Changelog

New updates and product improvements

A quicker way to get your project's connection parameters

We've made retrieving your project's connection parameters more easily accessible by adding a "Connect" button to each projects' homepage. This will show you some quick instructions on how to either connect to your database directly, or connect to your project via some app frameworks and ORMs. Hopefully this will help both new and familiar developers on Supabase to get to building quicker without having to jump around the dashboard to find these information.

PR: https://github.com/supabase/supabase/pull/20328

Link: https://supabase.com/dashboard/project/_

Table Editor side menu revamp

screenshot-2023-12-22-at-13 06 32

We're in the midst of revising the UX around the table editor to ensure that controls aren't sprawled across the page despite us building more and more features - and this is just the first step of more to come. Icons for tables and views have been tweaked to be more minimal, each table has an indicator to whether RLS has been enabled or not, and the search bar has been made a tad sleeker. As an assurance, we definitely hear everyone's feedback about the changes here in particular with the search bar being less visible and are actively looking to improve the experience here! 🙏

PR: https://github.com/supabase/supabase/pull/19977

Link: https://supabase.com/dashboard/project/_/editor

Table Editor header simplification

Similar to the above, we've updated the layout a little for the Table Editor itself, briefly the changes include

  • Support for enabling RLS from the Table Editor
  • Showing an indication of how many policies the table has
  • Shifting refresh + data/definition toggle to the footer of the grid

All these are tiny steps to allowing us to build more functionality into the Table Editor without turning it into a control panel!

PR: https://github.com/supabase/supabase/pull/18366

Link: https://supabase.com/dashboard/project/_/editor

View auth user details

We've had some feedback from users that they'd want a convenient way to check on their project's users from the UI rather than having to go through the Table Editor or SQL Editor to query the auth.users table, and so we've gone ahead to ship this one.

PR: https://github.com/supabase/supabase/pull/21239

Link: https://supabase.com/dashboard/project/_/auth/users

Other improvements and bug fixes

Table Editor

  • Fix definition view showing empty result if formatting the definition throws an error (PR)

SQL Editor

  • Refocus to code editor after closing destructive query warning modal (PR)

Authentication

  • Fix policies under tables from "protected" schemas not showing RLS disabled/enabled state (PR)
    • Also show "protected" schemas notice when viewing policies of tables under those schemas
  • Clicking "Toggle feature preview" from the new RLS creation UI will show a confirmation dialog if changes were made before closing the panel (PR)

Storage

  • Renaming a file will just highlight the name of the file without the extension, similar to MacOS (PR)

SQL editor bulk deletes

https://github.com/supabase/supabase/assets/19742402/f50eabbf-9c30-4828-8f5f-0efeef67a025

We hear you! This has been a very popular request by everyone and we're happy to make the first step to improving the UX around your SQL snippets. You can now delete your queries in bulk - gone are the days of rows full with Untitled queries 😄 Fret not, we're also aware that everyone is also requesting for better organization of snippets (specifically folders) - we're actively figuring out how best to bring that UX into the dashboard for everyone so be sure to watch this space 😉

PR: https://github.com/supabase/supabase/pull/20927

Link: https://supabase.com/dashboard/project/_/sql/new

Query performance updates

Unoptimized queries are a major cause of poor database performance - which is why the query performance report was initially built. We're equipping this page with better tooling, allowing users to:

  1. Search by query or role
  2. Sort results by latency
  3. Expand results to view the full query that was run

As always, if there's anything more we can do for you, feel free to give us a shout in the feedback widget up top 🙂

PR: https://github.com/supabase/supabase/pull/20907

Link: https://supabase.com/dashboard/project/_/reports/query-performance

Logs Explorer face lift

In an effort to make our UI more consistent + coherent across all products, we've revamped the Logs Explorer to look just like the SQL Editor in hopes that there's less UI for users to learn, and users can just stay focused on doing what they want to do.

PR: https://github.com/supabase/supabase/pull/21055

Link: https://supabase.com/dashboard/project/_/logs/explorer

Support for composite foreign keys in table editor

The previous UI for managing foreign keys in the table editor had functional limitations as it assumed single column relations for foreign keys (overly simplified). We've thus shifted the management of foreign keys into the table side panel editor instead. You can manage all foreign keys across all columns on the table in one place, rather than going into each column individually to do so.

PR: https://github.com/supabase/supabase/pull/21078

Link: https://supabase.com/dashboard/project/_/editor

Other improvements and bug fixes

Table Editor

  • Fixed duplicating a table not saving it's description (PR)
  • Fixed viewing a reference row in the table editor from the grid not updating the selected schema if referenced row is in another schema (PR)
  • Fixed errors from adding data via spreadsheet/CSV text not surfacing as toasts (PR)

SQL Editor

  • Fixed long errors getting cut off / not horizontally scrollable (PR)
  • Fixed deleting a query that's not saved throws an error (PR)

Logs Explorer

  • Inserting a source will insert the value after the FROM command (PR)

Database

  • Fixed enumerated types side panel input fields not resetting after saving (PR)
  • Fixed roles side panel input fields not resetting after saving (PR)

Misc

  • Support page is now mobile responsive (PR)

Supavisor replaces PgBouncer for database connection pooling

We’re deprecating PgBouncer and migrating all projects to our Supavisor connection pooler. Go grab the pooler connection string in your project’s Database Settings.

Learn more

Direct database connection resolve only to IPv6

[ACTION REQUIRED] AWS is deprecating IPv4, so we’ve migrating your project to IPv6. If your network supports IPv6 and/or you’re using PostgREST then you don’t need to make any changes. Otherwise, you need to update any connections to Supavisor’s connection pooler. We’ve also made IPv4 addresses available to purchase (passing on the cost from AWS).

Learn more

Supabase Studio's latest enhancements

Improved text editing in Table Editor, with Markdown previews

We’ve made it much better for you to edit text in the Table Editor, including Markdown previews so you can preview your changes with ease. [PR]

Preview HTML email templates right from the dashboard

We’ve added the ability to preview your HTML email templates right from the dashboard. [PR]

Preview SQL snippets for better discoverability

We’ve added previews to your saved query snippets so you can find the one you’re looking for much faster. [PR]

More Studio updates

Quick product announcements

  • [AI] Added a guide on how to integrate Amazon Bedrock SDK with Supabase Vecs, our vector client for Postgres. [Guide]
  • [Auth] Improved guide on implementing Server-Side Auth for Next.js. [Guide]
  • [Auth] Fixed the cookie chunking issue in @supabase/ssr - shout out to SyntheticGoop from Mobbin. [PR]
  • [Auth] Fixed a bug in using a custom cookie name in @supabase/ssr. [PR]
  • [Edge Functions] Created a guide on custom routing. [Guide]
  • [Edge Functions] Created a guide on how to deploy via CI/CD pipelines on GitHub, GitLab, and Bitbucket. [Guide]
  • [Edge Functions] Edge Runtime now supports Deno 1.39.2. [Learn more]
  • [Edge Functions] Updated quickstart guide. [Video]

Blog Central

How pg_graphql Works

Learn about how we built the GraphQL Postgres extension, written in the Rust programming language, that powers our GraphQL data API.

Learn more

Getting started with Ruby on Rails and Postgres on Supabase

Learn about how you can spin up a Rails app, integrate a Supabase database, and deploy it to Fly.io.

Learn more

Other awesome blog posts

Greater clarity on billing breakdown

new-billing-breakdown

We value transparency here at Supabase and that includes ensuring our users having clear visibility over what they are paying for. We've added some details in the organization billing breakdown section to show what are the "Current costs", on top of the "Projected costs" for the organization, and also added information regarding both of them in the form of tooltips. Compute credits are also shown here to ensure that those are considered in the costs calculation.

PR: https://github.com/supabase/supabase/pull/20498

Link: https://supabase.com/dashboard/org/_/billing#breakdown

SQL Editor preview snippets by hovering over them in the navigation menu

In efforts to hopefully to make it easier to find your queries. We're aware that users are facing difficulty in managing their SQL queries, in particular when the number of queries grow really big - we're actively looking into how to make things better 🙏 Watch this space!

PR: https://github.com/supabase/supabase/pull/20694

Link: https://supabase.com/dashboard/project/_/sql/new

Table Editor edit text cells with larger real estate

We've seen some users reaching out to us via feedback that they'd like a larger editor to edit their text-based column cells on the table editor - we hear you! And we've also sprinkled in some Markdown preview for those who might need it 🙂

PR: https://github.com/supabase/supabase/pull/20727

Link: https://supabase.com/dashboard/project/_/editor

Auth email templates preview

image

Many users have been requesting for this, and so has the team internally - you may now preview your HTML email templates right here in the dashboard. Gone are the days having to manually check your templates elsewhere, hopefully this will make your development lives a little easier.

