Supavisor, our connection pooler, does not support using Network Restrictions at the moment. Support for Network Restrictions will be enabled on the 24th of January 2024.

If you are not using Supavisor, this change does not affect you.

Starting the 24th, projects with existing network restrictions will have their Supavisor configuration automatically updated with the same restrictions. Changes to any project’s network restrictions will also be automatically propagated to Supavisor.

FAQ#

• How does the upcoming IPv6 migration affect this change?

If direct connections to your database resolve to a IPv6 address, you need to add both IPv4 and IPv6 CIDRs to the list of allowed CIDRs. Network Restrictions will be applied to all database connection routes, whether pooled or direct. You will need to add both the IPv4 and IPv6 networks you want to allow. There are two exceptions: if you have been granted an extension on the IPv6 migration OR if you have purchased the IPv4 add-on, you need only add IPv4 CIDRs.

On February 1st 2024, AWS will start charging for IPv4 addresses. We're deprecating IPv4 for direct connections.

For more rationale behind the change, please read our blog post: Brace yourself, IPv6 is coming.

If you plan on not using our connection pooler, which still supports IPv4, and your environment does not support IPv6, consider enabling the add-on.

[!NOTE]
You do not need to enable this add-on if you use Supavisor, our new connection pooler!

The add-on is $4 per month - we're simply passing on the AWS costs to you. The add-on is available for all paid plans.

You still need to migrate away from PGBouncer even with this add-on enabled.

You can now enable the IPv4 addon in your project addon settings.

Additionally, we're working on making this even better by offering dedicated IPv4 addresses which help with IP allowlisting and network restrictions. There will be another update once dedicated IPv4 addresses are ready to use.

Column-level privileges management#

Manage column-level privileges via the dashboard. This was a long time coming with many users looking forward to the addition of this to the dashboard. Huge shoutout once again to @HTMHell and everyone for their patience while we got this through the gates 🙏

PR: https://github.com/supabase/supabase/pull/13745

Link: https://supabase.com/dashboard/project/_/auth/column-privileges

Table editor support for copying cells via keyboard shortcut#

You can now copy cell values in the Table Editor via Cmd+c and Cmd+v (or Ctrl+c or Ctrl+v)! Hopefully this makes managing your data a little more easier.

PR: https://github.com/supabase/supabase/pull/20261

Link: https://supabase.com/dashboard/project/_/editor

Table editor prevent deleting all rows in a table through the GUI while impersonating a role#

We're disabling the "Delete rows" action in the Table Editor when you've selected all rows in a table, and are impersonating a role due to an issue which @jacob-8 found (appreciate your report! 🙏) The issue mentioned can be found here.

PR: https://github.com/supabase/supabase/pull/20349

Link: https://supabase.com/dashboard/project/_/editor

Storage Explorer support for emptying a bucket#

PR: https://github.com/supabase/supabase/pull/20335

Link: https://supabase.com/dashboard/project/_/storage/buckets

Released Supavisor 1.1.6

Notable#

• Fixes a bug which caused prepared statements to fail in session mode

A rundown of everything we shipped during Launch Week X

Day 1 - Supabase Studio: AI Assistant and User Impersonation#

Supabase Studio received a major update that reflects our commitment to a SQL-first approach and user-centric development. Awesome features like easy RLS policies with an AI assistant, Postgres Roles, User Impersonation, and much more.

• Blog post
• Video announcement

Day 2 - Edge Functions: Node and native npm compatibility#

Edge Functions now natively supports npm modules and Node built-in APIs. You can directly import millions of popular, commonly used npm modules into your Edge Functions.

• Blog post
• Video announcement

Day 3 - Supabase Branching#

A Postgres database for every GitHub branch. Database branching means you can have separate database instances for each feature of your application.

• Blog post
• Video announcement

Day 4 - Supabase Auth: Identity Linking, Hooks, and HaveIBeenPwned integration#

We announced several new features for Supabase Auth: Identity Linking, Session Control, Leaked Password Protection, and Auth Hooks with Postgres functions.

• Blog post
• Video announcement

Day 5 - Introducing Read Replicas#

This is a huge one for anyone wanting to serve data closer to the users or distribute loads across multiple databases. Learn how we implemented Read Replicas and how to use them in your projects.

• Blog post
• Video announcement

More announcements from Launch Week X#

As if all that wasn't enough, we shipped even more cool stuff:

• Fly Postgres, managed by Supabase
• Supabase Libraries V2: Python, Swift, Kotlin, Flutter, and Typescript
• Supavisor 1.0: a scalable connection pooler for Postgres
• Postgres Language Server: implementing the Parser
• Supabase Grafana
• Supabase Wrappers v0.2: Query Pushdown & Remote Subqueries
• PostgREST 12
• pg_graphql: Postgres functions now supported

Released Supavisor 1.1.5

Notable#

• Pools now start with only 10 connections and create new ones up to tenant default_pool_size or user pool_size
• Logs correct tenant id
• API endpoints accept PATCH requests

Previously Supavisor would start a deterministic number of connection depending on the pool size specified on the tenant or tenant user.

Now Supavisor will start 10 connections and then allocate more as needed.

It was pretty easy to over-allocate your database max_connections without fully understanding what your max_connections were and how many were currently being used by other services.

This also makes migration from PgBouncer easier as it's much safer to run multiple connection poolers at the same time as you migrate, as long as they both don't need to allocate their full database connection pools.

Also an implied behavior of Supavisor was that each user connected spins up it's own pool. Without understanding this behavior it's easy to over-allocate database connections by connecting different Posgres users to the pooler.

Improve loading interface on Auth users page#

Navigating between pages if your project has many users is now less jarring.

PR: https://github.com/supabase/supabase/pull/19940

Link: https://supabase.com/dashboard/project/_/auth/users

Fix viewing RLS policies of a table from table editor not selecting its schema on the RLS page#

More specifically if the table does not belong to the public schema.

PR: https://github.com/supabase/supabase/pull/20100

Link: https://supabase.com/dashboard/project/_/editor

Fix inability to delete enumerated type from the dashboard if type name has Uppercase initial letter#

Thank you @tranhoangvuit for helping us on this!

PR: https://github.com/supabase/supabase/pull/20023

Link: https://supabase.com/dashboard/project/_/database/types

Sort RLS policies alphabetically#

Once again, thank you @tranhoangvuit for helping us with this!

PR: https://github.com/supabase/supabase/pull/20163

Link: https://supabase.com/dashboard/project/_/auth/policies

Released Supavisor v1.1.2

Notable#

• allow_list field on the tenant to support network restrictions
• More docs
• client_heartbeat_interval on the tenant to detect zombie client connections
• Bug fixes
• Observability improvements

The client_heartbeat_interval helps us detect client connections from behind a load balancer which are dead but did not close the TCP connection correctly. This interval defaults to one minute but is configurable per tenant.

The allow_list field on the tenant takes a list of CIDR ranges and validates incoming connection addresses against this list. The incoming client address must be in one of these ranges to be accepted.

Also, started a Supavisor FAQ!

Further to https://github.com/orgs/supabase/discussions/18654 , the threshold for transitioning large databases to use physical backups for their daily backups is being lowered to 40GB over the next few days.

Physical backups are more performant, have lower impact on the db, and avoid holding locks for long periods of time. Restores continue to work as expected, but backups taken using this method can no longer be downloaded from the dashboard.

Over the next few months, we'll be introducing functionality to restore to a separate, new database, allowing for the perusal of the backed up data without disruption to the original project.

Please refer to supabase.com/docs/guides/platform/backups#daily-backups-process for additional details.

Launch Week X is just over, but the fun doesn't stop! This changelog summarizes what has been released for Studio over last week as well as other improvements that we shipped behind the scenes while Launch Week X was ongoing.

Supabase Assistant (For Auth RLS policies)#

https://github.com/supabase/supabase/assets/19742402/c10ab0bc-a2be-4739-be3a-5eb6ef802af1

We've got a new RLS Editor that brings SQL front-and-center, giving developers access to the full potential of Postgres rather than abstracting it away. Accompanying it is an AI assistant that has been tuned to produce SQL for Row Level Security policies, making it fast and easy to get your policies setup the way you need them.

If you're keen to give this a spin, you may enable this feature from the Feature Previews section (which we'll cover more in the last section of this changelog) while you're in a project. This will replace the current UI for creating RLS policies with this new AI assisted RLS Editor UI.

PR: https://github.com/supabase/supabase/pull/19166

Link: https://supabase.com/dashboard/project/_/auth/policies

Postgres Roles & User Impersonation#

Run queries in Studio using different roles - this is potentially a powerful tool for testing your Row Level Security policies and determining which data each role can access. You may also impersonate a specific user in Studio by "minting" a JWT with their ID and then running the queries using that JWT.

This feature is available not just in the Table Editor, but also in the SQL Editor, GraphiQL interface, and Realtime Inspector (which we'll talk about more right in the next section below)

PR: https://github.com/supabase/supabase/pull/18945

Link: https://supabase.com/dashboard/project/_/editor

Realtime Inspector#

An easy way to prototype, inspect, and debug Realtime directly in the Studio. You can use the Realtime Inspector to view messages being sent and received in channels, and also filter messages by type: presence, broadcast, and database changes.

PR: https://github.com/supabase/supabase/pull/17617

Link: https://supabase.com/dashboard/project/_/realtime/inspector

Feature Previews#

Our new tool for unveiling new features - we'll release beta features as previews before making them generally available. This will help us to get features out to you faster, make it easier for you to give us feedback, and also shorten the iteration loop.

PR: https://github.com/supabase/supabase/pull/17775

Link: https://supabase.com/dashboard/project/_

Auth Settings added option to support manual identity linking#

Supabase Auth allows a user to initiate identity linking with a different email address when they are logged in. More information can be found in our documentation here.

PR: https://github.com/supabase/supabase/pull/19615

Link: https://supabase.com/dashboard/project/_/settings/auth

Table Editor support selecting types from the extensions schema when creating/editing columns#

Database extensions that are installed through the dashboard on the database/extensions page are, most of the time, installed by default in the extensions schema (as it's the default dropdown option) unless the extension has a schema that it's required to be in, or the user changes it to be installed in another schema.

If the installed extension (e.g vector) has enumerated types, the Table Editor then can access those types for users to assign them to columns, without having the user to install them in another schema.

PR: https://github.com/supabase/supabase/pull/19580

Link: https://supabase.com/dashboard/project/_/editor

Network Bans highlight IP Address if it belongs to the current logged-in user#

PR: https://github.com/supabase/supabase/pull/19666

Link: https://supabase.com/dashboard/project/_/settings/database

We've been building for 9 months now, are we're getting even closer to Beta.

This is also available as a blog post and a video demo.

Add users#

You can now add users manually from your dashboard.

User admin#

You can also perform admin functions on existing users - send password reset emails, magic links, and delete users.

Even more powerful SQL Editor#

Last month we announced an improved SQL Editor, and this month we've taken it even further. The SQL Editor is now a full Monaco editor, like you'd find in VS Code. Build your database directly from the browser.

Status page#

We added a Status Page which tracks the uptime and latency of the Supabase platform.

Kaizen#

• We completed a security audit by DigitalXRAID.
• Email confirmations now enabled by default for signups.
• Updated Benchmarking Suite to include more realistic workloads, on various different servers (results published soon).
• You can now set/edit/remove Foreign Keys via the table editor.

We're now 8 months into building Supabase. We're focused on performance, stability, and reliability but that hasn't prevented us from shipping some great features.

This is also available as a blog post and a video demo.

Supabase.js 1.0#

In the lead-up to our Beta launch, we've released supabase-js version 1.0 and it comes with some major Developer Experience improvements. We received a lot of feedback from the community and we've incorporated it into our client libraries for our 1.0 release.

Check out the blog post to learn more.

More powerful SQL Editor#

Although it was only intended to be a temporary feature, the SQL Editor has become one of the most useful features of Supabase. This month we decided to make give it some attention, adding Tabs and making it full-screen. This is the first of many updates, we've got some exciting things planned for the SQL Editor.

Keyboard shortcuts for Power Users#

For the heavy table editor users, we've gone ahead and added a bunch of key commands and keyboard shortcuts so you can zip around and manipulate your tables faster than ever.

Magic Links#

One of the most requested Auth features was the ability to send magic links that your users can use to log in. You can use this with new or existing users, and alongside passwords or stand alone.

Kaizen#

• We have new and improved docs.
• We converted realtime-js to TypeScript.
• Dashboard Performance: we heavily optimised our dashboard routes.
• With the help of the community, we closed a lot of issues during Hacktoberfest.
• We have started benchmarking all the open source tools we use. We'll publish the results this month.

