[pull] master from supabase:master#896
Merged
Merged
Conversation
Use same `changelog` icon on all apps. ## What is the current behavior? Each app shows a different icon. | app | preview | |---|---| | www | <img width="1166" height="403" alt="Screenshot 2026-05-06 at 10 52 25" src="https://github.com/user-attachments/assets/fac62c31-d76b-4f59-907e-824cdd840b1c" /> | | docs | <img width="524" height="231" alt="Screenshot 2026-05-06 at 10 52 39" src="https://github.com/user-attachments/assets/749a2726-eb7e-47b3-84fe-24d191b56b72" /> | | studio | <img width="367" height="423" alt="Screenshot 2026-05-06 at 10 51 20" src="https://github.com/user-attachments/assets/eec1a489-8544-4bb4-8408-37e1e0a9345e" /> | ## What is the new behavior? | app | preview | |---|---| | www | <img width="1114" height="393" alt="Screenshot 2026-05-06 at 10 49 15" src="https://github.com/user-attachments/assets/1d0e9cff-6390-4005-9656-98f8f45a4657" />| | docs | <img width="498" height="227" alt="Screenshot 2026-05-06 at 10 49 22" src="https://github.com/user-attachments/assets/3d41f219-f179-4fc7-b87b-fdb92626e0f7" /> | | studio | <img width="367" height="423" alt="Screenshot 2026-05-06 at 10 51 20" src="https://github.com/user-attachments/assets/eec1a489-8544-4bb4-8408-37e1e0a9345e" /> | <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Style** * Updated navigation menu icons and developer documentation icons for improved visual consistency across the interface. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
…de (#45612) ## I have read the [CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md) file. YES ## What kind of change does this PR introduce? Docs update to add additional guidance when Edge Functions service shows unhealthy. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Documentation** * Added troubleshooting guide for Edge Functions unhealthy state, including steps to verify functions, check invocation logs, and potential solutions for resolving the issue. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
… docs and configs (#45627)
<!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Chores** * Updated core SDK dependencies to latest compatible versions for improved system stability and security. * Enhanced workspace dependency configuration management by expanding and reorganizing package constraints to optimize compatibility across all modules and reduce potential build conflicts. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
…fter Tailwind v4 (#45585) ## Problem Two visual regressions surfaced after the Tailwind v4 migration (#45318): 1. The Postgres upgrade-failed banner used the deprecated `Alert` component, whose `warning` variant relies on custom `amber-1100` / `amber-1200` color tokens that no longer resolve. The title rendered as near-white on the yellow background. 2. The sonner toast close button forced `bg-transparent! hover:bg-transparent!`, letting the library's default translucent circle bleed through against the toast's overlay background on hover. ## Fix - Migrate `ProjectUpgradeFailedBanner` to `Admonition` (the recommended replacement per the deprecation note on `Alert`), which uses semantic `warning-*` tokens defined in the theme. - Drop the transparent-bg overrides on the sonner close button and give it a proper `hover:bg-surface-200` with a fixed `size-6` hit area so the X has a clean hover target. ## Before <img width="2940" height="338" alt="image" src="https://github.com/user-attachments/assets/2cf2cf52-cdf2-429d-b50c-5dc4e5b9c84b" /> ## After <img width="1642" height="506" alt="CleanShot 2026-05-06 at 11 14 03@2x" src="https://github.com/user-attachments/assets/b6c9b3e2-9d3e-437d-92a6-95d12730e842" /> ## Testing - [ ] Trigger a failed Postgres upgrade state and confirm the banner title/description/actions are all readable on the amber background. - [ ] Fire a toast and hover the close button — the hover should show a subtle square background, not a translucent circle. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Bug Fix** * Project upgrade failure banner now only appears when an upgrade has failed and no longer supports dismissing. * **Style** * Replaced the warning banner UI with a streamlined admonition that shows only a “Contact support” action. * Improved toast close-button styling for clearer sizing, color, and interaction states. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Problem The dashboard renders all timestamps in the browser's local timezone. When debugging app issues, users often want to see logs and timestamps in a different timezone (e.g. their app's deployment region) without changing their OS clock. ## Fix - New Timezone submenu in the user-avatar dropdown, sitting next to the existing Theme picker. Search-as-you-type combobox over the full IANA catalog plus an Auto detect option. - Selection persists in localStorage (`supabase-ui-timezone`) and survives `clearLocalStorage()`. No backend schema change. - New `lib/datetime.tsx` exposes pure timezone-aware formatters (`formatDateTime`, `formatDate`, `formatTime`, `formatFromNow`, `toTimezone`) plus a `TimezoneProvider` and matching React hooks (`useTimezone`, `useFormatDateTime`, ...). The pure functions take `tz` explicitly so they're easy to unit test (17 vitest cases covering DST transitions, multi-tz formatting, unix-micro/Date inputs, invalid-tz fallback). - The selected timezone propagates to every existing `<TimestampInfo>` in Studio via a new `TimestampInfoProvider` context exported from `ui-patterns`. No per-callsite changes needed for those ~20+ surfaces. - The `UnifiedLogs` date column migrates off `date-fns` to the new `useFormatDateTime` hook (the rest of the date-fns callers stay as-is, since they're either internal range math or non-display). - `ALL_TIMEZONES` (~600 entries) moves out of `PITR.constants.ts` into a shared `lib/constants/timezones.ts`. PITR keeps a re-export shim so its callers don't move. New `TIMEZONES_BY_IANA` dedupes the catalog by primary IANA name (the original list contains both PDT and PST rows for `America/Los_Angeles`, etc.) and `findTimezoneByIana` provides reverse lookup. - Telemetry: `timezone_picker_clicked` PostHog event with `previousTimezone`, `nextTimezone`, `isAutoDetected` properties. Notes for reviewers: - Bare `dayjs(x).format(...)` calls (~157 files) intentionally still render in browser-local time. Surfaces opt in by switching to the new wrappers, so this PR is the abstraction plus logs adoption; broader migration is a follow-up. - Two `// prettier-ignore` lines (`apps/studio/pages/_app.tsx`, `apps/studio/components/interfaces/UnifiedLogs/UnifiedLogs.fields.tsx`) work around a pre-existing local-tooling issue where `prettier-plugin-sql-cst` strips angle-bracket type arguments under certain conditions. Project's pinned prettier (3.8.1) does not strip; the issue surfaces with a globally-installed prettier. Worth tracking separately. - Hydration: `guessLocalTimezone()` and `useLocalStorageQuery` are client-only. Studio is mostly CSR via the Pages Router, but any SSR'd `<TimestampInfo>` may briefly render in the server's tz before client hydration. Existing behavior already had this mismatch with `.local()`; this PR does not regress it. - Backend timestamps round-tripped through query params and mutations stay UTC. The picker is display-only. ## How to test - Run `pnpm dev:studio`, sign in. - Open the user avatar dropdown (top right). Hover Timezone. - Search for "tokyo", pick `(UTC+09:00) Osaka, Sapporo, Tokyo`. - Open any project, navigate to Logs (e.g. `Project > Logs > Edge Functions`). Hover a log row's timestamp; the popover should show UTC, the chosen tz (`Asia/Tokyo`), and the relative time. Visible cell text should be in JST. - Visit any page that uses `<TimestampInfo>` (Database > Backups, Project Pause state, Edge Function details). Same tooltip should reflect Asia/Tokyo. - Refresh the page; timezone is still Asia/Tokyo. - Reopen the picker, choose Auto detect; timestamps revert to browser local. - Run `pnpm --filter studio test lib/datetime.test.ts`. 17 tests should pass. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Timezone selector added to the user menu with auto-detect and manual override * App-wide timezone provider and hooks plus a shared timezone catalog for consistent timezone-aware display * Timestamp components accept an optional timezone prop and respect user preference (persisted) * **Bug Fixes / Improvements** * Logs and timestamp displays now use the new timezone formatting hooks * **Tests** * Added comprehensive datetime and timezone catalog tests * **Telemetry** * Telemetry event added for timezone picker interactions <!