PR: https://github.com/supabase/supabase/pull/20681

Link: https://supabase.com/dashboard/project/_/auth/templates

Database enumerated types will show enumerated types only

Shoutout to @Nabhag8848 for the help on this! We always appreciate and look up to any support from the community 🙏

PR: https://github.com/supabase/supabase/pull/20576

Link: https://supabase.com/dashboard/project/_/database/types

cron schema from the pg-cron extension no longer editable via the GUI

The schema is nonetheless still editable from the SQL editor by writing queries directly. This is in efforts to prevent directly inserting/updating rows on the pg_cron extension's cron.job table as it bypasses security checks that would've been asserted when jobs are scheduled/modified via pg_cron functions. More information here.

PR: https://github.com/supabase/supabase/pull/20664

Link: https://supabase.com/dashboard/project/_/editor

Table Editor fix inability to copy input field values in the row side panel editor

PR: https://github.com/supabase/supabase/pull/20671

Link: https://supabase.com/dashboard/project/_/editor

Updates to the Database Settings page

We're stream-lining the connection UI on the database settings page to be more concise and simpler in hopes to improve the UX around connecting to your project's database, and a push to using the connection pooler as a recommended practice. As always, feel free to drop us feedback via the feedback widget in the navigation bar up top - we promise that we look at every single one of the feedback that comes in.

PR: https://github.com/supabase/supabase/pull/20575

Link: https://supabase.com/dashboard/project/_/settings/database

Network Restrictions now support adding restrictions to IPv6 addresses

PR: https://github.com/supabase/supabase/pull/20548

Link: https://supabase.com/dashboard/project/_/settings/database#network-restrictions

Network Restrictions addresses will be normalized when adding a new restriction

image

PR: https://github.com/supabase/supabase/pull/20514

Link: https://supabase.com/dashboard/project/_/settings/database#network-restrictions

IPv4 add-on now available to allow direct connections to your database via an IPv4 address

You may consider enabling this add-on via the dashboard if you're not planning on using our connection pooler (which still supports IPv4) and your environment does not support IPv6. More information regarding this add-on here.

PR: https://github.com/supabase/supabase/pull/20433

Link: https://supabase.com/dashboard/project/_/settings/addons

Logs Explorer support for updating and deleting queries

PR: https://github.com/supabase/supabase/pull/20343

Link: https://supabase.com/dashboard/project/_/logs/explorer/saved

Table Editor cell dropdown for enum columns will not show NULL option if column is not nullable

image

PR: https://github.com/supabase/supabase/pull/20474

Link: https://supabase.com/dashboard/project/_/editor

Removed deprecated LinkedIn Provider from Auth Providers

The LinkedIn provider was scheduled to be deprecated in favour of the current LinkedIn OIDC provider with a notice set up since November 2023 and a couple of email notifications sent out to our users. The LinkedIn provider is now removed from our Auth Providers page. Please do reach out to us via support if you might have been affected by this!

PR: https://github.com/supabase/supabase/pull/20510

Link: https://supabase.com/dashboard/project/_/auth/providers

Supavisor, our connection pooler, does not support using Network Restrictions at the moment. Support for Network Restrictions will be enabled on the 24th of January 2024.

If you are not using Supavisor, this change does not affect you.

Starting the 24th, projects with existing network restrictions will have their Supavisor configuration automatically updated with the same restrictions. Changes to any project’s network restrictions will also be automatically propagated to Supavisor.

FAQ

If direct connections to your database resolve to a IPv6 address, you need to add both IPv4 and IPv6 CIDRs to the list of allowed CIDRs. Network Restrictions will be applied to all database connection routes, whether pooled or direct. You will need to add both the IPv4 and IPv6 networks you want to allow. There are two exceptions: if you have been granted an extension on the IPv6 migration OR if you have purchased the IPv4 add-on, you need only add IPv4 CIDRs.

On February 1st 2024, AWS will start charging for IPv4 addresses. We're deprecating IPv4 for direct connections.

For more rationale behind the change, please read our blog post: Brace yourself, IPv6 is coming.

If you plan on not using our connection pooler, which still supports IPv4, and your environment does not support IPv6, consider enabling the add-on.

[!NOTE]
You do not need to enable this add-on if you use Supavisor, our new connection pooler!

The add-on is $4 per month - we're simply passing on the AWS costs to you. The add-on is available for all paid plans.

You still need to migrate away from PGBouncer even with this add-on enabled.

You can now enable the IPv4 addon in your project addon settings.

Additionally, we're working on making this even better by offering dedicated IPv4 addresses which help with IP allowlisting and network restrictions. There will be another update once dedicated IPv4 addresses are ready to use.

Column-level privileges management

Manage column-level privileges via the dashboard. This was a long time coming with many users looking forward to the addition of this to the dashboard. Huge shoutout once again to @HTMHell and everyone for their patience while we got this through the gates 🙏

PR: https://github.com/supabase/supabase/pull/13745

Link: https://supabase.com/dashboard/project/_/auth/column-privileges

Table editor support for copying cells via keyboard shortcut

You can now copy cell values in the Table Editor via Cmd+c and Cmd+v (or Ctrl+c or Ctrl+v)! Hopefully this makes managing your data a little more easier.

PR: https://github.com/supabase/supabase/pull/20261

Link: https://supabase.com/dashboard/project/_/editor

Table editor prevent deleting all rows in a table through the GUI while impersonating a role

We're disabling the "Delete rows" action in the Table Editor when you've selected all rows in a table, and are impersonating a role due to an issue which @jacob-8 found (appreciate your report! 🙏) The issue mentioned can be found here.

PR: https://github.com/supabase/supabase/pull/20349

Link: https://supabase.com/dashboard/project/_/editor

Storage Explorer support for emptying a bucket

PR: https://github.com/supabase/supabase/pull/20335

Link: https://supabase.com/dashboard/project/_/storage/buckets

Supavisor 1.1.6

Jan 11, 2024

A rundown of everything we shipped during Launch Week X

Day 1 - Supabase Studio: AI Assistant and User Impersonation

Supabase Studio received a major update that reflects our commitment to a SQL-first approach and user-centric development. Awesome features like easy RLS policies with an AI assistant, Postgres Roles, User Impersonation, and much more.

Day 2 - Edge Functions: Node and native npm compatibility

Edge Functions now natively supports npm modules and Node built-in APIs. You can directly import millions of popular, commonly used npm modules into your Edge Functions.

Day 3 - Supabase Branching

A Postgres database for every GitHub branch. Database branching means you can have separate database instances for each feature of your application.

Day 4 - Supabase Auth: Identity Linking, Hooks, and HaveIBeenPwned integration

We announced several new features for Supabase Auth: Identity Linking, Session Control, Leaked Password Protection, and Auth Hooks with Postgres functions.

Day 5 - Introducing Read Replicas

This is a huge one for anyone wanting to serve data closer to the users or distribute loads across multiple databases. Learn how we implemented Read Replicas and how to use them in your projects.

More announcements from Launch Week X

As if all that wasn't enough, we shipped even more cool stuff:

Supavisor 1.1.5

Jan 10, 2024

Released Supavisor 1.1.5

Notable

  • Pools now start with only 10 connections and create new ones up to tenant default_pool_size or user pool_size
  • Logs correct tenant id
  • API endpoints accept PATCH requests

Previously Supavisor would start a deterministic number of connection depending on the pool size specified on the tenant or tenant user.

Now Supavisor will start 10 connections and then allocate more as needed.

It was pretty easy to over-allocate your database max_connections without fully understanding what your max_connections were and how many were currently being used by other services.

This also makes migration from PgBouncer easier as it's much safer to run multiple connection poolers at the same time as you migrate, as long as they both don't need to allocate their full database connection pools.

Also an implied behavior of Supavisor was that each user connected spins up it's own pool. Without understanding this behavior it's easy to over-allocate database connections by connecting different Posgres users to the pooler.

Improve loading interface on Auth users page

Navigating between pages if your project has many users is now less jarring.

PR: https://github.com/supabase/supabase/pull/19940

Link: https://supabase.com/dashboard/project/_/auth/users

Fix viewing RLS policies of a table from table editor not selecting its schema on the RLS page

More specifically if the table does not belong to the public schema.

PR: https://github.com/supabase/supabase/pull/20100

Link: https://supabase.com/dashboard/project/_/editor

Fix inability to delete enumerated type from the dashboard if type name has Uppercase initial letter

Thank you @tranhoangvuit for helping us on this!

PR: https://github.com/supabase/supabase/pull/20023

Link: https://supabase.com/dashboard/project/_/database/types

Sort RLS policies alphabetically

Once again, thank you @tranhoangvuit for helping us with this!

PR: https://github.com/supabase/supabase/pull/20163

Link: https://supabase.com/dashboard/project/_/auth/policies

Released Supavisor v1.1.2

Notable

  • allow_list field on the tenant to support network restrictions
  • More docs
  • client_heartbeat_interval on the tenant to detect zombie client connections
  • Bug fixes
  • Observability improvements

The client_heartbeat_interval helps us detect client connections from behind a load balancer which are dead but did not close the TCP connection correctly. This interval defaults to one minute but is configurable per tenant.

