express",
"keywords": [
"clerk",
diff --git a/packages/fastify/CHANGELOG.md b/packages/fastify/CHANGELOG.md
index 24c036a9981..2c764c683b6 100644
--- a/packages/fastify/CHANGELOG.md
+++ b/packages/fastify/CHANGELOG.md
@@ -1,5 +1,13 @@
# Change Log
+## 3.1.47
+
+### Patch Changes
+
+- Updated dependencies [[`6f97ef5`](https://github.com/clerk/javascript/commit/6f97ef59429a88af14534df895e52893b4f160a6), [`bab1f29`](https://github.com/clerk/javascript/commit/bab1f2978d6fed5aab62721b85a7066cd771d5c9), [`f2d9e4b`](https://github.com/clerk/javascript/commit/f2d9e4b9eeac4cb9a2b1c9d4278ff11cf49555b1), [`80afb69`](https://github.com/clerk/javascript/commit/80afb69ecf2d1a3525e46a919952a47ff1fe924b)]:
+ - @clerk/shared@4.25.0
+ - @clerk/backend@3.11.1
+
## 3.1.46
### Patch Changes
diff --git a/packages/fastify/package.json b/packages/fastify/package.json
index 887d24edcbb..acba4feb64b 100644
--- a/packages/fastify/package.json
+++ b/packages/fastify/package.json
@@ -1,6 +1,6 @@
{
"name": "@clerk/fastify",
- "version": "3.1.46",
+ "version": "3.1.47",
"description": "Clerk SDK for Fastify",
"keywords": [
"auth",
diff --git a/packages/headless/CHANGELOG.md b/packages/headless/CHANGELOG.md
index 2a76f21ea71..3ff80a43f9a 100644
--- a/packages/headless/CHANGELOG.md
+++ b/packages/headless/CHANGELOG.md
@@ -1,5 +1,12 @@
# @clerk/headless
+## 0.0.8
+
+### Patch Changes
+
+- Updated dependencies [[`6f97ef5`](https://github.com/clerk/javascript/commit/6f97ef59429a88af14534df895e52893b4f160a6), [`bab1f29`](https://github.com/clerk/javascript/commit/bab1f2978d6fed5aab62721b85a7066cd771d5c9), [`f2d9e4b`](https://github.com/clerk/javascript/commit/f2d9e4b9eeac4cb9a2b1c9d4278ff11cf49555b1)]:
+ - @clerk/shared@4.25.0
+
## 0.0.7
### Patch Changes
diff --git a/packages/headless/package.json b/packages/headless/package.json
index c405657b705..5db54438661 100644
--- a/packages/headless/package.json
+++ b/packages/headless/package.json
@@ -1,6 +1,6 @@
{
"name": "@clerk/headless",
- "version": "0.0.7",
+ "version": "0.0.8",
"private": true,
"sideEffects": false,
"type": "module",
diff --git a/packages/hono/CHANGELOG.md b/packages/hono/CHANGELOG.md
index 32ab9be6570..8f90015ad9a 100644
--- a/packages/hono/CHANGELOG.md
+++ b/packages/hono/CHANGELOG.md
@@ -1,5 +1,13 @@
# @clerk/hono
+## 0.1.47
+
+### Patch Changes
+
+- Updated dependencies [[`6f97ef5`](https://github.com/clerk/javascript/commit/6f97ef59429a88af14534df895e52893b4f160a6), [`bab1f29`](https://github.com/clerk/javascript/commit/bab1f2978d6fed5aab62721b85a7066cd771d5c9), [`f2d9e4b`](https://github.com/clerk/javascript/commit/f2d9e4b9eeac4cb9a2b1c9d4278ff11cf49555b1), [`80afb69`](https://github.com/clerk/javascript/commit/80afb69ecf2d1a3525e46a919952a47ff1fe924b)]:
+ - @clerk/shared@4.25.0
+ - @clerk/backend@3.11.1
+
## 0.1.46
### Patch Changes
diff --git a/packages/hono/package.json b/packages/hono/package.json
index 03fd723d26a..3047b49f531 100644
--- a/packages/hono/package.json
+++ b/packages/hono/package.json
@@ -1,6 +1,6 @@
{
"name": "@clerk/hono",
- "version": "0.1.46",
+ "version": "0.1.47",
"description": "Clerk SDK for Hono",
"keywords": [
"auth",
diff --git a/packages/localizations/CHANGELOG.md b/packages/localizations/CHANGELOG.md