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the [CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md) file. YES ## What kind of change does this PR introduce? > [!IMPORTANT] > This is only for Stripe managed organizations New feature / Bug fix (Fixes https://linear.app/supabase/issue/FE-3151/disable-the-option-of-adding-new-owners-to-an-organization-connected) ## What is the current behavior? <img width="1270" height="1036" alt="CleanShot 2026-05-05 at 17 46 05@2x" src="https://github.com/user-attachments/assets/311aa536-c08e-4b8e-948b-70a6fd3f42ad" /> <img width="1216" height="498" alt="CleanShot 2026-05-05 at 17 49 32@2x" src="https://github.com/user-attachments/assets/0a26f92d-372b-45a2-958e-aa3cc78114aa" /> ## What is the new behavior? <img width="1284" height="1060" alt="CleanShot 2026-05-06 at 14 44 51@2x" src="https://github.com/user-attachments/assets/cbc1b44f-358b-4c7b-8abb-aa53f5fc2e76" /> <img width="1232" height="590" alt="CleanShot 2026-05-06 at 14 44 29@2x" src="https://github.com/user-attachments/assets/20262d11-4a62-4c84-84f2-2ba8636f2976" /> ## Additional context - This also updates the treatment of previous warning message. This one was living next to the name of the role which made the whole select element quite crowded. Decided to add a tooltip for better UX. - Proper API fix lives on supabase/platform#32443 <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Enhancements** * "Owner" role is now disabled for certain managed organizations to prevent unsupported assignments. * Disabled role options now show clear tooltips explaining why a role cannot be assigned, applied to member invitations and role update workflows. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Ivan Vasilov <vasilov.ivan@gmail.com>
## TL;DR The edge function tester was sending service role tokens even when anonymous was selected, Fixed by moving the role context provider to wrap both the selector and the submit handler ## sol: | Before | After | |--------|-------| | <img width="589" alt="Service role JWT sent when Anonymous selected" src="https://github.com/user-attachments/assets/f4072838-4031-4325-9fd6-7519e50bd080" /> | <img width="471" alt="Anon JWT correctly sent when Anonymous selected" src="https://github.com/user-attachments/assets/86160946-398e-456e-9585-66e3e49f16ed" /> | | Selecting "Anonymous" had no effect, always sent `service_role` | Selecting "Anonymous" correctly sends it now | ## ref: - Closes #45619 <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Refactor** * Internal code structure improvements to enhance maintainability and component organization. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Problem The Supabase CLI sometimes fails to start because the postgres port is already used: > failed to start docker container: Error response from daemon: failed to set up container networking: driver failed programming external connectivity on endpoint supabase_db_supabase (10587f26e7287c8086fd27db12be7aac4afe1f3fc521c9d7a8dfe109993c995d): failed to bind host port for 0.0.0.0:54322:172.18.0.2:5432/tcp: address already in use ## Solution None yet, debugging <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Chores** * Enhanced end-to-end test workflow with added pre-start and failure diagnostics for better observability and troubleshooting of test runs. * Updated the e2e setup CLI script to skip certain local services by default and clarify script formatting for maintainability. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
…5149) ## Problem We want to upgrade to react 19. However some libraries aren't compatible with it. Besides, `next-mdx-remote` is now archived and not maintained anymore. ## Solution The [NextJS documentation)[https://nextjs.org/docs/15/app/guides/mdx#remote-mdx] suggest using [`next-mdx-remote-client`](https://github.com/ipikuka/next-mdx-remote-client) which was a fork of `next-mdx-remote`. - [x] migrate `apps/www` from `next-mdx-remote` to `next-mdx-remote-client` - [x] migrate `apps/www` from `next-mdx-remote` to `next-mdx-remote-client` I haven't noticed any change in the pages. When upgrading to react 19, we'll have to use v2 of `next-mdx-remote-client`. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Refactor** * Switched MDX rendering/serialization to a newer client-focused implementation across docs and site for improved compatibility. * **Bug Fixes** * Improved handling of serialization errors so MDX failures render clear fallback messages instead of breaking pages. * **Chores** * Updated local environment template value for the public anonymous key. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Logo field now accepts/editable logo URL, plus a new storage-based Logo Picker to select or remove images from project storage. * Full storage picker: browse buckets, columns/list views, search, drag‑and‑drop uploads, file previews (image/audio/video), and single-file selection with responsive mobile/desktop layouts. * **Refactor** * Logo submission streamlined to send the provided URL directly (legacy file-read/upload flow removed). <!-- end of auto-generated comment: release notes by coderabbit.ai -->