The allow_list field on the tenant takes a list of CIDR ranges and validates incoming connection addresses against this list. The incoming client address must be in one of these ranges to be accepted.

Also, started a Supavisor FAQ!

Further to https://github.com/orgs/supabase/discussions/18654 , the threshold for transitioning large databases to use physical backups for their daily backups is being lowered to 40GB over the next few days.

Physical backups are more performant, have lower impact on the db, and avoid holding locks for long periods of time. Restores continue to work as expected, but backups taken using this method can no longer be downloaded from the dashboard.

Over the next few months, we'll be introducing functionality to restore to a separate, new database, allowing for the perusal of the backed up data without disruption to the original project.

Please refer to supabase.com/docs/guides/platform/backups#daily-backups-process for additional details.

Launch Week X is just over, but the fun doesn't stop! This changelog summarizes what has been released for Studio over last week as well as other improvements that we shipped behind the scenes while Launch Week X was ongoing.

Supabase Assistant (For Auth RLS policies)

https://github.com/supabase/supabase/assets/19742402/c10ab0bc-a2be-4739-be3a-5eb6ef802af1

We've got a new RLS Editor that brings SQL front-and-center, giving developers access to the full potential of Postgres rather than abstracting it away. Accompanying it is an AI assistant that has been tuned to produce SQL for Row Level Security policies, making it fast and easy to get your policies setup the way you need them.

If you're keen to give this a spin, you may enable this feature from the Feature Previews section (which we'll cover more in the last section of this changelog) while you're in a project. This will replace the current UI for creating RLS policies with this new AI assisted RLS Editor UI.

PR: https://github.com/supabase/supabase/pull/19166

Link: https://supabase.com/dashboard/project/_/auth/policies

Postgres Roles & User Impersonation

Run queries in Studio using different roles - this is potentially a powerful tool for testing your Row Level Security policies and determining which data each role can access. You may also impersonate a specific user in Studio by "minting" a JWT with their ID and then running the queries using that JWT.

This feature is available not just in the Table Editor, but also in the SQL Editor, GraphiQL interface, and Realtime Inspector (which we'll talk about more right in the next section below)

PR: https://github.com/supabase/supabase/pull/18945

Link: https://supabase.com/dashboard/project/_/editor

Realtime Inspector

An easy way to prototype, inspect, and debug Realtime directly in the Studio. You can use the Realtime Inspector to view messages being sent and received in channels, and also filter messages by type: presence, broadcast, and database changes.

PR: https://github.com/supabase/supabase/pull/17617

Link: https://supabase.com/dashboard/project/_/realtime/inspector

Feature Previews

Our new tool for unveiling new features - we'll release beta features as previews before making them generally available. This will help us to get features out to you faster, make it easier for you to give us feedback, and also shorten the iteration loop.

PR: https://github.com/supabase/supabase/pull/17775

Link: https://supabase.com/dashboard/project/_

Auth Settings added option to support manual identity linking

Supabase Auth allows a user to initiate identity linking with a different email address when they are logged in. More information can be found in our documentation here.

PR: https://github.com/supabase/supabase/pull/19615

Link: https://supabase.com/dashboard/project/_/settings/auth

Table Editor support selecting types from the extensions schema when creating/editing columns

Database extensions that are installed through the dashboard on the database/extensions page are, most of the time, installed by default in the extensions schema (as it's the default dropdown option) unless the extension has a schema that it's required to be in, or the user changes it to be installed in another schema.

If the installed extension (e.g vector) has enumerated types, the Table Editor then can access those types for users to assign them to columns, without having the user to install them in another schema.

PR: https://github.com/supabase/supabase/pull/19580

Link: https://supabase.com/dashboard/project/_/editor

Network Bans highlight IP Address if it belongs to the current logged-in user

PR: https://github.com/supabase/supabase/pull/19666

Link: https://supabase.com/dashboard/project/_/settings/database

Supavisor 1.0

Dec 13, 2023

Supavisor 1.0 is released. Rollout to Supabase hosted projects planned for next week.

Notable changes include:

  • Added support for named prepared statements
  • Added support for read replicas and query load balancing
  • Added a client_idle_timeout option
  • New docs build process and website (Github hosted)
  • Docs for migrating from PgBouncer
  • auth_query with md5 support
  • native pool_mode to proxy direct connections to Postgres
  • New metric for unique connected tenants
  • Cache metadata database queries for faster tenant info lookups
  • Bug fixes

See the full changelog:

https://github.com/supabase/supavisor/releases/tag/v1.0.0

We've improved insights into usage, billing and costs.

Vastly improved usage summary

We previously had a slightly hidden usage summary in the "Upcoming Invoice" section. This section has been revamped and moved to the organization's usage page.

The improved usage summary features:

  • Per-project breakdown for usage
  • Displays costs for over-usage on usage-based plans (pro with spend cap off, team, enterprise)
  • Displays usage in percent for usage-capped plans (free/pro with spend cap on)
  • Metrics with higher usage/costs will be sorted to the top
  • Insights into compute usage in summary
  • Usage can now be retrieved for a custom period and not just the current billing cycle
  • Usage summary can be filtered by project
  • Indicators if you're exceeding/approaching limits which could lead to restrictions

The new usage summary section (usage-capped plan):

New usage summary with a usage-based plan (Pro with spend cap off, Team, Enterprise):

When hovering over the circular progress bars, you get per-project breakdowns of usage and some further information:

We now also allow you to filter the total usage by a single project or a different period than the current billing cycle. Simply change the timeframe at the top of the usage page.

Usage filtered with a custom timeframe (not relative to billing cycle):

Daily Stats for Compute Usage

The organization's usage page shows daily stats for all sorts of usage-based metrics and was still missing insights for compute hours. Compute Usage insights have been added to the usage page.

New section on the usage page:

Sample usage with a single project:

When running multiple projects or projects on different compute sizes:

Better insights for upcoming invoice

The "Upcoming invoice" section on the organization billing page has been vastly improved and now offers per-project breakdown of metrics and project add-ons. Additionally, there is a simple projection of your cost at the end of the month.

Here's an overview of the new section with all project breakdowns collapsed:

You can expand any usage-based item or project add-on to get a per-project breakdown:

The line items have also been improved to show included quotas and costs for over-usage:

Quickly see if you're exceeding your plans limit

On usage-capped plans (Free Plan or Pro Plan with Spend Cap toggled on), you will now also see a warning on the top of the subscription page, in case you're exceeding your plan's limits. A more detailed breakdown is available on the organization's usage page.

Project breakdown for subscription preview

When you are about to upgrade your organization's subscription plan from free to paid or between paid plans, we show you a confirmation screen. That confirmation screen has been improved to show a per-project breakdown for compute costs. Additionally, some useful information about usage-billing for compute and links to related docs have been added.

New confirmation modal:

Break down add-ons on a per-project basis:

Education about usage-billing for compute, mixing paid/non-paid plans and links to related docs:

Table Editor row edit side panel fix boolean fields rendering stale value

There was issue in the Table Editor when you're editing rows in the side panel, specifically for column types that are rendering the Listbox component, whereby the data rendered in that input field is stale (from the previous row that you opened). This was caused by the Listbox component not re-rendering correctly when the value passed to it has changed and is now fixed.

PR: https://github.com/supabase/supabase/pull/19264 Link: https://supabase.com/dashboard/project/_/editor

Added recommendation to enable PITR when enabling branching

We strongly recommend enabling point in time recovery for your project if you're planning to enable branching. This is to ensure that you can always recover data if you make a "bad migration". For example, if you accidentally delete a column or some of your production data.

PR: https://github.com/supabase/supabase/pull/19324 Link: https://supabase.com/dashboard/project/_/

Previously, it was possible to directly insert/update rows on the pg_cron extension's cron.job table. This bypasses security checks that would've been asserted when jobs are scheduled/modified via pg_cron functions.

You can see how to schedule/modify cron jobs using the examples in our docs.

Allow access to backups page while project is restoring to download scheduled backups

PR: https://github.com/supabase/supabase/pull/19126 Link: https://supabase.com/dashboard/project/_/database/backups/scheduled

Show if a member has MFA enabled or not in organization settings page

PR: https://github.com/supabase/supabase/pull/19012 Link: https://supabase.com/dashboard/org/_/team

Show which email support will reach out to after submitting a ticket

PR: https://github.com/supabase/supabase/pull/19095 Link: https://supabase.com/dashboard/support/new

Added wildcard hints for bucket allowed MIME types in create/edit modal

PR: https://github.com/supabase/supabase/pull/19062 Link: https://supabase.com/dashboard/project/_/storage/buckets

SQL Editor support downloading snippet as a migration, a seed file or a SQL file

PR: https://github.com/supabase/supabase/pull/17341 Link: https://supabase.com/dashboard/project/_/sql/new

Table Editor fix freezing a column causes UI to crash

Shout out to @tranhoangvuit for this one! 🙏 PR: https://github.com/supabase/supabase/pull/19127 Link: https://supabase.com/dashboard/project/_/editor

LinkedIn has modified the required scopes for their API and OAuth Applications created prior to 1st Aug 2023 do not contain the appropriate scopes. This could cause errors when attempting to sign in with OAuth via LinkedIn. If you have LinkedIn provider enabled on your project a follow up notification will be sent to your email as you could potentially have a LinkedIn OAuth application created before 1st Aug 2023 and be affected. As we don't have access to LinkedIn OAuth configuration we cannot tell with certainty when your OAuth application was created and have to reach out to all users with LinkedIn enabled.

To adjust to this change, we have introduced a new LinkedIn (OIDC) provider which contains the new required scopes and we have deprecated the existing LinkedIn provider.

If you are using a LinkedIn OAuth Application created before 1st August 2023 we ask that you create a new LinkedIn application and migrate your Dashboard credentials from the deprecated LinkedIn provider to the new LinkedIn (OIDC) provider as shown in the screenshot below. Please do so before 4th Jan 2024 as we will be removing the provider from the dashboard then.

CleanShot 2023-11-25 at 00 51 46@2x

Edge Functions has some predefined secrets: SUPABASE_DB_URL, SUPABASE_ANON_KEY, SUPABASE_SERVICE_ROLE_KEY. Previously, if you reset your DB password or JWT secret, these secrets will become stale. Now, these changes should be propagated into Edge Functions secrets. This fixes https://github.com/supabase/supabase/issues/12415.

If you've previously had this issue, you can reset your DB password using the old value to avoid downtime for your app. If you're resetting the JWT secret, you need to update your app to use the new API keys, which incurs some downtime.

tldr:

Support for column encryption in the table editor has been removed. You can still use it, but you must use SQL. Your data is already encrypted-at-rest, so this is an advanced feature that should be used sparingly.

How it was previously

Previously, the Table Editor in the Supabase dashboard supported encrypting newly created columns using pgsodium’s Transparent Column Encryption (TCE).

Why we’re changing it

While this makes it easy to use, we found that the easiness has led to a lot of “mis-use” of Encryption. We’ve decided to remove it from the UI for now because TCE has a few sharp edges and the dashboard makes it too easy to encrypt columns without considering trade-offs.

This mis-use led to multiple users frequently running into unrecoverable issues with encryption. A non-exhaustive list of issues which we observed users running into when using TCE through the dashboard includes the following:

  • TCE is prone to inappropriate usage - we’ve seen users encrypting all kinds of stuff that does not need to be encrypted (e.g email address of sender/receivers). This incurs a performance penalty and results in a bad experience.
  • TCE makes migrating between projects (or local to hosted) a problem as you’d also have to copy the root encryption key separately, although this is nonetheless by design. Developers should be aware that “just works” and “advanced encryption” are very difficult goals to align.
  • Triggers (which are used by TCE) are executed in alphabetical order. When users add their own triggers on encrypted tables, they are frequently unaware if they are dealing with encrypted or unencrypted contents which has been a source of confusion.
  • Upserting into an encrypted column could produce doubly encrypted content.
  • Since TCE uses a view into an encrypted table, RLS rules that are applied on the underlying table do not apply to the views as views use the permissions of the creator rather than the query-er, leading to another source of confusion. There is a fix for this which is to add a security label to pg_sodium to make the view a security invoker.

If you want TCE, use SQL instead

As of now, you can use TCE in SQL by following the pg_sodium documentation so users who already are using TCE can continue doing so via the SQL editor on the dashboard, while new users will have to learn the nuts and bolts of what they are doing before trying to use the feature.

Server-Side Auth in Next.js 14

We've released @supabase/ssr, which makes it super easy to use cookies for storing user sessions. We’ve updated npx create-next-app -e with-supabase to use @supabase/ssr and made it compatible with Next.js 14.

Read the blog post.

pgvector vs Pinecone

pgvector is becoming the vector store of choice for developers. We’ve put it to the test against Pinecone and found that it performs better on cost and query throughput, without sacrificing accuracy.

See the full benchmarks

Manage storage buckets from the command line

You can now manage Storage buckets with the Supabase CLI:

  • supabase storage ls -r: show all buckets and objects
  • supabase cp -r readme.md ss:///bucket: upload local files to bucket
  • supabase cp -r ss:///bucket: download objects from bucket
  • supabase rm -r ss:///bucket: delete files from bucket

Managing Storage buckets with CLI works best if there are less than 100k objects in your bucket and each of them is smaller than 20MB. Reference docs are here.

What's new in Supabase Studio?

Supabase Studio is improved many times per day, here is some of what's new:

  • Better error surfacing in SQL Editor. [PR]
  • Break out auth rate limit fields into a separate page. [PR]
  • Enumerated types management. [PR]
  • New API side panel. [PR]
  • Audit logs for organizations available on Team plan.

Check them out.

Multi-factor Authentication in Supabase Studio

Secure your Supabase account with Multi-Factor Authentication. You can now add a time-based one-time password (TOTP), managed by apps such as 1Password, Authy, Google Authenticator or Apple's Keychain.

Check out the doc

Quick product announcements

  • [Auth] LinkedIn OIDC provider. [PR]
  • [Auth] Use token to include the redirect URL in your email template. [PR]
  • [pgvector] Upgrade 0.5.1 (faster HNSW index builds). [Release]
  • [Dashboard] Scopes for OAuth apps. [PR]
  • [Postgres] pg_jsonschema upgrade 0.1.4 to 0.2.0. [Release]
  • [Supavisor] Starts providing Docker Images. [Docker]
  • [GraphQL] GraphQL user defined functions now supported following the pg_graphql upgrade from 1.2.3 to 1.4.2. [Docs]

Databases larger than 100GB are being transitioned to using physical backups for their daily backups.

Physical backups are more performant, have lower impact on the db, and avoid holding locks for long periods of time. Restores continue to work as expected, but backups taken using this method can no longer be downloaded from the dashboard.

Over the next few months, we'll be introducing functionality to restore to a separate, new database, allowing for the perusal of the backed up data without disruption to the original project.

Please refer to https://supabase.com/docs/guides/platform/backups#daily-backups-process for additional details.

Postgres 12 is deprecated as of 14th October 2023 and support for it will be fully removed on 27th November 2023.

Postgres 15 comes with numerous features, bug fixes and performance improvements. Check out the announcement blog posts to find out what each version introduces.

Deprecation Timeline

  • 15th October: All users are notified via email about Postgres 12 Deprecation.
  • 27th October: Users can self serve upgrade to Postgres 15 from our dashboard. If you want to upgrade your database to Postgres 15 before 27th October, reach out to our support. A dashboard notification will be sent about this deprecation.
  • 13th November: Users are notified via email.
  • 27th November: All Postgres 12 databases are automatically upgraded to Postgres 15.

You will receive three notifications via email before 27th November notifying you about the deprecation of Postgres 12 and deprecation of IPv4 and PGBouncer.

Broadcast realtime messages via REST API

You can now broadcast Realtime messages to all your connected users by simply using a REST API call, removing the need to connect to a WebSocket. This will be especially useful with our Edge Functions!

Broadcast docs

Supavisor is now used for connection pooling in all new projects

Less than two months ago, we announced Supavisor, our own Postgres connection pooler that handles millions of connections. It’s now available in all new projects. You can continue using pgbouncer alongside Supavisor, however, it will be deprecated effective January 15th, 2024.

Learn more

Moving to IPV6 for Database Connection Strings

With IPv4 addresses becoming increasingly scarce and cloud providers starting to charge for it, we won’t be assigning IPv4 addresses to Supabase projects from January 15th, 2024. [db.projectref.supabase.co](http://db.projectref.supabase.co) will start resolving to a IPv6 address instead. If you plan on connecting to your database directly, you must ensure that your network can communicate over IPv6. Supavisor will continue to return IPv4 addresses, so you can update your applications to connect to Supavisor instead.

Learn more

New Foreign Data Wrapper: Airtable

Introducing the latest addition to our Wrappers lineup: Airtable! You can use it to query data from your Airtable bases and tables directly from Postgres:


_10
select * from my_airtable_table;
_10
# data from Airtable

Read the Airtable Wrapper docs Learn about Wrappers

Supabase Studio's latest enhancements

Supabase Studio is under constant improvement, here is what’s new:

  • Added UI support for cascade updates
  • Improved JSON previewing and editing
  • Button for toggling Realtime right from the Table Editor
  • See View definition and open it in the SQL Editor to modify
  • UI to view and unban IP addresses to manage banned IPs more conveniently
  • Import CSV files at the table creation stage and a new button to download the table as CSV

Try them out

HNSW Support for Vecs + pgvector

Added HNSW support inside Vecs, our Python library for pgvector. Vecs automatically creates schemas and collections inside your database, making it one of the easiest ways to get started with pgvector.

Read the HNSW docs

Quick product announcements

  • [PostgREST] JWT caching just landed. API requests are about to get 100ms faster. [PR]
  • [Auth] Added a default in-memory storage mechanism to allow using supabase-js in these environments to fall back to use this default storage mechanism now. Upgrade to supabase-js v2.36.0 or gotrue-js v2.54.0 for the latest changes. [PR]
  • [Edge Functions] Supports much simpler API for creating functions Deno.serve(req => new Response("ok")). No http standard library dependency needed. (Thanks eifr for contributing with updated CLI templates. [PR]
  • [Edge Functions] You can manage the secrets for your project's Edge Functions via the dashboard. [Try it now]

Updates

  • The deadline for the migration has been updated to 26th January 2024.
  • You can now purchase a IPv4 address from the add-ons page here if you want to keep using your IPv4 address. More info here.

Moving to IPV6 for Database Connection Strings

With IPv4 addresses becoming increasingly scarce and cloud providers starting to charge for it, we won’t be assigning IPv4 addresses to Supabase projects from January 15th 2024. db.projectref.supabase.co will start resolving to a IPv6 address instead. If you plan on connecting to your database directly, you must ensure that your network can communicate over IPv6. Supavisor will continue to return IPv4 addresses, so you can update your applications to connect to Supavisor instead.

There will be a few minutes of downtime during this migration.

Switching to Supavisor

We recently announced Supavisor, our new connection pooler. Supavisor is a direct replacement for PgBouncer. Using our own pooler is going to let us do things like load balancing queries across read replicas, query results caching, and a lot more.

Supavisor is now enabled for all projects created on or after Wednesday September 27th 2023. All existing projects will have Supavisor enabled by October 15th 2023.

Supavisor does not currently support Network Restrictions. Network restrictions support will be enabled from 24th January 2024. If you are blocked on the migration because of this, please reach out to support and we will extend the deadline for your project.

You don’t need to change anything in your application, except for the URL. The pooler connection string is available in the database settings in your dashboard.

For example, if you use PgBouncer to connect:


_10
import { drizzle } from 'drizzle-orm/postgres-js'
_10
import postgres from 'postgres'
_10
import { users } from './schema'
_10
_10
// probably an env var
_10
const connectionString = 'postgres://user:[YOUR-PASSWORD]@db.[YOUR-PROJECT-ID].supabase.co:6543/postgres'
_10
const client = postgres(connectionString)
_10
const db = drizzle(client);
_10
_10
const allUsers = await db.select().from(users);

you just need to update the connection string to:


_10
import { drizzle } from 'drizzle-orm/postgres-js'
_10
import postgres from 'postgres'
_10
import { users } from './schema'
_10
_10
// probably an env var, get the exact connection string from the database settings page
_10
const connectionString = 'postgres://[db-user]:[db-password]@aws-0-[aws-region].pooler.supabase.com:6543/[db-name]?options=reference%3D[project-ref]'
_10
const client = postgres(connectionString)
_10
const db = drizzle(client);
_10
_10
const allUsers = await db.select().from(users);

PgBouncer and IPv4 deprecation timeline

PgBouncer will be available to use along side Supavisor until January 31st 2024.

The full timeline is:

  • 27 September 2023: Supavisor is available for all new projects.
  • 15 October 2023: Supavisor will be available for all projects, including existing projects. We will notify you via email when it is enabled for your project. PgBouncer is officially deprecated after this date.
  • 15th January 2024 26th January 2024: You will need to start using Supavisor before then.
  • 29th January 2024: Your Supabase database domain (db.projectref.supabase.co) will start resolving to IPv6 addresses. PgBouncer will be removed. Projects will be migrated over starting this day. No changes are required if your network supports communicating via IPv6. If it doesn't, update your applications to use Supavisor which will continue to return IPv4 addresses.

You will receive deprecation notices throughout November, December, and January.

FAQs

Do I need to change anything if I use supabase-js?

For projects which only use the database REST API provided by PostgREST (via supabase-js) there is no action needed.

Will Supabase APIs also be switched to IPv6?

projectref.supabase.co will continue to return IPv4 addresses. Only the database domain db.projectref.supabase.co will return a IPv6 address.

How do I know if my network supports IPv6?

Check if you are able to request your IPv6 address via curl -6 https://ifconfig.co/ip

What do I do if I have issues switching?

If you have issues with Supavisor please contact support!

Can I pay for a IPv4 address to directly access the database via IPv4 instead of going through Supavisor?

You can purchase the IPv4 addon for 4$/project in the project add-on page here. PGBouncer will still be removed for users with the IPv4 add-on.

Can I use PgBouncer and Supavisor at the same time?

While we are providing the ability to use PgBouncer or Supavisor during this migration you cannot use both at the same time. With the default configuration using both will exhaust your database connections because they both will try and spin up a connection pool.

The solution is to temporarily increase your databases connection limit with a custom Postgres config to accommodate both connection pools.


_10
supabase --experimental --project-ref <project-ref> postgres-config update --config max_connections=120

How can I tell if I need to make a change?

If the URL you use to connect to your Supabase Database looks like this, you're using the API, and no changes are necessary:

https://[YOUR-PROJECT-ID].supabase.co

If the URL you use to connect looks like either of these options, you're already using Supavisor, and no further changes are necessary:

postgres://[db-user]:[db-password]@aws-0-[aws-region].pooler.supabase.com:6543/[db-name]?options=reference%3D[project-ref] or postgres://[db-user].[project-ref]:[db-password]@aws-0-[aws-region].pooler.supabase.com:6543/[db-name]

If the URL you use to connect looks like this, you are using pgBouncer, and you need to upgrade (notice port 6543):

postgresql://[db-user]:[db-password]@db.[project-ref]supabase.co:6543/[db-name]

If the URL you use to connect looks like this, you are connecting directly, and will either need to be able to connect via IPv6, OR you will need to update to the Supavisor URL:

postgresql://[db-user]:[db-password]@db.[project-ref].supabase.co:5432/[db-name]

How will I know if my project has been migrated to IPv6?

In the database settings page, the label when connection pooling is disabled, reads Will resolve to IPv6 if your project has not been migrated. If your project has been migrated to IPv6, it reads `Resolves to IPv6'.

What are the errors that I might see when connecting to the database if my network doesn't support IPv6?

The error thrown will depend on how you are connecting to the database. Here are some examples of error messages you might see

  • (dial tcp [2001:db8:3333:4444:5555:6666:7777:8888]:5432: connect: no route to host)
  • connect to db.example.supabase.co (2001:db8:3333:4444:5555:6666:7777:8888) port 5432 (tcp) failed: Network is unreachable
  • could not translate host name "db.example.supabase.co" to address: nodename nor servname provided, or not known
  • ENETUNREACH 2001:db8:3333:4444:5555:6666:7777:8888
  • Error: P1001: Can't reach database server at db.example.supabase.co:5432
  • (2001:db8:3333:4444:5555:6666:7777:8888), port 5432 failed: could not create socket: Address family not supported by protocol

Note that these errors may manifest in cases other than your client network not supporting IPv6, but if you run into these errors after your project was migrated, it is likely that it is due to IPv6 support.

How will I know if PgBouncer has been removed from my project?

The database settings page does not show PgBouncer connection settings. If you see a warning label called PgBouncer pending removal, it means that PgBouncer has not been removed from your project. If you see no such label, PgBouncer has already been removed from your project.

Does Supavisor support prepared statements?

Prepared statements are supported with session mode. You can change your pool mode to session in your dashboard.

You can also use a session mode pool with your Supavisor pooler url and port 5432 (vs 6543). If you need to run something using prepared statements while your production application uses transaction mode you can use this port to do that.

Initial support for prepared statements with transaction mode landed but some bugs were found and should be fixed shortly.

What do I do if I am using Prisma?

If you are using Prisma, please check out our updated Prisma Guide for instructions on how to configure your connections for both querying and migrations.

How do I update my Vercel Supabase integration?

The environment variables POSTGRES_URL and POSTGRES_PRISMA_URL point to Supavisor and POSTGRES_URL_NON_POOLING points to Supavisor in session mode. Redeploy your Vercel application to pick up the latest environment variables. This is required since Vercel does not support IPv6.

How do I use direct database connections in my Vercel application instead of using the connection pooler?

Enable the IPv4 add-on. Set the direct connection url as a environment variable not managed by the Supabase integration. You can now use the environment variable in your application.

Do I need to make any changes if I am using the CLI?

If you are using a version before 1.136.3, please upgrade to a later version of the CLI and run supabase link. If you haven’t run supabase link since 1st January 2024, please run it again after upgrading. This will enable the CLI to communicate to the database from IPv4 only environments because the communication happens via Supavisor. This change is required if you are using from the CLI from an environment without IPv6 support, like Github actions or possibly from your home network.

Special Considerations for .NET users using npgSQL

You will need to add Pooling=false to your Supavisor connection string.

Why can't I upgrade my database version anymore?

We are in the midst of transitioning all projects to IPv6. As part of this process, If your project is still being assigned an IPv4 address then pg_upgrade will be temporarily disabled for your project until the transition is completed.

pgvector v0.5.0: Faster semantic search with HNSW indexes

pgvector v0.5.0 adds Hierarchical Navigable Small World (HNSW), a new type of index that ensures lightning-fast vector searches, especially in high-dimensional spaces and embeddings.

Blog post

Day 1 - Hugging Face is now supported in Supabase

We are all about open source collaboration, and Hugging Face is one of the open source communities we admire most. That’s why we've added Hugging Face support in our Python Vector Client and Edge Functions (Javascript).

Day 2 - Supabase Local Dev: migrations, branching, and observability

The CLI received some serious upgrades including observability tools, streamlined backups, and enhanced migrations. But that's not all – the big game-changer is the introduction of Supabase branching which we’re rolling out to selected customers.

Day 3 - Supabase Studio 3.0

Supabase Studio brings some huge new features, including AI SQL editor, Schema diagrams, Wrappers UI, and a lot more!

Day 4 - Supabase Integrations Marketplace

With the release of OAuth2 applications, we've made it easier than ever for our partners to extend the Supabase platform with useful tooling.

Day 4 - Vercel Integration 2.0 and Next.js App Router Support

The New Supabase x Vercel integration streamlines the process of creating, deploying, and maintaining web applications with several enhancements. Plus, it fully supports the App Router in Next.js ▲

Blog post

Day 5 - Supavisor: Scaling Postgres to 1 Million Connections

Supavisor is a scalable, cloud-native Postgres connection pooler written in Elixir. It has been developed with multi-tenancy in mind, handling millions of connections without significant overhead or latency. We’re rolling it out to every database on our platform.

Community Highlights from the past 4 months

Launch Week is an event for our community, so it’s a good time to look back at what happened in the last months (spoiler: a lot).

Blog post

HIPAA and SOC2 Type 2

Supabase is officially SOC2 Type 2 and HIPAA compliant! In this write-up, we offer insights into what you can expect if you’re planning to go through the same process.

Blog post

More product announcements

Shipping doesn’t stop here at Supabase! We are back in full shipping mode and already thinking about the next LW. These are some of the things we’ve been working on:

We’re fixing the billing system at Supabase - moving from “project-based” to “organization-based”. We should have started with this model, but I wasn’t wise enough to know that when we started. We need to make these changes to roll out Preview Environments / Branching. It also includes:

  • long-requested project transfers between organizations
  • An extra 1GB egress on the Free Tier
  • Consolidated invoices
  • Self-serve Team plan
  • Updates for branching
  • No more “upfront” charges for Database Compute Addons

See all changes in the blog post

Free plan

First, and most importantly - there is only one change that affects the free plan, and that is a good one for you: you now an extra 1GB of egress.

Usage ItemOld plan (per project)New plan (org based)
Egress4GB - (2GB Database + 2GB Storage)5GB across Database + Storage
Database Space500MB500MB
Storage Space1GB1GB
Monthly Active Users50K50K
Edge Function Invocations500K500K
Edge Function Count1010
Realtime Message Count2 million2 million
Realtime Peak Connections200200
2 free projects2 free orgs (1 free database per org)

On top of an extra 1GB of egress for free, now that egress is unified across your org it means that if you aren’t using Supabase Storage, you get even more Database Egress (5GB instead of 2GB previously)

If you are currently running 2 free projects however, this does require some work from you. Because we are now working on an Org-level, instead of Projects, you will need to:

  1. Create a new “Free org”
  2. Transfer one of your free projects into the newly-created org

This should be done before the end of October, but don’t worry - we’ll give you frequent comms and clear instructions once the change has been rolled out (4th Sept).

Other changes

We’ve made a lot of improvements to the billing system. Read the full announcement on our blog or dive into the related docs for more details.

Help, my bill increased!

This is a major change, and we've tried to design it in a way that's cheaper for everyone. If your bill has increased as a result of this change, that's not our intention. Please submit a Support ticket on the dashboard and we'll figure out a solution.

Please keep this discussion on topic

We welcome any questions/feedback about this change, but please keep this discussion focused only on this change! It's important for those who want to learn more or are confused. If you have something off-topic, please open a new discussion or join an existing discussion

Native Mobile Auth Support for Google and Apple Sign in

Supabase Auth now has full native support for Sign in with Apple and Google, which means it can now be used with one-tap sign in methods like Sign in with Apple JS, Sign in with Google for Web, or even in Chrome extensions.

Learn more

Supabase CLI: what is new?

It’s been a busy month for the Supabase CLI. We have added a tonne of new features:

See all updates

Revamped billing experience

We have made huge improvements to the billing tooling inside Supabase Studio, including:

  • Easy monitoring of current usage, overage, and plan limits.
  • Streamlined subscription management for upgrades or downgrades.
  • Detailed usage billing breakdowns and compute instance specifications.
  • And more!

New subscription page | New usage page

Login with Kakao

Added the popular social platform Kakao as new social provider. Allow your users to effortlessly sign in using their Kakao accounts and make authentication a breeze while expanding your app's reach to a wider audience.

Login with Kakao

Quick product updates

  • [Postgres Tooling] Implemented parallel Index build in regular and recovery state into OrioleDB. [PR]
  • [Edge Functions] Edge Functions troubleshooting guide. [Doc]
  • [Storage] Object id is now returned in the response when uploading an object. [PR]
  • [Realtime] A new debugging tool to test your realtime endpoints together with your JWTs and Row Level Security policies. [Realtime Inspector]
  • [Docs] A full guide on database partitions for developers looking to scale up. [Guide]

Launch Week alert: save the date

Supabase Vector: the open source Vector Toolkit for Postgres

Storing vector embeddings in Postgres with 'pgvector' is becoming increasingly popular for AI applications, so we're building out a collection of tools to store, index, and query embeddings at scale.

Supabase Vector

Vault is now available for all projects

Vault is a Postgres extension and accompanying Supabase UI that makes it safe and easy to store encrypted secrets and other data in your database.

Learn how to use Vault

Auth Helpers now include server-side Auth and full support for the Next.js App Router

We have updated the Next.js Auth Helpers package to make it available across the client and server of the App Router. They also now implement server-side auth by default with PKCE - meaning the entire auth flow is now possible server-side.

Updated docs

Video course

Improving our dashboard with user feedback

As we plan the next few months of Dashboard development, we're reaching out to users to see all the different ways people use the Dashboard in their work.

Last month, we opened up a public RFC for the Dashboard SQL Editor. It's been amazing to see how people use this tool to build their projects. If you're a heavy user of the SQL Editor, we'd love to get your feedback.

We also started doing user interviews to understand how users use the Dashboard. Our goal is to build the best possible Dashboard for all of our users, and you can help! Reach out to Terry you would like to share your experience.

Quick product announcements

  • [Auth] You can now use Turnstile as a Captcha provider. Doc

  • [Auth] How to send a password reauthentication nonce. Doc

  • [Dashboard] Supabase Wrappers UI that supports pulling data in from Firebase, Stripe, S3, and Clickhouse. Create a Wrapper

  • [Edge Functions] Support for deploying all Edge Functions via CLI. Doc

  • [Edge Functions] Custom domains and vanity domains support for Edge Functions. PR

  • [Storage] Image Transformation is now out of Beta. Doc

  • [Postgres Extensions] pg_cron 1.5.2 (new projects only) now supports sub-minute schedules. PR

New Integrations, templates, and examples

Day 1 - Supabase Logs: open source logging server

Logflare is the hub of analytics streams for Supabase. We are open sourcing it so that you can self-host your own Logging infrastructure.

Blog Post Video overview

Day 2 - Supabase Edge Runtime: Self-hosted Deno Functions

You can now self-host Edge Functions and run them in local development using our new Edge Runtime. We published a guide showing how to self-host Edge Functions with Fly and what more is coming ⚡

Blog post Video overview

Day 3 - Storage v3: Resumable Uploads with support for 50GB files

Supabase Storage received many of the most requested features from our users: Resumable Uploads, Quality Filters, Next.js support, and WebP support.

Blog post Video overview

Day 4 - Supabase Auth: SSO, Mobile, and Server-side support

On day 4, we introduced SSO with SAML 2.0, PKCE, and Sign in with Apple for iOS. It felt like acronym day, but it was actually Auth day!

Blog post Video overview

Day 5 - Supabase Studio 2.0 with new AI features

Supabase Studio got a major upgrade that goes from redesigns to improved developer experience, and new tools. We have the features people have been asking for and new capabilities that will change the way you work.

Blog Post Video overview

Introducing dbdev: PostgreSQL Package Manager

database.dev fills the same role for PostgreSQL as npm for JavaScript or pip for Python, it enables publishing libraries and applications for repeatable deployment. Our goal is to create an open ecosystem for packaging and discovering SQL.

Blog post

More product announcements

  • Trusted Language Extensions for Postgres. [Blog post]
  • What's New in pg_graphql v1.2. [Blog post]
  • GitHub Discussions are now a new knowledge source for search & AI (Troubleshooting category only for now). [Check it out]
  • New API report with routing information for each chart, making it easier to debug API calls.  [PR]
  • Storage permission changes: the developer role is now allowed to update the storage settings (previously was only owner and admin). [PR]

GraphiQL editor in the dashboard

The most popular GraphQL IDE/API explorer is now built into the dashboard! You can now explore and query your GraphQL API produced by pg_graphql.

Try it now.

We've updated our Docs search functionality to use pgvector + OpenAI. Still no cease and desist from Microsoft, so you can continue to ask Clippy any Supabase-specific questions 📎💚

Ask Clippy.

Serve all the functions!

Do you use multiple Edge Functions in your project? Then celebrate! Supabase CLI 1.36+ now supports serving multiple Edge Functions at the same time.

To enable the feature, just run supabase functions serve in your project.

Check the docs.

Smaller Postgres docker images for everyone

We rewrote the Postgres Dockerfile with multi-stage builds so that each extension is compiled in its own separate stage. This reduces the size of the image from 1.3GB to 250MB, enabling a much faster boot time.

See it yourself

New UI for Postgres Roles

We've improved database role management. You can create, update, and delete database roles through the dashboard. Just one small step towards column-level security

Check it out.

API docs in the table editor

API docs got a light touchup and were moved to the table editor. You can now look up API methods and generate & download type files right there ✨

Check it out.

Quick product updates

  • Postgres Extensions: We're rolling out some fixes for several Postgres extensions. Check your Dashboard notifications to see if you need to take any actions.

  • Auth: Added full OpenAPI 3.0 spec which provides a comprehensive overview of the API with documentation on each request. PR

  • Database: supabase-js now infers the response type from your query. If the inferred type is incorrect, you can use .returns<MyType>() to override it. Doc

  • Dashboard: Improved database roles management, you can now create, update and delete database roles through the dashboard. Dashboard

  • Dashboard: We've provided a reference panel showing all available paths that can be queried from each respective source that improves the Logs Explorer experience. Dashboard

- Edge Functions: upgraded to Deno 1.30.3, that supports TypeScript 4.9.x and introduces satisfies. Thanks to Benjamin Dobell 🙏. PR

  • Realtime: Broadcast only primary key(s) for deleting records when RLS is enabled and replica identity is full. PR

The first month of the year was very productive here at Supabase. Here is a highlight of what we shipped during January:

Storing OpenAI embeddings in Postgres with pgvector

pgvector is a popular PostgreSQL extension for storing embeddings and performing vector similarity search. It was one of the most requested extensions by the AI/ML community and is now available thanks to gregnr.

Read the announcement

Meet Supabase Clippy: ChatGPT for Docs

Greg wasted no time and took pgvector for a spin, he combined it with OpenAI to build Supabase Clippy, a next-generation doc search. The first implementation is a 1-week MVP and fully open source, so you can build on top of it.

Client library reference: Python and C#

We have released extensive reference docs for C# and Python, detailing every object and method. What are you going to build?

pg_graphql now supports Views, Materialized Views, and Foreign Tables

Views, Materialized Views, and Foreign Tables are three database objects that provide a powerful way to access and organize and transform data without duplication.

Read the docs

Automatic WebP detection for Image Transformation

WebP is a modern image format that provides superior lossless and lossy compression for images on the web. We are enabling format conversion by default for anyone who has Image Transformations. You can opt out by including format: origin in the transformation parameters.

Read the docs

Quick product updates

-  Postgres Extension: Another powerful and time-tested extension, pg_repack, is added to Supabase. [PR] - Auth: Multi-tab session support using the new browser BroadcastChannel API. If a user logs out on one tab, they will now be logged out on all tabs. [PR] - Postgres: Superior speed with lz4 database compression. [PR] - Postgres: Use ICU locales and collations for text attribute ordering in database queries. [PR] - Docs: New guide on scheduling functions with pg_cron. [Guide] - Edge Functions: You can now download source codes of deployed edge functions from the CLI. [Doc]

Launch Week 6 is just around the corner! We’re saving most of November’s updated as a surprise for Launch Week, but we still had time to ship some goodies this month.

Launch Week 6 tickets

Next week, we go all out for LW6. It’s 5 days of shipping, including major features requested by the community. You don’t want to miss a thing, so make sure to claim your free ticket (and you might win some very special SupaSwag).

Get your ticket

Remix Auth Helpers

It’s here! The much-awaited Remix Auth Helpers make server-side auth even easier and with a better experience. Up to date with supabase-js V2 and can be used with Typescript.

Read the docs

Edgy Edge Functions

We launched a new YouTube series, Edgy Edge Functions, where we take a deep look at a new function every week.

Plus, we published three new functions examples: Generate OG Images, Build API servers using Oak, and Generate Screenshots using Puppeteer.

Quick product updates

  • NextAuth Supabase Adapter. Docs. This allows you to run NextAuth as your authentication server while storing user and session data in a dedicated next_auth schema in your Supabase Database. Complete with support for RLS. Do note that NextAuth is a standalone Authentication server that does not interface with Supabase Auth and therefore provides a different feature set.

  • Fixed two issues with the supabase.auth.signOut function: cookies not clearing properly and session not removed.

  • You can now customize magic links by providing access to the {{ .TokenHash }}. PR

  • Now you can do redirects from your functions. PR

  • Conda support (conda install -c conda-forge supabase and everything else in py)

supabase-js v2 and supabase-flutter v1 released

The new versions of our two most popular SDKs have been fully released. It couldn’t have happened without our amazing community, thanks to everyone involved. Now, it’s time to build 🛠

Try supabase-js V2

Try flutter-supabase V1

New Next.js quickstart & Next.js 13 example

Next.js is all the rage right now 🔥 

Next.js Conf raised the bar for dev conferences. We had the honor of being a Gold Sponsor, so we revamped our Next.js Quickstart guide to include our pre-built Auth UI and Auth Helpers.

And Next.js 13 was announced! Making it extremely easy to fetch and cache data from our Serverless API. So we put together an example to try it out.

Supabase Auth and Server-Side Rendering

The Auth team published an in-depth doc explaining how Supabase Auth supports server-side rendering. Includes an explanation of the authentication flow and answers to some of the more common questions.

Read the docs.

Database Testing with pgTAP

Do you have 100% code coverage? Probably not, because that’s usually the last thing you think of, but definitely not if you don’t have database tests. We just shipped a framework for Database Tests which makes it incredibly easy to test your database using pgTAP an pg_prove.

Read the docs.

Edge Functions Update

Functions now support GET requests! Other HTTP verbs such as PUT, PATCH, and DELETE are supported too.

Check this example

Quick Product Updates

  • supabase-py 🐍 now has functions support! PR
  • You can now detect users’ location from Edge Functions easily by using X-Forwarded-For header. Example
  • Return provider_refresh_token along with provider_access_token. PR
  • Added a refreshSession method to allow users to forcefully refresh a session instead of waiting for it to autorefresh upon expiry. Thanks to @j4w8n for the PR 🙇🏻‍♂️
  • Logging: realtime, storage, postgrest, and pgbouncer released.
  • Trigger a file download by adding the download query parameter to your storage objects. storage-api. PR

Kaizen Week

We did something a bit strange during September - we didn't work on features. Quite the opposite. After Launch Week we did three subsequent weeks of Kaizen, a term we use internally to deliver constant and incremental improvement. Each week had a different focus:

  • Week 1: QA and testing
  • Week 2: Documentation
  • Week 3: Issue Backlog and Automation

It's pretty rare for a company to stop feature development altogether, but luckily we're just a bunch of developers so we all know the pain of technical debt. After 5 Launch Weeks, working on testing and backlogs feels like a bit of a relief.

We saw a lot of progress across our Open Issues - closing over 250 issues and 50 Pull Requests.

Auth UI on Product Hunt

We launched the new Auth UI on Product Hunt! Auth UI is a pre-built React component for authenticating users with Supabase Auth. It supports custom themes and extensible styles to match your brand and aesthetic.

Check out the launch.

Postgres WASM

If you've ever wondered, "can I run Postgres inside a browser, using an embeddable Linux Virtual Machine?", wonder no longer. With our friends at Snaplet, we've released an open source Postgres WASM.

Read the blog post
Comment on Hacker News
Visit the repo: Snaplet | Supabase

Security updates

We're making some changes to the way the Dashboard interacts with your database. These changes simplify the database permissions so that it's easier for you to migrate in and out of Supabase, and they reduce the security surface area considerably. The change will be applied automatically in November, or you can run it today via the Dashboard.

