[pull] master from supabase:master#855
Merged
Merged
Conversation
## I have read the [CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md) file. YES ## What kind of change does this PR introduce? Updates humans.txt to include my name. ## What is the current behavior? N/A ## What is the new behavior? N/A ## Additional context N/A <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Chores** * Updated the contributor list. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Summary - fix the Markdown link to the Vecs Python source example in `DEVELOPERS.md` ## Why The current link is missing a closing parenthesis, which breaks the link target in the federated docs section. This restores the intended reference for contributors working with external docs sources. ## Testing - docs-only change AI-assisted: yes <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Documentation** * Fixed a formatting issue in developer documentation. <!-- end of auto-generated comment: release notes by coderabbit.ai --> Co-authored-by: Jonathan Amponsah <amponsahjonathan442@gmail.com>
## I have read the [CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md) file. YES ## What kind of change does this PR introduce? docs update <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Documentation** * Added a curl command example in the API quickstart guide, demonstrating how to query the todos endpoint with proper authentication headers for quick API testing. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the [CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md) file. YE ## What kind of change does this PR introduce? <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Documentation** * Removed public beta status notice from Realtime Authorization guide * Removed public beta status notice from the Broadcast from the Database section * Removed public alpha status notice from the Broadcast replay section <!-- end of auto-generated comment: release notes by coderabbit.ai --> Co-authored-by: Chris Chinchilla <chris.ward@supabase.io>
## Problem When trying to create a new CRON job with an already used name, the `name` input isn't focused. As a result, users don't see the error. ## Solution Fix the call to `form.setError` so that it focuses the input <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit ## Release Notes * **Bug Fixes** * Improved error handling in cron job creation. When a duplicate job name is detected, the form now automatically focuses on the name field, providing clearer feedback to help you quickly identify and correct validation errors. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Summary - Migrates all 11 `useHotKey` call sites across 9 files to `useShortcut`, backed by `SHORTCUT_DEFINITIONS` in `state/shortcuts/registry.ts`. - Adds 10 new registry entries (all `showInSettings: false` to keep behavior identical to today — these were not previously user-configurable). - Deletes `apps/studio/hooks/ui/useHotKey.ts`. - Simplifies `ActionBar.handleSave` — the legacy hook passed a `KeyboardEvent` the callback used for `preventDefault`/`stopPropagation` and a textarea-plain-Enter guard; all of that is redundant under `useShortcut` (TanStack handles default/propagation; `Mod+Enter` never fires on plain Enter). - Removes a stale commented-out `useHotKey` reference in `DataTableFilterCommand.tsx`. Part of FE-3025 (legacy hotkey hook cleanup). `useKeyboardShortcuts` in `grid/components/common/Hooks.tsx` will be migrated in a follow-up. ## Test plan All shortcuts should still fire with **Cmd** (macOS) / **Ctrl** (Win/Linux). **Table Editor — operation queue** (requires pending unsaved edits on a row) - [x] `Cmd+S` saves pending edits - [x] `Cmd+.` toggles the operation queue side panel - [x] `Cmd+Z` undoes the latest edit and re-fetches the affected table rows - [x] With no pending edits, none of the above fire (gated by `isEnabled`) **Table Editor — side panel editor forms** (row, table, column, policy, etc.) - [x] `Cmd+Enter` submits the form when the panel is visible - [x] Does not submit if the form is disabled/loading or the panel is hidden **Unified Logs — data table** - [x] `Cmd+B` toggles the filter controls sidebar (desktop) - [x] `Cmd+B` opens the filter drawer (mobile, `<sm` breakpoint) - [x] `Cmd+Esc` resets active column filters (reset button visible) - [x] `Cmd+U` resets column order + visibility - [x] `Cmd+J` toggles live mode **Unified Logs — reset focus** - [x] `Cmd+.` blurs the currently focused element / resets focus to body **AI Assistant panel** - [x] While editing a message, `Cmd+Esc` cancels the edit **Regression checks** - [x] `pnpm --filter=studio typecheck` passes (verified locally) - [x] None of the new shortcut entries appear in Account → Preferences → Keyboard shortcuts (all `showInSettings: false`) - [x] Existing shortcuts (`Cmd+K`, `Cmd+I`, `Cmd+E`, results copy/download) still work unchanged <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit ## Refactor * Implemented a centralized keyboard shortcut registry system for managing shortcuts consistently across the application * Updated multiple UI components throughout the interface to use the new shortcut management system * All existing keyboard shortcuts continue to function without any changes in behavior or user experience ## Chores * Removed legacy keyboard shortcut hook implementation <!