From 2fa81caec930bf31db7d6c6be90c7a6a7f3cb638 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 29 Oct 2025 11:19:38 +0000
Subject: [PATCH] chore(deps): bump next-auth from 4.22.1 to 4.24.12

Bumps [next-auth](https://github.com/nextauthjs/next-auth) from 4.22.1 to 4.24.12.
- [Release notes](https://github.com/nextauthjs/next-auth/releases)
- [Commits](https://github.com/nextauthjs/next-auth/compare/next-auth@4.22.1...next-auth@4.24.12)

---
updated-dependencies:
- dependency-name: next-auth
  dependency-version: 4.24.12
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 apps/api/v2/package.json            |  2 +-
 apps/web/package.json               |  2 +-
 packages/features/auth/package.json |  2 +-
 yarn.lock                           | 40 ++++++++++++++++++-----------
 4 files changed, 28 insertions(+), 18 deletions(-)

diff --git a/apps/api/v2/package.json b/apps/api/v2/package.json
index 33d311b9c2e334..e65252f0942a53 100644
--- a/apps/api/v2/package.json
+++ b/apps/api/v2/package.json
@@ -74,7 +74,7 @@
     "lodash": "^4.17.21",
     "luxon": "^3.4.4",
     "nest-winston": "^1.9.4",
-    "next-auth": "^4.22.1",
+    "next-auth": "^4.24.12",
     "passport": "^0.7.0",
     "passport-jwt": "^4.0.1",
     "qs-stringify": "^1.2.1",
diff --git a/apps/web/package.json b/apps/web/package.json
index 5ebf8198cd3d88..a70198de798a40 100644
--- a/apps/web/package.json
+++ b/apps/web/package.json
@@ -107,7 +107,7 @@
     "micro": "^10.0.1",
     "mime-types": "^2.1.35",
     "next": "^15.3.0",
-    "next-auth": "^4.22.1",
+    "next-auth": "^4.24.12",
     "next-axiom": "^0.17.0",
     "next-collect": "^0.2.1",
     "next-i18next": "^15.4.2",
diff --git a/packages/features/auth/package.json b/packages/features/auth/package.json
index a23542610983da..69a7fec8d0d261 100644
--- a/packages/features/auth/package.json
+++ b/packages/features/auth/package.json
@@ -17,7 +17,7 @@
     "handlebars": "^4.7.7",
     "jose": "^4.13.1",
     "lru-cache": "^9.0.3",
-    "next-auth": "^4.22.1",
+    "next-auth": "^4.24.12",
     "nodemailer": "^6.7.8",
     "otplib": "^12.0.1"
   }
diff --git a/yarn.lock b/yarn.lock
index d1d66f4ee00692..9054a7352ab2f1 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -2548,7 +2548,7 @@ __metadata:
     lodash: ^4.17.21
     luxon: ^3.4.4
     nest-winston: ^1.9.4
-    next-auth: ^4.22.1
+    next-auth: ^4.24.12
     node-mocks-http: ^1.16.2
     passport: ^0.7.0
     passport-jwt: ^4.0.1
@@ -3140,7 +3140,7 @@ __metadata:
     handlebars: ^4.7.7
     jose: ^4.13.1
     lru-cache: ^9.0.3
-    next-auth: ^4.22.1
+    next-auth: ^4.24.12
     nodemailer: ^6.7.8
     otplib: ^12.0.1
   languageName: unknown
@@ -4113,7 +4113,7 @@ __metadata:
     module-alias: ^2.2.2
     msw: ^0.42.3
     next: ^15.3.0
-    next-auth: ^4.22.1
+    next-auth: ^4.24.12
     next-axiom: ^0.17.0
     next-collect: ^0.2.1
     next-i18next: ^15.4.2
@@ -23025,7 +23025,7 @@ __metadata:
   languageName: node
   linkType: hard
 
-"cookie@npm:^0.7.2":
+"cookie@npm:^0.7.0, cookie@npm:^0.7.2":
   version: 0.7.2
   resolution: "cookie@npm:0.7.2"
   checksum: 9bf8555e33530affd571ea37b615ccad9b9a34febbf2c950c86787088eb00a8973690833b0f8ebd6b69b753c62669ea60cec89178c1fb007bf0749abed74f93e
@@ -31915,13 +31915,20 @@ __metadata:
   languageName: node
   linkType: hard
 
-"jose@npm:^4.11.4, jose@npm:^4.13.1":
+"jose@npm:^4.13.1":
   version: 4.13.1
   resolution: "jose@npm:4.13.1"
   checksum: 89be959573beee69bd443493887d78799fd42340b45afa2c6681beda30314bcdfa5575f6977203c199e4c3e0ec2fc18d3c94745e7f0d59db51dedfae0efee63d
   languageName: node
   linkType: hard
 
+"jose@npm:^4.15.5":
+  version: 4.15.9
+  resolution: "jose@npm:4.15.9"
+  checksum: 41abe1c99baa3cf8a78ebbf93da8f8e50e417b7a26754c4afa21865d87527b8ac2baf66de2c5f6accc3f7d7158658dae7364043677236ea1d07895b040097f15
+  languageName: node
+  linkType: hard
+
 "jose@npm:^5.0.0":
   version: 5.10.0
   resolution: "jose@npm:5.10.0"
@@ -35417,28 +35424,31 @@ __metadata:
   languageName: node
   linkType: hard
 
-"next-auth@npm:^4.22.1":
-  version: 4.22.1
-  resolution: "next-auth@npm:4.22.1"
+"next-auth@npm:^4.24.12":
+  version: 4.24.12
+  resolution: "next-auth@npm:4.24.12"
   dependencies:
     "@babel/runtime": ^7.20.13
     "@panva/hkdf": ^1.0.2
-    cookie: ^0.5.0
-    jose: ^4.11.4
+    cookie: ^0.7.0
+    jose: ^4.15.5
     oauth: ^0.9.15
     openid-client: ^5.4.0
     preact: ^10.6.3
     preact-render-to-string: ^5.1.19
     uuid: ^8.3.2
   peerDependencies:
-    next: ^12.2.5 || ^13
-    nodemailer: ^6.6.5
-    react: ^17.0.2 || ^18
-    react-dom: ^17.0.2 || ^18
+    "@auth/core": 0.34.2
+    next: ^12.2.5 || ^13 || ^14 || ^15 || ^16
+    nodemailer: ^7.0.7
+    react: ^17.0.2 || ^18 || ^19
+    react-dom: ^17.0.2 || ^18 || ^19
   peerDependenciesMeta:
+    "@auth/core":
+      optional: true
     nodemailer:
       optional: true
-  checksum: 42bae16b62bac4b3d215d991c7c964dfc071a84df32900a28d4cbc20d4b6a65689b3ba9f10633780a22ff0cbc420248d012614a5b0d82918f9bbb56f7f92f7c5
+  checksum: 50e8ddef4ee7ab2fdd071ac9ab4260f5a3ee83b8c63e402edca201d51c8dc118bd3ffe6c5c2f6a013867cd99c901eb4002a15bfbfa634c21db29de62f6af3a77
   languageName: node
   linkType: hard