This is also available as a blog post.

Third-party logins#

We've released OAuth logins! You can now enable third-party logins on your app for Bitbucket, GitHub, GitLab, or Google.

Clone tables#

You can duplicate your tables, just like you would inside a spreadsheet.

Enable and disable extensions#

Extensions are easier to use. You can enable Postgres extensions with the click of a button.

Save your favorite queries#

The SQL editor now stores your query history in your browser. You can also save your favorite queries to run later!

GitHub Discussions#

Supabase was given access to GitHub Discussions! This is the place for you to ask questions or show off what you've built with Supabase.

Kaizen#

• Our dashboard now uses Next.js automatic static optimization - so it should be noticeably more responsive.
• We created an Isomorphic gotrue-js TypeScript library for interacting with Netlify's GoTrue server. This will soon be bundled into supabase-js
• We migrated our postgrest-js library to TypeScript, and it will soon be bundled into supabase-js

This is also available as a blog post.

We're 6 months into building our hosted database platform and we've made some major improvements to our auth system and table view.

Easily create tables#

Set up tables and columns directly from the table view.

Invite your team#

You can now invite team members to your organisation.

Auth: Email Confirmations#

You can now enable Email Confirmations for new users. This can be toggled on or off and the template for this email can be edited via the dashboard.

Typescript support#

The biggest communty contribution to date, @thorwebdev added Typescript support to Supabase. He even live streamed the process.

Kaizen#

We have a number of small improvements:

• supabase-js now has UMD support
• We significantly improved our docs. Try out the new search!
• All of our awesome sponsors are now listed on our OSS page.

Supabase July Alpha Updates#

This is also available as a full blog post with videos.

After 5 months of building, we're releasing one of our most anticipated features: Supabase Auth.

Auth#

This month, we're ecstatic to announce a feature we think you'll love: Supabase Auth. It's too big to fit into a monthly update so look out for a full update in the next few days.

We want to make it easy to get started adding Auth to your app, so we've released a simple example and a video tutorial which shows you how to implement a basic auth system using PostgreSQL's Row Level Security.

Table Editor#

We've made some massive improvements to our Table Editor that we're excited to share.

Relationship drill down#

Last month we made it easy to drill into your table relationships. This month, we make it possible to drill multiple levels deep.

Add, delete, and download rows#

We're making it easier to manipulate your data. Next month, you'll be able to add and remove columns directly from the Table view.

New Postgres Extensions#

If you launch a new Supabase project, you'll have access to several new Postgres extensions:

• pgsql-http: HTTP client for PostgreSQL, retrieve a web page from inside the database.
• pgjwt: PostgreSQL implementation of JSON Web Tokens
• plpgsql_check: a linter tool for language PL/pgSQL
• pljava: write Java in your stored procedures, triggers, and functions

Kaizen#

We have a number of small improvements:

• Added Auth documentation to the auto-generated docs in each project
• Added a new or filter to the client library
• Table View now remembers which tabs you had open.
• We have released a lot of new functionality to pg-api, a server for for managing Postgres internals via a REST interface.
• Performance: the "flash of black" which was appearing on page transition is now gone

Supabase June Alpha Updates#

This is also available as a full blog post with videos.

We're now 4 months into building Supabase, which means another major update. Here's a few things we think you'll love in this release.

View relational data#

We're sometimes asked how we will make Postgres as simple as Firebase, since Postgres is a relational database. This month we're making our first steps to prove that relational databases can be even easier to use than document stores. We're releasing an excel-like editing interface which can drill down into your relational data.

Manage JSON data#

Postgres is an amazing database, giving the flexibility of a document store with the power of a RDBMS. If you use JSON data in Postgres, then we want to make that easy too. Supabase detects when your column is JSON or JSONB, and provides an easy way to edit and view your data. More improvements coming soon for this feature!

Choose your region#

If you noticed a bit of latency on Supabase, it's because your projects were previously set up in Singapore. It was always our intention that you'd be able to choose your database region, and this month we've delivered it. In the next releases we'll even allow you to go multi-region, instantly replicating your database close to your customers.

Backups#

A guiding principle at Supabase is zero lock-in. So this month we are exposing your daily database backups on the dashboard, giving you a simple way to migrate off Supabase. We have a lot more to build in this space (WAL-G!), so watch this space.