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Chores** * Updated internal dependencies to maintain compatibility and stability. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Summary Updated copy on transition from JWT keys to new publishable keys <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * JWT settings now toggle between legacy controls and a step-by-step migration guide via a feature flag; legacy rotation/creation modals are hidden when migration mode is enabled. * The “How to change” section is now a collapsible with context-sensitive content and a single link to the full migration guide. * **UX Improvements** * Secrets table action now clearly shows either “Rotate” or “Create standby key” based on key state. * Updated copy and spacing for JWT informational text and external links. * **Chores** * “API Keys” menu now links to the API Keys listing page. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Joshen Lim <joshenlimek@gmail.com> Co-authored-by: fadymak <dev@fadymak.com>
Adds a new Skills page <img width="642" height="1104" alt="CleanShot 2026-04-22 at 09 20 54" src="https://github.com/user-attachments/assets/b1498f68-8779-4057-b8a2-e0b5a5298b4e" /> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Home hero now shows two side-by-side CTAs: "Get Started" and "Install Skills" for quick access. * **Documentation** * Added a new "Skills" docs page describing Agent Skills and installation options (CLI and plugin). * Sidebar navigation updated: section renamed to "AI Skills" and the nav item changed to "Skills" (marked new). * **Removed** * Old "Prompts" documentation page removed. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Summary - Follow-up to #45099 — migrates the final legacy hotkey hook (`useKeyboardShortcuts` in `apps/studio/components/grid/components/common/Hooks.tsx`) to `useShortcut`, backed by `SHORTCUT_DEFINITIONS`. - Adds 4 registry entries (`TABLE_EDITOR_JUMP_FIRST_ROW` / `_LAST_ROW` / `_FIRST_COL` / `_LAST_COL`), all `showInSettings: false` so they stay non-configurable (same as today). - Adds `ignoreInputs` to `ShortcutOptions` and threads it through `useShortcut` → `useHotkeySequence`. Replaces the legacy `whitelistNodes: ['INPUT', 'TEXTAREA', 'SELECT']` with the built-in TanStack option, which also covers `contenteditable`. - Drops the `navigator.appVersion` macOS/Windows detection in `Shortcuts.tsx` (`Mod` resolves this automatically) and the manual `event.stopPropagation()` calls (TanStack's default is `stopPropagation: true`). - Deletes `Hooks.tsx` — no remaining consumers. Closes FE-3049. ## Why `ignoreInputs: true` on these entries `Mod+Arrow*` is a Ctrl/Meta combo. TanStack's default for Ctrl/Meta combos is `ignoreInputs: false`, which would fire the shortcut even when focus is in a text input — not what we want. Setting `ignoreInputs: true` in the registry preserves the legacy whitelist behavior. ## Test plan All shortcuts should still fire with **Cmd** (macOS) / **Ctrl** (Win/Linux). Test surface: **Table Editor** → open any table with rows and multiple columns. **Grid navigation (with a cell selected — click a cell first)** - [x] `Cmd+ArrowUp` jumps selection to row 0 in the same column - [x] `Cmd+ArrowDown` jumps selection to the last row in the same column - [x] `Cmd+ArrowLeft` jumps selection to the first non-frozen column in the same row - [x] `Cmd+ArrowRight` jumps selection to the last column in the same row (not the trailing "add column" cell) **Whitelist regression (most important — the `ignoreInputs` check)** - [x] Open the **Filter** popover on a table → put focus in the filter value `<input>` → type with arrow keys / use `Cmd+ArrowLeft/Right` for word-jump → cursor moves in the input, grid selection does **not** jump - [x] Same for a `<textarea>` (e.g. row editor → a text column with a textarea) — `Cmd+ArrowUp/Down` should not hijack focus away from the textarea - [x] Same for a `<select>` (e.g. row editor → enum / boolean column) — arrow keys behave normally - [x] Editing a cell value in-place (double-click a cell to enter edit mode) — arrow keys navigate the text, don't jump the grid **Platform check** - [x] On macOS, the shortcuts fire with `Cmd` (not `Ctrl`) - [x] On Windows/Linux, they fire with `Ctrl` (not `Cmd`) — `Mod` resolution - [x] None of the new entries appear in Account → Preferences → Keyboard shortcuts (all `showInSettings: false`) **Regression checks** - [x] `pnpm --filter=studio typecheck` passes (verified locally) - [x] Existing shortcuts from #45099 (`Cmd+K`, `Cmd+I`, `Cmd+S` in op queue, results copy, etc.) still work unchanged <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Added four keyboard shortcuts for table navigation: jump to first/last row and first/last column using Mod+Arrow keys. * Added a shortcut option to prevent triggers when focus is in input fields. * **Bug Fixes** * Improved keyboard shortcut handling for more consistent behavior across platforms. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