Co-authored-by: supabase-cli-releaser[bot] <246109035+supabase-cli-releaser[bot]@users.noreply.github.com>
## I have read the [CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md) file. YES <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Documentation** * Clarified API key changes (new publishable/secret scheme, where to obtain each, legacy keys valid through end of 2026) and updated many getting-started tutorials with clearer setup, flow, and auth guidance. * **New Features** * Added/expanded profile photo/avatar upload and account integration steps across multiple tutorials. * **Guides** * Added guidance on auth helper methods and when to use them. * **Examples** * Example app updated to use token claims for auth state. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Katerina Skroumpelou <mandarini@users.noreply.github.com> Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
## Summary - Adds a note explaining that skills install at **project scope by default** (committed to git, shared with team and cloud agents) and that `--global` installs across all projects - Mentions `--all` for users who work across multiple AI agents - Cross-links the [Supabase agent plugin](/docs/guides/getting-started/plugins) from both the agent skills and MCP docs for users who want the MCP server and skills in a single install Closes [AI-672](https://linear.app/supabase/issue/AI-672/add-other-plugins-to-docs-with-clearer-project-vs-global-level) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Documentation** * Updated AI skills installation guide with detailed instructions for project-scoped, global, and multi-agent installation options * Enhanced MCP setup guide with recommendation to install the Supabase agent plugin for streamlined configuration * Added direct link to the skills npm package for improved resource accessibility * Refined compatibility information in AI skills guide <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> Co-authored-by: Jeremias Menichelli <jmenichelli@gmail.com>
Prevents the AI assistant from helping with local git/filesystem operations, and adds explicit warnings before irreversible database operations (DROP TABLE, DELETE without WHERE, etc.). Adds a `safetyScorer` and eval cases to cover these behaviours. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Added a Safety metric to evaluations so assistant responses are scored for safe handling of destructive or risky requests * Assistant guidance updated to refuse destructive local VCS/filesystem actions and require clear warnings for irreversible database operations * **Tests** * Added evaluation cases covering safe refusals, clear warnings, and correct handling of destructive or risky prompts * **Chores** * Enabled Safety metric in online evaluation manifests/handlers <!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the [CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md) file. YES ## What kind of change does this PR introduce? Tidying up the bottom panel in unified logs. Taking care of some visual quirks etc. Also preparing this area to house some other future concepts via tabs. | Before | After | |--------|--------| | <img width="828" height="384" alt="Screenshot 2026-04-30 at 11 24 09" src="https://github.com/user-attachments/assets/804bdf1c-7cdb-4dd8-bf1e-31c434ef1436" /> | <img width="830" height="407" alt="Screenshot 2026-04-30 at 11 22 53" src="https://github.com/user-attachments/assets/28555efe-f893-4bae-bcb0-284e6db733e6" /> | <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Redesigned service flow panel with Overview and Raw JSON tabs * Added Previous/Next navigation controls with Arrow Up/Down keyboard support * New detail components and section headers with icons for clearer organization * Improved Postgres detail view and message/session display * **Bug Fixes / Changes** * Removed legacy header UI and related controls * **UI / Style** * Enhanced copy-to-clipboard feedback animation * Updated "Load more" button styling * Adjusted panel sizing for improved resizing behavior <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Ali Waseem <waseema393@gmail.com>
## Summary
- Adds a reusable `<LegalDocVersions />` component (dropdown below the
page header) that swaps the active legal doc version inline via shallow
query-param routing (`?version=v1`).