index 529402a742a..c0d9c0d5553 100644
--- a/packages/localizations/CHANGELOG.md
+++ b/packages/localizations/CHANGELOG.md
@@ -1,5 +1,37 @@
# Change Log
+## 4.13.0
+
+### Minor Changes
+
+- Add support for Clerk Protect mid-flow SDK challenges (`protect_check`) on both sign-up and sign-in. ([#8329](https://github.com/clerk/javascript/pull/8329)) by [@zourzouvillys](https://github.com/zourzouvillys)
+
+ When the Protect antifraud service issues a challenge, responses now carry a `protectCheck` field
+ with `{ status, token, sdkUrl, expiresAt?, uiHints? }`. Clients resolve the gate by loading the
+ SDK at `sdkUrl`, executing the challenge, and submitting the resulting proof token via
+ `signUp.submitProtectCheck({ proofToken })` or `signIn.submitProtectCheck({ proofToken })`. The
+ response may carry a chained challenge, which the SDK resolves iteratively.
+
+ Sign-in adds a new `'needs_protect_check'` value to the `SignInStatus` union. **Upgrading this
+ package is type-only and does not change runtime behavior**: the server returns the new status
+ (and the `protectCheck` field) only for instances where Protect mid-flow challenges have been
+ explicitly enabled — the feature is off by default and is not enabled for existing instances by
+ upgrading. The server additionally only emits the new status value to SDK versions that
+ understand it, so older clients never receive an unknown status.
+
+ If an exhaustive `switch` on `signIn.status` flags the new value after upgrading, handle it by
+ running the challenge described by `protectCheck` and submitting the proof via
+ `submitProtectCheck()`. Clients should treat the `protectCheck` field as the authoritative gate
+ signal and fall back to the status value for defense in depth.
+
+ The pre-built `` and `` components handle the gate automatically by routing
+ to a new `protect-check` route that runs the challenge SDK and resumes the flow on completion.
+
+### Patch Changes
+
+- Updated dependencies [[`6f97ef5`](https://github.com/clerk/javascript/commit/6f97ef59429a88af14534df895e52893b4f160a6), [`bab1f29`](https://github.com/clerk/javascript/commit/bab1f2978d6fed5aab62721b85a7066cd771d5c9), [`f2d9e4b`](https://github.com/clerk/javascript/commit/f2d9e4b9eeac4cb9a2b1c9d4278ff11cf49555b1)]:
+ - @clerk/shared@4.25.0
+
## 4.12.1
### Patch Changes
diff --git a/packages/localizations/package.json b/packages/localizations/package.json
index 0fe9cdf22aa..35c6e11542f 100644
--- a/packages/localizations/package.json
+++ b/packages/localizations/package.json
@@ -1,6 +1,6 @@
{
"name": "@clerk/localizations",
- "version": "4.12.1",
+ "version": "4.13.0",
"description": "Localizations for the Clerk components",
"keywords": [
"react",
diff --git a/packages/msw/CHANGELOG.md b/packages/msw/CHANGELOG.md
index 5eab1c824da..67583e34afc 100644
--- a/packages/msw/CHANGELOG.md
+++ b/packages/msw/CHANGELOG.md
@@ -1,5 +1,12 @@
# @clerk/msw
+## 0.0.44
+
+### Patch Changes
+
+- Updated dependencies [[`6f97ef5`](https://github.com/clerk/javascript/commit/6f97ef59429a88af14534df895e52893b4f160a6), [`bab1f29`](https://github.com/clerk/javascript/commit/bab1f2978d6fed5aab62721b85a7066cd771d5c9), [`f2d9e4b`](https://github.com/clerk/javascript/commit/f2d9e4b9eeac4cb9a2b1c9d4278ff11cf49555b1)]:
+ - @clerk/shared@4.25.0
+
## 0.0.43
### Patch Changes
diff --git a/packages/msw/package.json b/packages/msw/package.json
index c8ec5d519c0..004504f96cb 100644
--- a/packages/msw/package.json
+++ b/packages/msw/package.json
@@ -1,6 +1,6 @@
{
"name": "@clerk/msw",
- "version": "0.0.43",
+ "version": "0.0.44",
"private": true,
"sideEffects": false,
"type": "module",
diff --git a/packages/nextjs/CHANGELOG.md b/packages/nextjs/CHANGELOG.md
index b06eb574ee0..b3ec78edac0 100644
--- a/packages/nextjs/CHANGELOG.md
+++ b/packages/nextjs/CHANGELOG.md
@@ -1,5 +1,33 @@
# Change Log
+## 7.5.14
+
+### Patch Changes
+
+- Deprecate `createRouteMatcher()` in favor of resource-based auth checks. ([#8994](https://github.com/clerk/javascript/pull/8994)) by [@Ephem](https://github.com/Ephem)
+
+ Middleware-based auth checks rely on path matching, which can diverge from how Next.js routes requests and leave protected resources reachable.
+
+ For a migration guide, see:
+ https://clerk.com/docs/guides/development/upgrading/upgrade-guides/migrate-from-create-route-matcher
+
+ Instead of protecting routes from middleware, move auth checks into each protected page, layout, API route, or Server Function, for example:
+
+ ```ts
+ import { auth } from '@clerk/nextjs/server'
+
+ export default async function Page() {
+ await auth.protect()
+
+ return Dashboard
+ }
+ ```
+
+- Updated dependencies [[`6f97ef5`](https://github.com/clerk/javascript/commit/6f97ef59429a88af14534df895e52893b4f160a6), [`bab1f29`](https://github.com/clerk/javascript/commit/bab1f2978d6fed5aab62721b85a7066cd771d5c9), [`f2d9e4b`](https://github.com/clerk/javascript/commit/f2d9e4b9eeac4cb9a2b1c9d4278ff11cf49555b1), [`80afb69`](https://github.com/clerk/javascript/commit/80afb69ecf2d1a3525e46a919952a47ff1fe924b)]:
+ - @clerk/shared@4.25.0
+ - @clerk/react@6.12.0
+ - @clerk/backend@3.11.1
+
## 7.5.13
### Patch Changes
diff --git a/packages/nextjs/package.json b/packages/nextjs/package.json
index 4e6ccd169b3..fc16d97154d 100644
--- a/packages/nextjs/package.json
+++ b/packages/nextjs/package.json
@@ -1,6 +1,6 @@
{
"name": "@clerk/nextjs",
- "version": "7.5.13",
+ "version": "7.5.14",
"description": "Clerk SDK for NextJS",
"keywords": [
"clerk",
diff --git a/packages/nuxt/CHANGELOG.md b/packages/nuxt/CHANGELOG.md
index db19cb04bca..21f09d2f225 100644
--- a/packages/nuxt/CHANGELOG.md
+++ b/packages/nuxt/CHANGELOG.md
@@ -1,5 +1,31 @@
# @clerk/nuxt
+## 2.6.13
+
+### Patch Changes
+
+- Deprecate `createRouteMatcher()` in favor of Nuxt's native route matching. ([#9092](https://github.com/clerk/javascript/pull/9092)) by [@jacekradko](https://github.com/jacekradko)
+
+ To protect API routes, match paths natively inside `clerkMiddleware()`:
+
+ ```ts
+ export default clerkMiddleware(event => {
+ const { isAuthenticated } = event.context.auth();
+ const { pathname } = getRequestURL(event);
+
+ if (!isAuthenticated && pathname.startsWith('/api/admin')) {
+ throw createError({ statusCode: 401, statusMessage: 'Unauthorized' });
+ }
+ });
+ ```
+
+ To protect pages, use Nuxt's built-in route middleware with `definePageMeta({ middleware: 'auth' })`.
+
+- Updated dependencies [[`6f97ef5`](https://github.com/clerk/javascript/commit/6f97ef59429a88af14534df895e52893b4f160a6), [`bab1f29`](https://github.com/clerk/javascript/commit/bab1f2978d6fed5aab62721b85a7066cd771d5c9), [`f2d9e4b`](https://github.com/clerk/javascript/commit/f2d9e4b9eeac4cb9a2b1c9d4278ff11cf49555b1), [`80afb69`](https://github.com/clerk/javascript/commit/80afb69ecf2d1a3525e46a919952a47ff1fe924b)]:
+ - @clerk/shared@4.25.0
+ - @clerk/backend@3.11.1
+ - @clerk/vue@2.4.12
+
## 2.6.12
### Patch Changes
diff --git a/packages/nuxt/package.json b/packages/nuxt/package.json
index 8351402322a..15bbea9529d 100644
--- a/packages/nuxt/package.json
+++ b/packages/nuxt/package.json
@@ -1,6 +1,6 @@
{
"name": "@clerk/nuxt",
- "version": "2.6.12",
+ "version": "2.6.13",
"description": "Clerk SDK for Nuxt",
"keywords": [
"clerk",
diff --git a/packages/react-router/CHANGELOG.md b/packages/react-router/CHANGELOG.md
index 55ab1585040..ad55b5a25a8 100644
--- a/packages/react-router/CHANGELOG.md
+++ b/packages/react-router/CHANGELOG.md
@@ -1,5 +1,14 @@
# Change Log
+## 3.5.6
+
+### Patch Changes
+
+- Updated dependencies [[`6f97ef5`](https://github.com/clerk/javascript/commit/6f97ef59429a88af14534df895e52893b4f160a6), [`bab1f29`](https://github.com/clerk/javascript/commit/bab1f2978d6fed5aab62721b85a7066cd771d5c9), [`f2d9e4b`](https://github.com/clerk/javascript/commit/f2d9e4b9eeac4cb9a2b1c9d4278ff11cf49555b1), [`80afb69`](https://github.com/clerk/javascript/commit/80afb69ecf2d1a3525e46a919952a47ff1fe924b)]:
+ - @clerk/shared@4.25.0
+ - @clerk/react@6.12.0
+ - @clerk/backend@3.11.1
+
## 3.5.5
### Patch Changes
diff --git a/packages/react-router/package.json b/packages/react-router/package.json
index 7e18dea6c24..4afd384bb5d 100644
--- a/packages/react-router/package.json
+++ b/packages/react-router/package.json
@@ -1,6 +1,6 @@
{
"name": "@clerk/react-router",
- "version": "3.5.5",
+ "version": "3.5.6",
"description": "Clerk SDK for React Router",
"keywords": [
"clerk",
diff --git a/packages/react/CHANGELOG.md b/packages/react/CHANGELOG.md
index 1f1a7763776..070ff953559 100644
--- a/packages/react/CHANGELOG.md
+++ b/packages/react/CHANGELOG.md
@@ -1,5 +1,37 @@
# Change Log
+## 6.12.0
+
+### Minor Changes
+
+- Add support for Clerk Protect mid-flow SDK challenges (`protect_check`) on both sign-up and sign-in. ([#8329](https://github.com/clerk/javascript/pull/8329)) by [@zourzouvillys](https://github.com/zourzouvillys)
+
+ When the Protect antifraud service issues a challenge, responses now carry a `protectCheck` field
+ with `{ status, token, sdkUrl, expiresAt?, uiHints? }`. Clients resolve the gate by loading the
+ SDK at `sdkUrl`, executing the challenge, and submitting the resulting proof token via
+ `signUp.submitProtectCheck({ proofToken })` or `signIn.submitProtectCheck({ proofToken })`. The
+ response may carry a chained challenge, which the SDK resolves iteratively.
+
+ Sign-in adds a new `'needs_protect_check'` value to the `SignInStatus` union. **Upgrading this
+ package is type-only and does not change runtime behavior**: the server returns the new status
+ (and the `protectCheck` field) only for instances where Protect mid-flow challenges have been
+ explicitly enabled — the feature is off by default and is not enabled for existing instances by
+ upgrading. The server additionally only emits the new status value to SDK versions that
+ understand it, so older clients never receive an unknown status.
+
+ If an exhaustive `switch` on `signIn.status` flags the new value after upgrading, handle it by
+ running the challenge described by `protectCheck` and submitting the proof via
+ `submitProtectCheck()`. Clients should treat the `protectCheck` field as the authoritative gate
+ signal and fall back to the status value for defense in depth.
+
+ The pre-built `` and `` components handle the gate automatically by routing
+ to a new `protect-check` route that runs the challenge SDK and resumes the flow on completion.
+
+### Patch Changes
+
+- Updated dependencies [[`6f97ef5`](https://github.com/clerk/javascript/commit/6f97ef59429a88af14534df895e52893b4f160a6), [`bab1f29`](https://github.com/clerk/javascript/commit/bab1f2978d6fed5aab62721b85a7066cd771d5c9), [`f2d9e4b`](https://github.com/clerk/javascript/commit/f2d9e4b9eeac4cb9a2b1c9d4278ff11cf49555b1)]:
+ - @clerk/shared@4.25.0
+
## 6.11.4
### Patch Changes
diff --git a/packages/react/package.json b/packages/react/package.json
index 8598951c89c..8133c391a0b 100644
--- a/packages/react/package.json
+++ b/packages/react/package.json
@@ -1,6 +1,6 @@
{
"name": "@clerk/react",
- "version": "6.11.4",
+ "version": "6.12.0",
"description": "Clerk React library",
"keywords": [
"clerk",
diff --git a/packages/shared/CHANGELOG.md b/packages/shared/CHANGELOG.md
index 60d10fea23f..0ca464fec91 100644
--- a/packages/shared/CHANGELOG.md
+++ b/packages/shared/CHANGELOG.md
@@ -1,5 +1,38 @@
# Change Log
+## 4.25.0
+
+### Minor Changes
+
+- Add support for Clerk Protect mid-flow SDK challenges (`protect_check`) on both sign-up and sign-in. ([#8329](https://github.com/clerk/javascript/pull/8329)) by [@zourzouvillys](https://github.com/zourzouvillys)
+
+ When the Protect antifraud service issues a challenge, responses now carry a `protectCheck` field
+ with `{ status, token, sdkUrl, expiresAt?, uiHints? }`. Clients resolve the gate by loading the
+ SDK at `sdkUrl`, executing the challenge, and submitting the resulting proof token via
+ `signUp.submitProtectCheck({ proofToken })` or `signIn.submitProtectCheck({ proofToken })`. The
+ response may carry a chained challenge, which the SDK resolves iteratively.
+
+ Sign-in adds a new `'needs_protect_check'` value to the `SignInStatus` union. **Upgrading this
+ package is type-only and does not change runtime behavior**: the server returns the new status
+ (and the `protectCheck` field) only for instances where Protect mid-flow challenges have been
+ explicitly enabled — the feature is off by default and is not enabled for existing instances by
+ upgrading. The server additionally only emits the new status value to SDK versions that
+ understand it, so older clients never receive an unknown status.
+
+ If an exhaustive `switch` on `signIn.status` flags the new value after upgrading, handle it by
+ running the challenge described by `protectCheck` and submitting the proof via
+ `submitProtectCheck()`. Clients should treat the `protectCheck` field as the authoritative gate
+ signal and fall back to the status value for defense in depth.
+
+ The pre-built `` and `` components handle the gate automatically by routing
+ to a new `protect-check` route that runs the challenge SDK and resumes the flow on completion.
+
+### Patch Changes
+
+- Fix the `touchSession` option documentation to link directly to the Frontend API touch endpoint. ([#9097](https://github.com/clerk/javascript/pull/9097)) by [@SarahSoutoul](https://github.com/SarahSoutoul)
+
+- Polish the Protect check card: the loading spinner now hides while a challenge widget (e.g. Turnstile) is visible instead of spinning alongside it, only appears after a short delay so near-instant checks never flash it, and the card no longer reserves empty space above the spinner before a widget has rendered. ([#9099](https://github.com/clerk/javascript/pull/9099)) by [@mwickett](https://github.com/mwickett)
+
## 4.24.0
### Minor Changes
diff --git a/packages/shared/package.json b/packages/shared/package.json
index cd5b383ca2c..08553956528 100644
--- a/packages/shared/package.json
+++ b/packages/shared/package.json
@@ -1,6 +1,6 @@
{
"name": "@clerk/shared",
- "version": "4.24.0",
+ "version": "4.25.0",
"description": "Internal package utils used by the Clerk SDKs",
"repository": {
"type": "git",
diff --git a/packages/swingset/CHANGELOG.md b/packages/swingset/CHANGELOG.md
index 0d9113ed598..e6168ddfb35 100644
--- a/packages/swingset/CHANGELOG.md
+++ b/packages/swingset/CHANGELOG.md
@@ -1,5 +1,13 @@
# @clerk/swingset
+## 0.0.15
+
+### Patch Changes
+
+- Updated dependencies [[`3995e8a`](https://github.com/clerk/javascript/commit/3995e8a0edc721a972d7d817c830f48867bedb6c), [`409cdae`](https://github.com/clerk/javascript/commit/409cdaebfb5bfb05a6d78b92a78171b0c7edb772), [`5f2e749`](https://github.com/clerk/javascript/commit/5f2e74908c434848ab863dd9ece05c7ea4d36c98), [`bab1f29`](https://github.com/clerk/javascript/commit/bab1f2978d6fed5aab62721b85a7066cd771d5c9), [`4aebb88`](https://github.com/clerk/javascript/commit/4aebb88c51423132911ee87445c631d373e76981), [`f2d9e4b`](https://github.com/clerk/javascript/commit/f2d9e4b9eeac4cb9a2b1c9d4278ff11cf49555b1), [`f9afa48`](https://github.com/clerk/javascript/commit/f9afa489a10b47e7609743ad2d2eddc019661acb)]:
+ - @clerk/ui@1.25.0
+ - @clerk/headless@0.0.8
+
## 0.0.14
### Patch Changes
diff --git a/packages/swingset/package.json b/packages/swingset/package.json
index 718b10bb163..88176ba9c45 100644
--- a/packages/swingset/package.json
+++ b/packages/swingset/package.json
@@ -1,6 +1,6 @@
{
"name": "@clerk/swingset",
- "version": "0.0.14",
+ "version": "0.0.15",
"private": true,
"type": "module",
"scripts": {
diff --git a/packages/tanstack-react-start/CHANGELOG.md b/packages/tanstack-react-start/CHANGELOG.md
index ac971d9bab2..6da91361884 100644
--- a/packages/tanstack-react-start/CHANGELOG.md
+++ b/packages/tanstack-react-start/CHANGELOG.md
@@ -1,5 +1,14 @@
# @clerk/tanstack-react-start
+## 1.4.14
+
+### Patch Changes
+
+- Updated dependencies [[`6f97ef5`](https://github.com/clerk/javascript/commit/6f97ef59429a88af14534df895e52893b4f160a6), [`bab1f29`](https://github.com/clerk/javascript/commit/bab1f2978d6fed5aab62721b85a7066cd771d5c9), [`f2d9e4b`](https://github.com/clerk/javascript/commit/f2d9e4b9eeac4cb9a2b1c9d4278ff11cf49555b1), [`80afb69`](https://github.com/clerk/javascript/commit/80afb69ecf2d1a3525e46a919952a47ff1fe924b)]:
+ - @clerk/shared@4.25.0
+ - @clerk/react@6.12.0
+ - @clerk/backend@3.11.1
+
## 1.4.13
### Patch Changes
diff --git a/packages/tanstack-react-start/package.json b/packages/tanstack-react-start/package.json
index 8a8f1609d94..ce7ff9c2e08 100644
--- a/packages/tanstack-react-start/package.json
+++ b/packages/tanstack-react-start/package.json
@@ -1,6 +1,6 @@
{
"name": "@clerk/tanstack-react-start",
- "version": "1.4.13",
+ "version": "1.4.14",
"description": "Clerk SDK for TanStack React Start",
"keywords": [
"clerk",
diff --git a/packages/testing/CHANGELOG.md b/packages/testing/CHANGELOG.md
index 04f596a1557..910f4b0af7e 100644
--- a/packages/testing/CHANGELOG.md
+++ b/packages/testing/CHANGELOG.md
@@ -1,5 +1,13 @@
# @clerk/testing
+## 2.2.4
+
+### Patch Changes
+
+- Updated dependencies [[`6f97ef5`](https://github.com/clerk/javascript/commit/6f97ef59429a88af14534df895e52893b4f160a6), [`bab1f29`](https://github.com/clerk/javascript/commit/bab1f2978d6fed5aab62721b85a7066cd771d5c9), [`f2d9e4b`](https://github.com/clerk/javascript/commit/f2d9e4b9eeac4cb9a2b1c9d4278ff11cf49555b1), [`80afb69`](https://github.com/clerk/javascript/commit/80afb69ecf2d1a3525e46a919952a47ff1fe924b)]:
+ - @clerk/shared@4.25.0
+ - @clerk/backend@3.11.1
+
## 2.2.3
### Patch Changes
diff --git a/packages/testing/package.json b/packages/testing/package.json
index 4690e17d74f..57c4fc98bc0 100644
--- a/packages/testing/package.json
+++ b/packages/testing/package.json
@@ -1,6 +1,6 @@
{
"name": "@clerk/testing",
- "version": "2.2.3",
+ "version": "2.2.4",
"description": "Utilities to help you create E2E test suites for apps using Clerk",
"keywords": [
"auth",
diff --git a/packages/ui/CHANGELOG.md b/packages/ui/CHANGELOG.md
index 70960a45726..a63f5ec94fa 100644
--- a/packages/ui/CHANGELOG.md
+++ b/packages/ui/CHANGELOG.md
@@ -1,5 +1,50 @@
# @clerk/ui
+## 1.25.0
+
+### Minor Changes
+
+- Add support for Clerk Protect mid-flow SDK challenges (`protect_check`) on both sign-up and sign-in. ([#8329](https://github.com/clerk/javascript/pull/8329)) by [@zourzouvillys](https://github.com/zourzouvillys)
+
+ When the Protect antifraud service issues a challenge, responses now carry a `protectCheck` field
+ with `{ status, token, sdkUrl, expiresAt?, uiHints? }`. Clients resolve the gate by loading the
+ SDK at `sdkUrl`, executing the challenge, and submitting the resulting proof token via
+ `signUp.submitProtectCheck({ proofToken })` or `signIn.submitProtectCheck({ proofToken })`. The
+ response may carry a chained challenge, which the SDK resolves iteratively.
+
+ Sign-in adds a new `'needs_protect_check'` value to the `SignInStatus` union. **Upgrading this
+ package is type-only and does not change runtime behavior**: the server returns the new status
+ (and the `protectCheck` field) only for instances where Protect mid-flow challenges have been
+ explicitly enabled — the feature is off by default and is not enabled for existing instances by
+ upgrading. The server additionally only emits the new status value to SDK versions that
+ understand it, so older clients never receive an unknown status.
+
+ If an exhaustive `switch` on `signIn.status` flags the new value after upgrading, handle it by
+ running the challenge described by `protectCheck` and submitting the proof via
+ `submitProtectCheck()`. Clients should treat the `protectCheck` field as the authoritative gate
+ signal and fall back to the status value for defense in depth.
+
+ The pre-built `` and `` components handle the gate automatically by routing
+ to a new `protect-check` route that runs the challenge SDK and resumes the flow on completion.
+
+### Patch Changes
+
+- Fix the payment method form getting stuck in a loading state after a failed card setup. Non-validation errors such as 3DS authentication failures are now displayed. ([#9080](https://github.com/clerk/javascript/pull/9080)) by [@aeliox](https://github.com/aeliox)
+
+- Fix the organization profile modal close button overlapping the SSO configuration wizard's step header. ([#9089](https://github.com/clerk/javascript/pull/9089)) by [@iagodahlem](https://github.com/iagodahlem)
+
+- Enlarge the show/hide password toggle button's hit area with added padding and rounded corners, making it easier to tap and giving it a clearer hover/focus target. ([#9096](https://github.com/clerk/javascript/pull/9096)) by [@alexcarpenter](https://github.com/alexcarpenter)
+
+- Polish the Protect check card: the loading spinner now hides while a challenge widget (e.g. Turnstile) is visible instead of spinning alongside it, only appears after a short delay so near-instant checks never flash it, and the card no longer reserves empty space above the spinner before a widget has rendered. ([#9099](https://github.com/clerk/javascript/pull/9099)) by [@mwickett](https://github.com/mwickett)
+
+- Fix standalone `` Protect checks so the verification card stays mounted while a solved challenge routes to the next step, while stale direct visits to the protect-check route return to the start of the sign-up flow. ([#9082](https://github.com/clerk/javascript/pull/9082)) by [@mwickett](https://github.com/mwickett)
+
+- Fix tooltips rendering behind modals (for example on the organization profile Security page). Tooltips now layer above modal content, and pressing Escape or clicking outside while a tooltip is open inside a modal closes only the tooltip instead of also dismissing the modal. ([#9093](https://github.com/clerk/javascript/pull/9093)) by [@alexcarpenter](https://github.com/alexcarpenter)
+
+- Updated dependencies [[`6f97ef5`](https://github.com/clerk/javascript/commit/6f97ef59429a88af14534df895e52893b4f160a6), [`bab1f29`](https://github.com/clerk/javascript/commit/bab1f2978d6fed5aab62721b85a7066cd771d5c9), [`f2d9e4b`](https://github.com/clerk/javascript/commit/f2d9e4b9eeac4cb9a2b1c9d4278ff11cf49555b1)]:
+ - @clerk/shared@4.25.0
+ - @clerk/localizations@4.13.0
+
## 1.24.2
### Patch Changes
diff --git a/packages/ui/package.json b/packages/ui/package.json
index 1a3a78b3f30..31d3bb19ef0 100644
--- a/packages/ui/package.json
+++ b/packages/ui/package.json
@@ -1,6 +1,6 @@
{
"name": "@clerk/ui",
- "version": "1.24.2",
+ "version": "1.25.0",
"description": "Internal package that contains the UI components for the Clerk frontend SDKs",
"repository": {
"type": "git",
diff --git a/packages/vue/CHANGELOG.md b/packages/vue/CHANGELOG.md
index 2a8fa8acf7f..9ab1df903f6 100644
--- a/packages/vue/CHANGELOG.md
+++ b/packages/vue/CHANGELOG.md
@@ -1,5 +1,12 @@
# @clerk/vue
+## 2.4.12
+
+### Patch Changes
+
+- Updated dependencies [[`6f97ef5`](https://github.com/clerk/javascript/commit/6f97ef59429a88af14534df895e52893b4f160a6), [`bab1f29`](https://github.com/clerk/javascript/commit/bab1f2978d6fed5aab62721b85a7066cd771d5c9), [`f2d9e4b`](https://github.com/clerk/javascript/commit/f2d9e4b9eeac4cb9a2b1c9d4278ff11cf49555b1)]:
+ - @clerk/shared@4.25.0
+
## 2.4.11
### Patch Changes
diff --git a/packages/vue/package.json b/packages/vue/package.json
index 9384fdbeaa9..48c111113fe 100644
--- a/packages/vue/package.json
+++ b/packages/vue/package.json
@@ -1,6 +1,6 @@
{
"name": "@clerk/vue",
- "version": "2.4.11",
+ "version": "2.4.12",
"description": "Clerk SDK for Vue",
"keywords": [
"clerk",