Cleans up the `tableEditorApiAccessToggle` PostHog flag now that the gated UI is shipping to everyone. Follow-up to #45034 — the new project-creation checkbox makes the management UI a prerequisite, so no reason to keep it behind a flag. **Removed:** - `useDataApiGrantTogglesEnabled` hook - Old schemas-only multi-selector branch in the Data API settings page (the rich per-table / per-function toggles + default-privileges switch become the only UI) - Flag gate around the `<ApiAccessToggle>` section in the table editor side panel - Flag gates around `updateTableApiAccess` calls in the save pipeline (create / duplicate / update) - `tableEditorApiAccessToggleEnabled` telemetry property + stale JSDoc / docs references **Changed:** - `createTableApiAccessHandlerParams` no longer takes an `enabled` param — it was always `true` after removal ## To test - Integrations → Data API settings page: exposed tables, exposed functions, default-privileges toggle all render and save correctly - Table editor: creating, duplicating, and editing a table all run the expected Data API privilege updates - Project creation flow still works end-to-end (unchanged, but the submit telemetry no longer includes `tableEditorApiAccessToggleEnabled`) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Improvements** * API access configuration is now always available in the table editor and PostgreSQL settings, removing previous conditional gating. * Simplified the "Automatically expose new tables and functions" interface by consolidating UI branches. * **Documentation** * Updated telemetry guidance and examples with current feature-flag references. <!-- end of auto-generated comment: release notes by coderabbit.ai --> Co-authored-by: Alaister Young <10985857+alaister@users.noreply.github.com>
## I have read the [CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md) file. YES ## What kind of change does this PR introduce? This changes the guard to expose unified logs to Enterprise. **To test:** - Create an Enterprise org. - Go to a project and then Logs. - Default view should be unified logs (with a CTA offering to switch back to old logs). <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Added enterprise/Supabase-org eligibility checks and loading state for the unified logs preview. * **UX** * Updated messaging to state unified logs are only available to Enterprise plan organizations. * Sidebar and filter panels now show unified-logs preview panels based on eligibility. * **Analytics** * Track unified logs row clicks with a new telemetry event. * **Bug Fixes** * Prevent navigation until unified-logs eligibility and preview flag loading are resolved. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the [CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md) file. YES ## What kind of change does this PR introduce? Added a new blog post explaining our ISO 27001 certification. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Documentation** * Published a new blog post announcing Supabase's ISO/IEC 27001:2022 certification, detailing scope, audit process, preparation guidance, and next steps for customers. * Added guidance for obtaining the certificate via the dashboard and unblocking procurement/vendor reviews. * Updated the public RSS feed to include the new announcement and adjusted an existing blog title’s capitalization. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
## TL;DR - extends #45076 - closes #45113 <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Sequence values now properly sync after bulk row inserts, ensuring correct auto-increment behavior for subsequent inserts. * **Tests** * Added end-to-end coverage for CSV import, including a "Paste text" import path that verifies custom-owned sequences are synchronized before the next insert. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Gildas Garcia <1122076+djhi@users.noreply.github.com> Co-authored-by: Ali Waseem <waseema393@gmail.com>
This PR syncs the latest troubleshooting guides from the supabase/troubleshooting repository. --------- Co-authored-by: github-docs-bot <github-docs-bot@supabase.com> Co-authored-by: Chris Chinchilla <chris.ward@supabase.io>
Updates the RLS knowledge loaded by the dashboard AI assistant to explain the new secure-by-default functionality. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Documentation** * Clarified PostgreSQL/RLS guidance in Studio: tables are now "secure by default"—SQL-created tables aren’t exposed via the Data API unless explicit grants are given to anon/authenticated/service_role and RLS is enabled; added an “Exposing a Table to the Data API” workflow, strengthened RLS prerequisites in best practices, and improved troubleshooting/error-recovery guidance. * **Tests / Evaluations** * Added an evaluation case validating guidance for non-RLS tables requiring explicit grants and RLS policies. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Ali Waseem <waseema393@gmail.com>
github-actions
Bot
added
the
documentation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
13 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )