Sourced from @​auth0/auth0-react's releases.

v2.4.0

Added

• Bump @​auth0/auth0-spa-js from 2.2.0 to 2.3.0 #858 (dependabot[bot])

Fixed

• Enhance type safety in Auth0Provider and reducer by introducing generic user type #842 (gyaneshgouraw-okta)

v2.3.0

What's Changed

• Bump @​types/react from 18.2.42 to 18.2.43 by @​dependabot in auth0/auth0-react#695
• Align release process by supporting release-directory by @​frederikprijck in auth0/auth0-react#696
• Ensure tag-exists action works as intended by @​frederikprijck in auth0/auth0-react#698
• Use outputs for capturing release-notes by @​frederikprijck in auth0/auth0-react#699
• Bump github/codeql-action from 2 to 3 by @​dependabot in auth0/auth0-react#703
• Bump @​types/react from 18.2.43 to 18.2.45 by @​dependabot in auth0/auth0-react#702
• Bump browserstack-cypress-cli from 1.27.0 to 1.28.0 by @​dependabot in auth0/auth0-react#701
• Bump oidc-provider from 8.4.2 to 8.4.3 by @​dependabot in auth0/auth0-react#704
• Update automated release process to latest version by @​frederikprijck in auth0/auth0-react#705
• Bump eslint from 8.55.0 to 8.56.0 by @​dependabot in auth0/auth0-react#707
• Bump @​types/react-dom from 18.2.17 to 18.2.18 by @​dependabot in auth0/auth0-react#706
• Update auth0-context.tsx by @​frederikprijck in auth0/auth0-react#708
• Bump actions/cache from 3 to 4 by @​dependabot in auth0/auth0-react#721
• Fixed typo in Auth0Provider docs by @​waxmar in auth0/auth0-react#725
• Bump codecov/codecov-action from 3.1.4 to 3.1.5 by @​dependabot in auth0/auth0-react#726
• Bump typedoc from 0.25.4 to 0.25.7 by @​dependabot in auth0/auth0-react#713
• Bump browserstack-cypress-cli from 1.28.0 to 1.28.1 by @​dependabot in auth0/auth0-react#715
• Bump oidc-provider from 8.4.3 to 8.4.5 by @​dependabot in auth0/auth0-react#720
• Bump @​types/react from 18.2.45 to 18.2.64 by @​dependabot in auth0/auth0-react#747
• Bump @​types/jest from 29.5.11 to 29.5.12 by @​dependabot in auth0/auth0-react#750
• Workaround for failing "integration test (CRA)" by @​nandan-bhat in auth0/auth0-react#769
• Bump braces from 3.0.2 to 3.0.3 by @​dependabot in auth0/auth0-react#773
• Bump cypress from 13.6.1 to 13.12.0 by @​dependabot in auth0/auth0-react#770
• Bump ws from 7.5.9 to 7.5.10 by @​dependabot in auth0/auth0-react#768
• Bump ts-jest from 29.1.1 to 29.1.5 by @​dependabot in auth0/auth0-react#766
• Bump @​testing-library/react from 14.1.2 to 14.3.1 by @​dependabot in auth0/auth0-react#757
• Bump follow-redirects from 1.15.3 to 1.15.6 by @​dependabot in auth0/auth0-react#752
• Bump express from 4.18.2 to 4.19.2 in /examples/users-api by @​dependabot in auth0/auth0-react#754
• Bump jose from 4.11.0 to 4.15.5 in /examples/users-api by @​dependabot in auth0/auth0-react#749
• Bump next from 13.5.6 to 14.1.1 in /examples/nextjs-app by @​dependabot in auth0/auth0-react#761
• Bump pretty-quick from 3.1.3 to 3.3.1 by @​dependabot in auth0/auth0-react#736
• Update codeowner file with new GitHub team name by @​stevenwong-okta in auth0/auth0-react#790
• ci: changed pull_request_target to pull_request and removed the authorize step by @​desusai7 in auth0/auth0-react#796
• Add ReversingLabs Workflow (Don't Merge) by @​developerkunal in auth0/auth0-react#782
• Feature/react19 by @​tusharpandey13 in auth0/auth0-react#824
• Release v2.3.0 by @​tusharpandey13 in auth0/auth0-react#825
• fix npm release workflow by @​tusharpandey13 in auth0/auth0-react#826
• Revert "Release v2.3.0" by @​tusharpandey13 in auth0/auth0-react#827
• Release v2.3.0 by @​tusharpandey13 in auth0/auth0-react#828

... (truncated)

Sourced from @​auth0/auth0-react's changelog.

v2.4.0 (2025-07-22)

Full Changelog

Added

• Bump @​auth0/auth0-spa-js from 2.2.0 to 2.3.0 #858 (dependabot[bot])

Fixed

• Enhance type safety in Auth0Provider and reducer by introducing generic user type #842 (gyaneshgouraw-okta)

v2.3.0 (2025-01-21)

Full Changelog

Added

• Release v2.3.0 #825 (tusharpandey13)
• Feature/react19 #824 (tusharpandey13)
• Add ReversingLabs Workflow (Don't Merge) #782 (developerkunal)

Changed

• ci: changed pull_request_target to pull_request and removed the authorize step #796 (desusai7)
• Bump @​testing-library/react from 14.1.2 to 14.3.1 #757 (dependabot[bot])
• Bump ts-jest from 29.1.1 to 29.1.5 #766 (dependabot[bot])
• Bump cypress from 13.6.1 to 13.12.0 #770 (dependabot[bot])
• Bump @​types/jest from 29.5.11 to 29.5.12 #750 (dependabot[bot])
• Bump @​types/react from 18.2.45 to 18.2.64 #747 (dependabot[bot])
• Bump browserstack-cypress-cli from 1.28.0 to 1.28.1 #715 (dependabot[bot])

Fixed

• fix npm release workflow #826 (tusharpandey13)
• Update codeowner file with new GitHub team name #790 (stevenwong-okta)
• Workaround for failing "integration test (CRA)" #769 (nandan-bhat)

Removed

• Revert "Release v2.3.0" #827 (tusharpandey13)

Security

• Bump pretty-quick from 3.1.3 to 3.3.1 #736 (dependabot[bot])
• Bump next from 13.5.6 to 14.1.1 in /examples/nextjs-app #761 (dependabot[bot])
• Bump jose from 4.11.0 to 4.15.5 in /examples/users-api #749 (dependabot[bot])
• Bump express from 4.18.2 to 4.19.2 in /examples/users-api #754 (dependabot[bot])
• Bump follow-redirects from 1.15.3 to 1.15.6 #752 (dependabot[bot])
• Bump ws from 7.5.9 to 7.5.10 #768 (dependabot[bot])
• Bump braces from 3.0.2 to 3.0.3 #773 (dependabot[bot])
• Bump oidc-provider from 8.4.3 to 8.4.5 #720 (dependabot[bot])

• 64c0fb2 Release v2.4.0 (#865)
• 7e0583a Bump @​typescript-eslint/eslint-plugin from 8.36.0 to 8.37.0 (#862)
• 43825e3 Bump @​auth0/auth0-spa-js from 2.2.0 to 2.3.0 (#858)
• ff74518 feat: Upgrade core dependencies and regenerate documentation (#856)
• 4630a16 fix/cypress (#857)
• 9a10c78 Add Skip the Auth0 login page to FAQ (#815)
• 93aa7d6 Enhance type safety in Auth0Provider and reducer by introducing generic user ...
• 44477f8 refactor: streamline dependency installation by removing artifact restoration...
• 1644bb5 Release v2.3.0 (#828)
• 2a18f94 Release v2.3.0
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)