fix(deps): update dependency @clerk/nextjs to v7

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
@clerk/nextjs (source)	6.39.3 → 7.5.1

---

Release Notes

clerk/javascript (@​clerk/nextjs)

v7.5.1

Compare Source

Patch Changes

• Updated dependencies [a5c7bc7]:
  • @​clerk/shared@​4.17.0
  • @​clerk/react@​6.9.0
  • @​clerk/backend@​3.6.1

v7.5.0

Compare Source

Minor Changes

• Remove the <ConfigureSSO /> component from the public API in favor of usage within OrganizationProfile (#​8779) by @​LauraBeatris

  Removing these exports has no breaking changes impact on production applications, as was never released as a GA component

Patch Changes

• Harden middleware debug log output: the formatter now recursively truncates known credential keys (sessionToken, tokenInHeader, sessionTokenInCookie, secretKey, jwtKey) at any nesting depth, so a bearer token can no longer reach the logs even if a debug producer nests one. This is a defense-in-depth backstop alongside the source-level redaction in @clerk/backend. (#​8744) by @​jacekradko

• Add and improve JSDoc comments across public types and methods to support generated reference documentation for the /objects docs section. Exports a few previously-internal types (OnEventListener, OffEventListener, ClerkOptionsNavigation) so they can be referenced from the generated docs. (#​8276) by @​alexisintech

• Updated dependencies [83f50f6, 2d6670c, e7cb503, 83f50f6, af706e3, 48b187d, 27c4d75, 955e998, 032632c, 0fece6f, b295af3, 0c854c3, 27c4d75, 8e1bd48]:

  • @​clerk/react@​6.8.0
  • @​clerk/shared@​4.16.0
  • @​clerk/backend@​3.6.0

v7.4.3

Compare Source

Patch Changes

• Prevent keyless mode from activating in CI and other automated environments in framework SDKs. (#​8676) by @​mwickett

• Updated dependencies [1c42351, 1701e0f, afb75e6, c3df67a, ff0cfef, 86fd38f, be55c4e, fb184de, 8d6bb56, 43dfefa, 5fc7b21, c2ba134]:

  • @​clerk/backend@​3.5.0
  • @​clerk/shared@​4.15.0
  • @​clerk/react@​6.7.3

v7.4.2

Compare Source

Patch Changes

• Updated dependencies [79cdd1f, 4d5027b, 4e08924, bcf0e77]:
  • @​clerk/shared@​4.14.0
  • @​clerk/react@​6.7.2
  • @​clerk/backend@​3.4.14

v7.4.1

Compare Source

Patch Changes

• Updated dependencies [a036ce8]:
  • @​clerk/shared@​4.13.1
  • @​clerk/react@​6.7.1
  • @​clerk/backend@​3.4.13

v7.4.0

Compare Source

Minor Changes

• Remove <ConfigureSSO /> from experimental path (#​8588) by @​LauraBeatris

Patch Changes

• Updated dependencies [6eaf4d6, 1aab31e]:
  • @​clerk/shared@​4.13.0
  • @​clerk/react@​6.7.0
  • @​clerk/backend@​3.4.12

v7.3.7

Patch Changes

• Updated dependencies [3599747, 95f6c2f]:
  • @​clerk/backend@​3.4.11
  • @​clerk/shared@​4.12.2
  • @​clerk/react@​6.6.6

v7.3.6

Patch Changes

• Updated dependencies [4fc38a0]:
  • @​clerk/shared@​4.12.1
  • @​clerk/react@​6.6.5
  • @​clerk/backend@​3.4.10

v7.3.5

Compare Source

Patch Changes

• Bump next devDependency to 15.5.18 to pick up the fix for GHSA-26hh-7cqf-hhc6, a high-severity (CVSS 7.5) Middleware/Proxy bypass in App Router applications via segment-prefetch routes (incomplete-fix follow-up). If you use the Next.js App Router, we recommend upgrading to Next.js 15.5.18, 16.2.6, or a later patched release. The 16.0.0 through 16.2.5 versions are still affected. (#​8547) by @​jacekradko

• Updated dependencies [9fa6642, 930047f, b45777c, 5441d86, 5a7225e]:

  • @​clerk/shared@​4.12.0
  • @​clerk/react@​6.6.4
  • @​clerk/backend@​3.4.9

v7.3.4

Compare Source

Patch Changes

• Updated dependencies [1a4d7d1, a6916b1, 1084180, ee25cf2, 39099b6, 2377305, 18e0a1a]:
  • @​clerk/shared@​4.11.0
  • @​clerk/backend@​3.4.8
  • @​clerk/react@​6.6.3

v7.3.3

Compare Source

Patch Changes

• Updated dependencies [0ab09a8, 6408ab6, 5cda3ee]:
  • @​clerk/backend@​3.4.7
  • @​clerk/shared@​4.10.2
  • @​clerk/react@​6.6.2

v7.3.2

Compare Source

Patch Changes

• Improved auth() error message when clerkMiddleware() is not detected to mention that infrastructure issues (e.g. edge runtime errors or platform outages) can also cause this error. (#​8007) by @​jacekradko

• Updated dependencies [7a5892f]:

  • @​clerk/backend@​3.4.6
  • @​clerk/shared@​4.10.1
  • @​clerk/react@​6.6.1

v7.3.1

Compare Source

Patch Changes

• Enforce middleware authorization during the keyless bootstrap window. auth.protect() and custom authorization checks now fail closed instead of being bypassed while the publishable key is being provisioned. (#​8369) by @​jacekradko

• Updated dependencies [9e9230c, 68d32df, 1c27d4d, 1001193]:

  • @​clerk/shared@​4.10.0
  • @​clerk/react@​6.6.0
  • @​clerk/backend@​3.4.5

v7.3.0

Compare Source

Minor Changes

• Expose OAuthConsent as a public component export across React-based SDKs. (#​8381) by @​wobsoriano

  Example:

  import { OAuthConsent } from '@​clerk/react';
  
  export default function Page() {
    return <OAuthConsent />;
  }

Patch Changes

• Updated dependencies [785f057, 90beaeb, 244920d]:
  • @​clerk/shared@​4.9.0
  • @​clerk/react@​6.5.0
  • @​clerk/backend@​3.4.4

v7.2.9

Compare Source

Patch Changes

• Updated dependencies [1bfd8ab]:
  • @​clerk/shared@​4.8.7
  • @​clerk/backend@​3.4.3
  • @​clerk/react@​6.4.7

v7.2.8

Compare Source

Patch Changes

• Use a constant-time comparison when validating the integrity signature on the middleware-to-origin auth header handoff (assertTokenSignature). The previous !== compare was timing-variable; the new helper is synchronous and runtime-agnostic so it works in both Node and Edge Runtime. (#​8411) by @​jacekradko

• Auto-proxy FAPI requests for .vercel.app subdomains. When deployed to a .vercel.app domain without explicit proxy or domain configuration, the SDK automatically routes Frontend API requests through /__clerk on the app's own origin. This enables Clerk production mode on Vercel deployments without manual proxy setup. (#​8035) by @​brkalow

• Updated dependencies [9b57986, a9f9b29, e0a63f9]:

  • @​clerk/shared@​4.8.6
  • @​clerk/backend@​3.4.2
  • @​clerk/react@​6.4.6

v7.2.7

Compare Source

Patch Changes

• Updated dependencies [da76490]:
  • @​clerk/shared@​4.8.5
  • @​clerk/backend@​3.4.1
  • @​clerk/react@​6.4.5

v7.2.6

Patch Changes

• Updated dependencies [083c4c5, dcaf694, d9011b4]:
  • @​clerk/shared@​4.8.4
  • @​clerk/react@​6.4.4
  • @​clerk/backend@​3.4.0

v7.2.5

Patch Changes

• Refactor clerkMiddleware internals to factor the post-authentication pipeline (handler invocation, CSP, redirects, response decoration) into a private runHandlerWithRequestState helper. Pure refactor — no behavioral change. (#​8368) by @​jacekradko

• Updated dependencies [93855c2]:

  • @​clerk/backend@​3.3.0

v7.2.4

Patch Changes

• Add helpful TypeScript error for incorrect auth import path (#​8358) by @​jacekradko

• Fix an authorization bypass in has(), auth.protect(), and related predicates when a single call combined conditions from more than one dimension (for example, { permission, reverification } or { feature, permission }). A dimension that should have denied the request was treated as indeterminate and ignored by the combining logic, allowing other passing dimensions to carry the result and authorize the call when it should have failed closed. (#​8372) by @​nikosdouvlis

  Behavior is now:

  • When a requested dimension cannot be satisfied because the underlying session data is missing, malformed, or invalid, the call denies. Previously these cases were treated as indeterminate and ignored, which could let another passing dimension carry the call.
  • Fixed a minor bug where session.checkAuthorization() was building authorization options from the membership row id instead of the organization id.

  Single-condition role, permission, feature, and plan checks (has({ permission }), etc.) are unchanged. Single-condition reverification checks are unchanged on well-formed session data; calls with a missing or malformed factorVerificationAge payload now deny where they previously returned indeterminate. Callback-form auth.protect(has => ...) is unaffected unless the callback itself invokes the affected shapes.

  Separately, auth.protect() in @clerk/nextjs previously discarded authorization params (role, permission, feature, plan, reverification) whenever the same argument object also contained unauthenticatedUrl, unauthorizedUrl, or token. TypeScript's excess-property check caught this for inline object literals but did not apply once the argument was assigned to a variable, spread, or used from JavaScript. Mixed-shape calls like auth.protect({ role: 'org:admin', unauthorizedUrl: '/denied' }) or auth.protect({ permission: 'org:X', token: 'session_token' }) now correctly enforce the authorization check instead of silently letting every authenticated caller through.

• Updated dependencies [d52b311, abaa339]:

  • @​clerk/shared@​4.8.3
  • @​clerk/backend@​3.2.14
  • @​clerk/react@​6.4.3

v7.2.3

Compare Source

Patch Changes

• Updated dependencies [fcc6c0c]:
  • @​clerk/backend@​3.2.13
  • @​clerk/react@​6.4.2

v7.2.2

Compare Source

Patch Changes

• Updated dependencies [f800b4f, 8ee6a32, c7b0f47, 34762e8]:
  • @​clerk/backend@​3.2.12
  • @​clerk/shared@​4.8.2
  • @​clerk/react@​6.4.2

v7.2.1

Patch Changes

• Normalize URL paths in createPathMatcher to prevent route protection bypass (#​8311) by @​nikosdouvlis

• Updated dependencies [b0b6675]:

  • @​clerk/shared@​4.8.1
  • @​clerk/backend@​3.2.11
  • @​clerk/react@​6.4.1

v7.2.0

Minor Changes

• Introduce internal <OAuthConsent /> component for rendering a zero-config OAuth consent screen on an OAuth authorize redirect page. (#​8289) by @​wobsoriano

  Usage example:

  import { OAuthConsent } from '@​clerk/nextjs';
  
  export default function OAuthConsentPage() {
    return <OAuthConsent />;
  }

Patch Changes

• Updated dependencies [dc2de16]:
  • @​clerk/react@​6.4.0
  • @​clerk/shared@​4.8.0
  • @​clerk/backend@​3.2.10

v7.1.0

Compare Source

Minor Changes

• Introduce internal useOAuthConsent() hook for fetching OAuth consent screen metadata for the signed-in user. (#​8286) by @​jfoshee

Patch Changes

• Bump next devDependency to 15.5.15 to pick up the fix for CVE-2026-23869, a high-severity (CVSS 7.5) denial-of-service vulnerability in React Server Components. If you use the Next.js App Router, we recommend upgrading to Next.js 15.5.15 or 16.2.3. (#​8257) by @​renovate

• Updated dependencies [3fd586d, f9ff9e9]:

  • @​clerk/react@​6.3.0
  • @​clerk/shared@​4.7.0
  • @​clerk/backend@​3.2.9

v7.0.12

Compare Source

Patch Changes

• Re-exports useAPIKeys() hook. (#​8269) by @​wobsoriano

  Usage example:

  'use client';
  
  import { useAPIKeys } from '@​clerk/nextjs';
  
  export default function CustomAPIKeys() {
    const { data, isLoading, page, pageCount, fetchNext, fetchPrevious } = useAPIKeys({
      pageSize: 10,
      initialPage: 1,
    });
  
    if (isLoading) return <div>Loading...</div>;
  
    return (
      <ul>
        {data?.map(key => (
          <li key={key.id}>{key.name}</li>
        ))}
      </ul>
    );
  }

• Updated dependencies [fdac10e, 4e3cb0a, aa32bbc]:

  • @​clerk/shared@​4.6.0
  • @​clerk/backend@​3.2.8
  • @​clerk/react@​6.2.1

v7.0.11

Compare Source

Patch Changes

• Updated dependencies [bedad42]:
  • @​clerk/backend@​3.2.7

v7.0.8

Compare Source

Patch Changes

• Updated dependencies [9a00a1c, 00715a6, 39ee042, b8c73d3, 1827b50, 7707a31, 849f198, 7c7d025]:
  • @​clerk/shared@​4.4.0
  • @​clerk/backend@​3.2.4
  • @​clerk/react@​6.1.4

v7.0.7

Compare Source

Patch Changes

• Updated dependencies [7027e97, 0288931, 3efdd2c, 486545c]:
  • @​clerk/react@​6.1.3
  • @​clerk/backend@​3.2.3

v7.0.6

Compare Source

Patch Changes

• Updated dependencies [f0533a2, e00ec97]:
  • @​clerk/shared@​4.3.2
  • @​clerk/backend@​3.2.2
  • @​clerk/react@​6.1.2

v7.0.5

Compare Source

Patch Changes

• Updated dependencies [b9cb6e5]:
  • @​clerk/shared@​4.3.1
  • @​clerk/react@​6.1.1
  • @​clerk/backend@​3.2.1

v7.0.4

Compare Source

Patch Changes

• Updated dependencies [1f43bf7, 766ae5b, de1386f, 02ff4f2]:
  • @​clerk/backend@​3.2.0
  • @​clerk/shared@​4.3.0
  • @​clerk/react@​6.1.0

v7.0.2

Compare Source

Patch Changes

• Fix build failures when using cacheComponents: true with dynamic routes (e.g. [id]) (#​7989) by @​jacekradko

• Updated dependencies [a8c64cc, 776ee1b, 7fb870d, 398b7f9, 09cb6d4, 09088ed]:

  • @​clerk/backend@​3.0.2
  • @​clerk/shared@​4.1.0
  • @​clerk/react@​6.0.2

v7.0.1

Compare Source

Patch Changes

• Update README prerequisites to match actual package.json engine and peer dependency constraints. (#​7972) by @​jacekradko

• Updated dependencies [55ece85]:

  • @​clerk/backend@​3.0.1
  • @​clerk/react@​6.0.1

v7.0.0

Compare Source

Major Changes

• Align experimental/unstable prefixes to use consistent naming: (#​7361) by @​brkalow

  • Renamed all __unstable_* methods to __internal_* (for internal APIs)
  • Renamed all experimental__* and experimental_* methods to __experimental_* (for beta features)
  • Removed deprecated billing-related props (__unstable_manageBillingUrl, __unstable_manageBillingLabel, __unstable_manageBillingMembersLimit) and experimental__forceOauthFirst

• Renamed __unstable_invokeMiddlewareOnAuthStateChange to __internal_invokeMiddlewareOnAuthStateChange. (#​7925) by @​jacekradko

• useAuth().getToken is no longer undefined during server-side rendering, it is a function and calling it will throw. (#​7730) by @​Ephem

  • If you are only using getToken in useEffect, event handlers or with non-suspenseful data fetching libraries, no change is necessary as these only trigger on the client.
  • If you are using suspenseful data fetching libraries that do trigger during SSR, you likely have strategies in place to avoid calling getToken already, since this has never been possible.
  • If you are using getToken === undefined checks to avoid calling it, know that it will now throw instead and you should catch and handle the error.

  async function doThingWithToken(getToken: GetToken) {
    try {
      const token = await getToken();
  
      // Use token
    } catch (error) {
      if (isClerkRuntimeError(error) && error.code === 'clerk_runtime_not_browser') {
        // Handle error
      }
    }
  }

  To access auth data server-side, see the Auth object reference doc.

• Refactor React SDK hooks to subscribe to auth state via useSyncExternalStore. This is a mostly internal refactor to unlock future improvements, but includes a few breaking changes and fixes. (#​7411) by @​Ephem

  Breaking changes:

  • Removes ability to pass in initialAuthState to useAuth
    • This was added for internal use and is no longer needed
    • Instead pass in initialState to the <ClerkProvider>, or dynamic if using the Next package
    • See your specific SDK documentation for more information on Server Rendering

  Fixes:

  • A bug where useAuth would sometimes briefly return the initialState rather than undefined
    • This could in certain situations incorrectly lead to a brief user: null on the first page after signing in, indicating a signed out state
  • Hydration mismatches in certain rare scenarios where subtrees would suspend and hydrate only after clerk-js had loaded fully

• Updating minimum version of Node to v20.9.0 (#​6936) by @​jacekradko

• Throw an error when an encryption key is missing when passing a secret key at runtime clerkMiddleware(). To migrate, ensure your application specifies a CLERK_ENCRYPTION_KEY environment variable when passing secretKey as a runtime option. (#​7360) by @​brkalow

• Return 401 instead of 404 for unauthenticated server action requests in auth.protect() (#​7820) by @​jacekradko

• Remove clerkJSUrl, clerkJSVersion, clerkUIUrl, and clerkUIVersion props from all SDKs. To pin a specific version of @clerk/clerk-js, import the Clerk constructor from @clerk/clerk-js and pass it to ClerkProvider via the Clerk prop. To pin a specific version of @clerk/ui, import ui from @clerk/ui and pass it via the ui prop. This bundles the modules directly with your application instead of loading them from the CDN. (#​7879) by @​jacekradko

• Remove all previously deprecated UI props across the Next.js, React and clerk-js SDKs. The legacy afterSign(In|Up)Url/redirectUrl props, UserButton sign-out overrides, organization hideSlug flags, OrganizationSwitcher's afterSwitchOrganizationUrl, Client.activeSessions, setActive({ beforeEmit }), and the ClerkMiddlewareAuthObject type alias are no longer exported. Components now rely solely on the new redirect options and server-side configuration. (#​7243) by @​jacekradko

• Introduce <Show when={...}> as the cross-framework authorization control component and remove <Protect>, <SignedIn>, and <SignedOut> in favor of <Show>. (#​7373) by @​jacekradko

• getToken() now throws ClerkOfflineError instead of returning null when the client is offline. (#​7598) by @​bratsos

  This makes it explicit that a token fetch failure was due to network conditions, not authentication state. Previously, returning null could be misinterpreted as "user is signed out," potentially causing the cached token to be cleared.

  To handle this change, catch ClerkOfflineError from getToken() calls:

  import { ClerkOfflineError } from '@​clerk/react/errors';
  
  try {
    const token = await session.getToken();
  } catch (error) {
    if (ClerkOfflineError.is(error)) {
      // Handle offline scenario - show offline UI, retry later, etc.
    }
    throw error;
  }

• Drop support for next@13 and next@14 since they have reached EOL. Now >= next@15.2.3 is required. (#​7197) by @​panteliselef

Minor Changes

• Add unsafe_disableDevelopmentModeConsoleWarning option to disable the development mode warning that's emitted to the console when Clerk is first loaded. (#​7505) by @​dstaley

• Add Frontend API proxy support via frontendApiProxy option in clerkMiddleware (#​7602) by @​brkalow

• Introducing setup_mfa session task (#​7626) by @​octoper

• Remove clerkJSVariant option and headless bundle. Use prefetchUI={false} instead. (#​7629) by @​jacekradko

• Add ui prop to ClerkProvider for passing @clerk/ui (#​7664) by @​jacekradko

• Add standalone getToken() function for retrieving session tokens outside of framework component trees. (#​7325) by @​bratsos

  This function is safe to call from anywhere in the browser, such as API interceptors, data fetching layers (e.g., React Query, SWR), or vanilla JavaScript code. It automatically waits for Clerk to initialize before returning the token.

  import { getToken } from '@​clerk/nextjs'; // or any framework package

  // Example: Axios interceptor
  axios.interceptors.request.use(async (config) => {
  const token = await getToken();
  if (token) {
  config.headers.Authorization = Bearer ${token};
  }
  return config;
  });

• Export useOrganizationCreationDefaults hook to fetch suggested organization name and logo from default naming rules (#​7694) by @​LauraBeatris

• Add /types subpath export to re-export types from @clerk/shared/types along with SDK-specific types. This allows importing Clerk types directly from the SDK package (e.g., import type { UserResource } from '@​clerk/react/types') without needing to install @clerk/types as a separate dependency. (#​7644) by @​nikosdouvlis

• Add HandleSSOCallback component which handles the SSO callback during custom flows, including support for sign-in-or-up. (#​7678) by @​dstaley

• Introduce <UNSAFE_PortalProvider> component which allows you to specify a custom container for Clerk floating UI elements (popovers, modals, tooltips, etc.) that use portals. Only Clerk components within the provider will be affected, components outside the provider will continue to use the default document.body for portals. (#​7310) by @​alexcarpenter

  This is particularly useful when using Clerk components inside external UI libraries like Radix Dialog or React Aria Components, where portaled elements need to render within the dialog's container to remain interact-able.