- Converts `/terms` and `/enterprise-terms` from MDX to TSX pages and
moves their content into versioned MDX under
`apps/www/data/legal/<doc>/v1.mdx`.
- Seeds `v2.mdx` for both docs as a copy of v1 with the effective date
bumped to 6 May 2026 — the actual v2 language edits from legal will land
in a follow-up commit.
## Behavior
- `/terms` and `/enterprise-terms` default to v2 (latest); search
engines and bare URLs always see the latest.
- `/terms?version=v1` (and equivalent for enterprise) renders v1.
- Selecting a version updates the URL via `router.replace({ shallow:
true })` — no full page reload, browser back/forward works.
- Selecting the latest version clears the `version` query param.
- Existing `/docs/company/terms → /terms` redirect still works.
`noindex/nofollow` preserved on `/enterprise-terms` (both via meta and
the existing header rule).
## Out of scope
- The 5 v2 provision edits per agreement (lands in a follow-up once
Legal hands over the final language).
- `/privacy` and other legal pages — those keep their current pattern.
Linear:
[FE-3121](https://linear.app/supabase/issue/FE-3121/update-legal-terms-pages-and-add-version-selector)
## Test plan
- [ ] Visit `/terms` — defaults to v2, dropdown shows "Version 2 — May
6, 2026" and "Version 1 — July 11, 2025"
- [ ] Visit `/terms?version=v1` — renders v1
- [ ] Select v1 from the dropdown — URL becomes `?version=v1`, content
swaps without full page reload (no document request in Network tab)
- [ ] Select v2 — URL drops the `version` param, latest renders
- [ ] Browser back/forward steps through prior selections
- [ ] Repeat the above on `/enterprise-terms`
- [ ] Confirm `/enterprise-terms` is still `noindex, nofollow`
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Version selector and new Terms & Enterprise Terms pages allowing users
to switch between historical agreement versions.
* MDX-based legal documents now render as components for improved
content loading.
* **Documentation**
* Added v2 Terms and v2 Enterprise subscription agreements; v1 documents
adjusted and typography normalized for consistency.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context As per PR title - just updates the NoticeBanner component for TOS update information <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Added a Terms of Service update notification banner to inform users about recent policy changes. * Notification includes a dialog/modal with full update details, links, and effective date; it replaces the previous maintenance notification so users receive clear, actionable information. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Problem Clicking button does nothing. toggling back to enable shows error related to pool size ## Solution Fix the form validation schema ## How to test - Go to Realtime Settings `/realtime/settings` - Try disabling it <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Two-step save: clicking Save opens a confirmation before changes are applied. * Warning displayed when database pool size exceeds 50% of max connections (max shown dynamically). * **Improvements** * Form adapts to suspended vs. active realtime states with fewer required fields when suspended. * Better field labeling and accessibility; form resets and consistent feedback after successful updates. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
The connect button was missing its text Before: <img width="833" height="244" alt="Screenshot 2026-05-06 at 17 46 23" src="https://github.com/user-attachments/assets/c03e972f-bef6-4bd7-8819-dd51509c58eb" /> After: <img width="678" height="208" alt="Screenshot 2026-05-06 at 17 46 58" src="https://github.com/user-attachments/assets/5b020017-133e-47c3-8138-925c27299665" /> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Bug Fixes** * Improved screen reader accessibility in the Connect button by refining how text visibility is handled based on button display mode. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
16 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )