fix(cli): refresh scaffold dependency versions

[AmanVarshney01]

Summary

• update Uniwind native template dependency pins to the latest supported versions
• bump shared Better Auth, tRPC, Polar, and Convex-related dependency defaults in the template generator
• keep Convex Better Auth on the Convex-docs-supported 1.5.3 override for Convex scaffolds
• refresh checked-in Convex workspace packages and lockfile to match the latest npm versions

Verification

• bun run build:cli
• cd apps/cli && bun test test/auth.test.ts

Summary by CodeRabbit

• New Features

  • Added Better-Auth templates: sign-in, sign-up, user menu, auth client, and an auth-aware dashboard for React Router apps.
  • App shell now supports Better-Auth provider wiring for Convex-backed React Router projects.

• Chores

  • Bumped several dependency versions across CLI, web, backend, and templates (auth, Convex, TRPC, styling).

• Tests

  • Added CLI tests validating Better-Auth scaffolding and incompatibility checks for unsupported frontends.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
create-better-t-stack-web	Ready	Preview, Comment	Mar 19, 2026 11:06pm

[coderabbitai]

Walkthrough

Adds Better‑Auth Convex templates and auth client wiring, expands CLI config validation and Convex+Better‑Auth frontend compatibility rules, and bumps multiple dependency versions across apps, backend, and template generator files; increases generated template count and adds new React Router auth components/routes.

Changes

Cohort / File(s)	Summary
App & Backend package.json files apps/cli/package.json, apps/web/package.json, packages/backend/package.json	Bumped dependency versions: @trpc/server to ^11.13.4, convex to ^1.33.1, and convex-helpers to ^0.1.114 (and related minor bumps in apps/web).
CLI validation & compatibility apps/cli/src/index.ts, apps/cli/src/utils/compatibility-rules.ts, apps/cli/src/utils/config-validation.ts, apps/cli/test/auth.test.ts	Added CLI config compatibility validation call in createVirtual; introduced CONVEX_BETTER_AUTH_INCOMPATIBLE_FRONTENDS and updated Convex+Better‑Auth frontend compatibility checks and validation messages; added tests verifying React Router wiring and incompatibility errors for nuxt, svelte, solid, astro.
Template generator dependency maps & processors packages/template-generator/src/processors/auth-deps.ts, packages/template-generator/src/utils/add-deps.ts	Introduced/used a CONVEX_BETTER_AUTH_VERSION constant; updated dependencyVersionMap pins (e.g., better-auth/@better-auth/expo → 1.5.5, @trpc/* → ^11.13.4, convex → ^1.33.1, @convex-dev/better-auth → ^0.11.2, @polar-sh/better-auth → ^1.8.3).
Generated templates and auth UI packages/template-generator/src/templates.generated.ts, packages/template-generator/templates/auth/better-auth/convex/web/react/react-router/..., packages/template-generator/templates/frontend/react/react-router/src/root.tsx.hbs, packages/template-generator/templates/frontend/native/uniwind/package.json.hbs	Added Better‑Auth React Router templates: SignInForm, SignUpForm, UserMenu, lib/auth-client, and routes/dashboard; updated root app branching to use ConvexBetterAuthProvider and export default function App() for better-auth; bumped tailwindcss and uniwind template versions and incremented TEMPLATE_COUNT.

Possibly related PRs

• fix(cli): bump standard better-auth templates to 1.5.2 #928 — updates dependencyVersionMap entries for better‑auth in the same utility (packages/template-generator/src/utils/add-deps.ts).
• fix(cli): improve nuxt templates and upgrade to ai sdk v6 #775 — modifies CLI compatibility/validation logic (related changes in apps/cli/src/utils/compatibility-rules.ts and validation flow).
• fix(cli): update convex + better auth templates #730 — overlaps on Convex + Better‑Auth scaffolding and template wiring (templates, auth client, and dependency pins).

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 16.67% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically summarizes the main change: refreshing/updating scaffold dependency versions across the codebase, which is the primary objective of this PR.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (5)

packages/template-generator/templates/auth/better-auth/convex/web/react/react-router/src/components/user-menu.tsx.hbs (1)

34-41: Consider navigating to / or a dedicated login route after sign-out.

Navigating to /dashboard after sign-out works because the dashboard shows auth forms when unauthenticated, but this is unconventional UX. Users typically expect to land on a landing page or dedicated login page after signing out.

💡 Suggested navigation change

             authClient.signOut({
               fetchOptions: {
                 onSuccess: () => {
-                  navigate("/dashboard");
+                  navigate("/");
                 },
               },
             });

packages/template-generator/templates/auth/better-auth/convex/web/react/react-router/src/routes/dashboard.tsx.hbs (1)

13-16: Query runs for unauthenticated users.

useQuery(api.privateData.get) executes regardless of auth state. While the backend safely returns "Not authenticated", this results in unnecessary network requests for unauthenticated users.

Consider moving the query inside the Authenticated block or using a conditional query pattern if Convex supports it.

packages/template-generator/templates/auth/better-auth/convex/web/react/react-router/src/components/sign-in-form.tsx.hbs (1)

72-76: Using error?.message as React key may cause collisions.

If multiple validation errors have identical messages, React will warn about duplicate keys. Consider using the array index or a unique identifier.

💡 Use index as key

-               {field.state.meta.errors.map((error) => (
-                 <p key={error?.message} className="text-red-500">
+               {field.state.meta.errors.map((error, index) => (
+                 <p key={index} className="text-red-500">
                    {error?.message}
                  </p>
                ))}

This same pattern appears at lines 95-99 for the password field.

packages/template-generator/templates/auth/better-auth/convex/web/react/react-router/src/components/sign-up-form.tsx.hbs (1)

74-78: Use stable keys for error messages.

Using error?.message as a React key can cause duplicate key warnings if multiple errors share the same message or if message is undefined. Consider using the index or a combination of field name and index.

♻️ Proposed fix

-               {field.state.meta.errors.map((error) => (
-                 <p key={error?.message} className="text-red-500">
+               {field.state.meta.errors.map((error, index) => (
+                 <p key={`name-error-${index}`} className="text-red-500">
                    {error?.message}
                  </p>
                ))}

Apply similar changes to the email field (lines 97-101) and password field (lines 120-124).

packages/template-generator/templates/frontend/react/react-router/src/root.tsx.hbs (1)

105-105: Consider moving ConvexReactClient instantiation outside the component.

The ConvexReactClient is created inside the App component body, which means a new instance is created on every render. While this is a pre-existing pattern in the template (not introduced by this PR), moving it outside the component would be more efficient.

♻️ Suggested improvement (outside PR scope)

+const convex = new ConvexReactClient(env.VITE_CONVEX_URL);
+
 {{`#if` (eq auth "clerk")}}
 export default function App({ loaderData }: Route.ComponentProps) {
 {{else if (eq auth "better-auth")}}
 export default function App() {
 {{else}}
 export default function App() {
 {{/if}}
-  const convex = new ConvexReactClient(env.VITE_CONVEX_URL);

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: f8219790-cb3a-4cee-8055-8b96c6a76bb9

📥 Commits

Reviewing files that changed from the base of the PR and between 06ef3da and 48c8af1.

📒 Files selected for processing (11)

• apps/cli/src/index.ts
• apps/cli/src/utils/compatibility-rules.ts
• apps/cli/src/utils/config-validation.ts
• apps/cli/test/auth.test.ts
• packages/template-generator/src/templates.generated.ts
• packages/template-generator/templates/auth/better-auth/convex/web/react/react-router/src/components/sign-in-form.tsx.hbs
• packages/template-generator/templates/auth/better-auth/convex/web/react/react-router/src/components/sign-up-form.tsx.hbs
• packages/template-generator/templates/auth/better-auth/convex/web/react/react-router/src/components/user-menu.tsx.hbs
• packages/template-generator/templates/auth/better-auth/convex/web/react/react-router/src/lib/auth-client.ts.hbs
• packages/template-generator/templates/auth/better-auth/convex/web/react/react-router/src/routes/dashboard.tsx.hbs
• packages/template-generator/templates/frontend/react/react-router/src/root.tsx.hbs

🚧 Files skipped from review as they are similar to previous changes (1)

• packages/template-generator/src/templates.generated.ts