  'use client';
  
  import { useRef } from 'react';
  import * as Dialog from '@​radix-ui/react-dialog';
  import { UNSAFE_PortalProvider, UserButton } from '@​clerk/nextjs';
  
  export function UserDialog() {
    const containerRef = useRef<HTMLDivElement>(null);
  
    return (
      <Dialog.Root>
        <Dialog.Trigger>Open Dialog</Dialog.Trigger>
        <Dialog.Portal>
          <Dialog.Overlay />
          <Dialog.Content ref={containerRef}>
            <UNSAFE_PortalProvider getContainer={() => containerRef.current}>
              <UserButton />
            </UNSAFE_PortalProvider>
          </Dialog.Content>
        </Dialog.Portal>
      </Dialog.Root>
    );
  }

Patch Changes

• Fix an App Router navigation edge case where duplicate in-flight redirects to the same destination could leave Clerk's awaitable navigation pending indefinitely. (#​7865) by @​bratsos

• Rename dev browser APIs to remove JWT terminology. The dev browser identifier is now a generic ID, so internal naming has been updated to reflect this. No runtime behavior changes. (#​7930) by @​brkalow

• Wire clerkUIVersion option through all framework packages (#​7740) by @​nikosdouvlis

• Fixed an issue where the CSP nonce generated by clerkMiddleware({ contentSecurityPolicy: { strict: true } }) was not forwarded as a request header. Server components can now access the nonce via headers(), allowing ClerkProvider and Next.js to apply it to <script> tags. (#​7828) by @​jacekradko

• Fix Turbopack compatibility for ui prop by adding turbopackIgnore magic comment alongside webpackIgnore on the dynamic @clerk/ui/entry import. This prevents both bundlers from statically resolving the optional dependency at build time. (#​7805) by @​jacekradko

• Fix @clerk/ui/entry bare specifier failing in browser when using ui prop with RSC (#​7809) by @​jacekradko

• Add exports for useWaitlist hook. (#​7609) by @​alexcarpenter

• Updating peerDependency for CVE-2025-55182 (#​7423) by @​dominic-clerk

• Fix race condition that could cause __clerkSharedModules is not defined error when using the shared React UI variant. (#​7685) by @​bratsos

• Add support for Next.js 16 cache components by improving error detection and providing helpful error messages when auth() or currentUser() are called inside a "use cache" function. (#​7595) by @​jacekradko

• Add image CDNs to the connect-src Content Security Policy directive (#​7610) by @​LauraBeatris

• fix: Update getAuthData to use isMachineToken (#​7755) by @​jeremy-clerk

• Add satelliteAutoSync option to optimize satellite app handshake behavior (#​7597) by @​nikosdouvlis

  Satellite apps currently trigger a handshake redirect on every first page load, even when no cookies exist. This creates unnecessary redirects to the primary domain for apps where most users aren't authenticated.

  New option: satelliteAutoSync (default: false)

  • When false (default): Skip automatic handshake if no session cookies exist, only trigger after explicit sign-in action
  • When true: Satellite apps automatically trigger handshake on first load (previous behavior)

  New query parameter: __clerk_sync

  • __clerk_sync=1 (NeedsSync): Triggers handshake after returning from primary sign-in
  • __clerk_sync=2 (Completed): Prevents re-sync loop after handshake completes

  Backwards compatible: Still reads legacy __clerk_synced=true parameter.

  SSR redirect fix: Server-side redirects (e.g., redirectToSignIn() from middleware) now correctly add __clerk_sync=1 to the return URL for satellite apps. This ensures the handshake is triggered when the user returns from sign-in on the primary domain.

  CSR redirect fix: Client-side redirects now add __clerk_sync=1 to all redirect URL variants (forceRedirectUrl, fallbackRedirectUrl) for satellite apps, not just the default redirectUrl.

v6.39.5

Compare Source

Patch Changes

• Updated dependencies [9d421ef, 9d421ef]:
  • @​clerk/shared@​3.47.7
  • @​clerk/backend@​2.33.5
  • @​clerk/clerk-react@​5.61.8
  • @​clerk/types@​4.101.25

v6.39.4

Patch Changes

• Updated dependencies [fbba78c]:
  • @​clerk/shared@​3.47.6
  • @​clerk/backend@​2.33.4
  • @​clerk/clerk-react@​5.61.7
  • @​clerk/types@​4.101.24

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.