chore(deps): bump better-auth from 1.3.30 to 1.4.17 in the better-auth group

[dependabot]

Bumps the better-auth group with 1 update: better-auth.

Updates better-auth from 1.3.30 to 1.4.17

Release notes

Sourced from better-auth's releases.

v1.4.17

   🚀 Features

• two-factor: Add twoFactorCookieMaxAge as a separate option  -  by @​Bekacru (c6e4f)

   🐞 Bug Fixes

• Set default ipv6 subnet to 64  -  by @​himself65 in better-auth/better-auth#7509 (6ef60)
• cookies: Fallback to isProduction when baseURL is not set  -  by @​bytaesu in better-auth/better-auth#7159 (f7cbb)
• db: Only exclude returned: false fields from output schemas  -  by @​Paola3stefania in better-auth/better-auth#7504 (86db4)
• stripe: Allow re-subscribing to the same plan when subscription has expired  -  by @​DIYgod, Claude Opus 4.5, Taesu and @​bytaesu in better-auth/better-auth#7459 (a1b09)
• two-factor: Improve OTP comparision during hashed and encrypted values  -  by @​Bekacru (22534)

    View changes on GitHub

v1.4.16

   🚀 Features

• admin: Make password field optional on create user  -  by @​Bekacru and @​cursoragent in better-auth/better-auth#7441 (01bd8)

   🐞 Bug Fixes

• oauth: Set account cookie on re-login when updateAccountOnSignIn is false  -  by @​bytaesu in better-auth/better-auth#7217 (56bc0)
• organization: Missing activeTeamId field when dynamic access control is enabled  -  by @​longnguyen2004, @​himself65, ping-maxwell and @​ping-maxwell in better-auth/better-auth#7385 (b7ff1)
• rate-limit: Support IPv6 address normalization and subnet  -  by @​himself65 in better-auth/better-auth#7470 (1ba5a)

    View changes on GitHub

v1.4.15

   🐞 Bug Fixes

• Update TanStack imports to use server subpath  -  by @​himself65 in better-auth/better-auth#7446 (a02b3)
• client: Deep merge plugin actions to preserve all methods  -  by @​gustavovalverde in better-auth/better-auth#7407 (1988c)

    View changes on GitHub

v1.4.14

   🚀 Features

• Add skipTrailingSlashes option to advanced config  -  by @​bytaesu in better-auth/better-auth#7404 (88e92)
• stripe: Add support for locale option to upgradeSubscription  -  by @​bytaesu in better-auth/better-auth#7421 (b636b)

   🐞 Bug Fixes

• TanStack Start cookie plugins for React and Solid.js  -  by @​himself65 and Copilot in better-auth/better-auth#7389 (be37c)
• Centralize schema parsing for API responses  -  by @​bytaesu in better-auth/better-auth#7414 (a9e44)
• Update Figma provider default scope and oauth endpoints  -  by @​bytaesu in better-auth/better-auth#7422 (12330)
• Allow empty name on email sign-up  -  by @​jslno in better-auth/better-auth#7409 (dfcbe)

    View changes on GitHub

... (truncated)

Commits

• bcbeeee chore: release v1.4.17
• 225348a fix(two-factor): improve OTP comparision during hashed and encrypted values
• c6e4f16 feat(two-factor): add twoFactorCookieMaxAge as a separate option
• 86db4f7 fix(db): only exclude returned: false fields from output schemas (#7504)
• f7cbbbd fix(cookies): fallback to isProduction when baseURL is not set (#7159)
• 6ef600d fix: set default ipv6 subnet to 64 (#7509)
• f444027 chore: bump zod (#7507)
• 4625dcf chore: release v1.4.16
• 1ba5a3f fix(rate-limit): support IPv6 address normalization and subnet (#7470)
• eb297c2 refactor: return linked account in findOAuthUser (#7331)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

• 🔍 Trigger a full review

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}