Review the Security Notice.

Quick product updates

  • Edge functions free plan script size is bumped to 2 MB
  • functions-go was just contributed to supabase-community by Zain Khan
  • A new guide to add captcha to your sign-in, sign-up, and password reset forms
  • New Postgres Extension for monitoring your PostgreSQL database network traffic: pg_netstat
  • Added docs for how caching works in Supabase

Security Patch Notice

To better secure your Supabase server instances, we will be removing superuser access from the dashboard SQL Editor over the next 30 days. Existing projects with tables, functions, or other Postgres entities created via the dashboard SQL Editor require a one time migration to be run. This migration should take less than 10 seconds to run but since it modifies your existing schema, we will be rolling out this change over a buffer period to minimise breakages.

Opt-in Period: 5 Oct - 5 Nov

During the opt-in period, a notification will be delivered to all affected Supabase projects. The notification contains instructions to manually apply the migration. If you have separate staging and production Supabase projects, apply it on the staging project first to verify everything is working as expected.

If you only have one Supabase project, try to avoid hours of high application traffic when applying the migration to minimise potential downtime. If you notice elevated error rates or other unusual activities after migrating, follow the rollback instructions to revert the change. Both apply now and rollback actions are idempotent. If you encounter any problems during migration or rollback, please contact [email protected] for further assistance.

For paused projects, applying now will schedule the migration script to run the next time your project is restored. We suggest that you restore your project immediately to verify that everything works or rollback if necessary. If you project is in any other states, please contact [email protected] to bring it to an active healthy state before continuing with the migration.

After successfully applying the migration, all entities you have created from the dashboard's SQL Editor will be owned by a temporary role. These entities are currently owned by supabase_admin role by default. You can check the current owner of all your schemas using the query below.


_10
select *, nspowner::regrole::name from pg_namespace;

New entities created via the SQL Editor will also be owned by this temporary role. Since the temporary role is not a superuser, there are some restrictions with using the SQL Editor after migrating. If you are unsure whether those restrictions affect your project, please contact [email protected] for assistance.

After 5 Nov

After the opt-in period, you will receive another notification to drop the temporary role and reassign all entities owned by the temporary role to postgres role. The SQL Editor will also default to using postgres role. New projects created after 5 Nov will also default to using the postgres role. Since this change is irreversible, it is crucial that you run the migration during the opt-in period to verify that your project continues to work.

For any projects not migrated after 5 Nov deadline, we will run the migration on your behalf to reassign all entities to postgres role. No temporary role can be used for rollback. If you notice any breakages then, please do not hesitate to contact [email protected].

Restricted Features

After revoking superuser access, you will not be able to perform the following actions through the dashboard SQL Editor.

Managing Event Triggers

You will no longer be able to create, alter, or drop event triggers directly through SQL statements.

Event triggers can only be created by superusers and you will not be able to manage them after the migration. One exception is Postgres extensions. When toggling extensions, they can still create or drop event triggers as needed.

If you are currently using custom event triggers, please contact [email protected] to explain your use case. We will try our best to figure out an alternative for your project. Note that regular triggers are unaffected by the migration.

Restricted use of Supabase schemas

You will no longer be able to: create, alter, or drop tables, views, functions, triggers, sequences, and other entities in Supabase managed schemas, including extensions, graphql, realtime, and supabase_functions.

Supabase managed schemas are used to support platform features for all projects. Entities in these schemas are owned by supabase_admin role to prevent users from accidentally overriding them and breaking platform features. Unless explicitly granted, non-superuser roles cannot manage entities in Supabase managed schemas after the migration.

If you think modifying these schemas is necessary for your project, please contact [email protected] to explain your use case. We will try our best to accommodate your use case using alternative suggestions.

Entities in auth and storage schemas have been explicitly granted all permissions to postgres role. Therefore, you can still manage these schemas directly through SQL statements. If you have existing triggers created on these schemas, they will continue to work as well.

All user defined schemas and the public schema will be owned by postgres role after the migration. Therefore, you should be able to manage entities in those schemas directly through SQL statements. One exception is if you have manually changed the owner of specific schemas before. In that case, you can either reassign their owner to postgres role manually or leave them untouched. Please reach out to [email protected] if you are unsure what to do.

Managing RLS Policies on Supabase schemas

You will no longer be able to create or drop RLS policies on entities in Supabase managed schemas.

RLS policies can only be created or dropped by entity owners or superusers. After the migration, you can’t manage RLS policies in Supabase managed schemas through the SQL Editor. If you need to expose certain tables in realtime schema to anon or authenticated users, one way is to create a view in the public schema using the postgres role.

RLS policies in auth, storage, public, and all user defined schemas can still be managed directly through SQL statements. Unless you have policies that check for supabase_admin role, all existing RLS policies should be unaffected by the migration.

Restricted use of Role Attributes

You will no longer be able to alter role attributes of replication, superuser, and reserved roles directly through the SQL Editor.

Only superuser roles can alter attributes of other superuser and replication roles. Reserved roles include anon, authenticated, postgres, service_role, etc. After the migration, you will not be able to change attributes of these roles directly through SQL statements. You can still alter attributes of other roles created by yourself, except to elevate those roles to superuser or replication.

Some common attributes that can’t be changed include password, login, and bypassrls. Here are some known workarounds:

  1. To change your postgres role password, you can do it via dashboard settings page.
  2. If you need to run one-off scripts that bypass RLS, you can use the provided service key.
  3. If you are pushing schema migrations from CLI, superuser privilege is no longer required as all entities are owned by postgres role after the migration.
  4. Migrating between projects no longer requires superuser privilege.

Update 26/10/22

A number of users reported the following error accessing the dashboard restoring a paused project.


_10
Error: [500] failed to get pg.tables: password authentication failed for user "postgres_temporary_object_holder"

It is due to a bug in the restore script that we have since fixed. If you are still experiencing this issue, you may pause and restore the project again to fix it manually. If that fails, please don't hesitate to contact [email protected].

Update 03/11/22

We will be adding additional privileges to the postgres role to do the following actions, which otherwise can only be done by a superuser:

  • manage the bypassrls role attribute
  • set the session_replication_role runtime config

Update 28/12/22

  • TimescaleDB extension fails to toggle (we can enable manually via support)
  • Custom security definer functions will run as non-superuser (only affects extensions schemas owned by supabase_admin)

System updates

All projects

New projects

  • PostgreSQL updated to v14.1

Manual Changes Required

Update custom auth functions

Details

The PostgREST release notes document some changes to the way GUC variables are handled here.

Supabase has created a config flag in the Dashboard to ensure that this will not be a breaking change. These changes are required before you can upgrade to PostgreSQL 14+, or use Realtime RLS.

Supabase has already updated all the default auth functions (auth.uid(), auth.role() and auth.email()), however we have no way of updating functions which we have not written ourselves.

Affected

  • Any project that have custom auth functions or generally any function that use legacy GUC naming convention to access JWT claims (eg current_setting('request.jwt.claims.XXX', true).
    • This change is required for PostgreSQL 14+.
    • This change is required for Realtime row level security

Unaffected

  • New projects
  • Existing projects who haven't written custom auth functions.

How to update

You need to update all functions that are using the legacy GUC naming convention (current_setting('request.jwt.claims.XXX', true)) to use the new convention (current_setting('request.jwt.claims', true)::json->>'XXX').

After you have made this change, you can safely

Example

For example, Supabase rewrote the auth.role() functions like this, to handle both legacy and new:


_19
-- PREVIOUSLY
_19
create or replace function auth.role()
_19
returns text
_19
language sql stable
_19
as $$
_19
select current_setting('request.jwt.claim.role', true)::text;
_19
$$;
_19
_19
-- UPDATED FUNCTION TO HANDLE NEW GUC NAMING SCHEME
_19
create or replace function auth.role()
_19
returns text
_19
language sql stable
_19
as $$
_19
select
_19
\tcoalesce(
_19
\t\tcurrent_setting('request.jwt.claim.role', true),
_19
\t\t(current_setting('request.jwt.claims', true)::jsonb ->> 'role')
_19
\t)::text
_19
$$;

Three new Auth providers, multi-schema support, and we're gearing up for another Launch Week. Let's dive into what's been happening at Supabase during the month of October.

This is also available as a blog post and a video demo.

Slack, Spotify, and MessageBird logins

Thanks to @HarryET and our friends at MessageBird we have 3 new Auth providers this month: Slack, Spotify, and MessageBird phone logins.

supabase-auth-slack

Multi-schema support

Dashboard

Browse data in any database schema using the Schema switcher in the Dashbaord.

multi-schema

API

You can access any schema with your API, after enabling access in the Dashboard. Docs.

supabase-multi-schema-support

Fresh Docs and Guides

We have a TON of new guides, with videos too.

Database Functions

Learn about PostgreSQL Functions. Docs.

https://youtu.be/MJZCCpCYEqk

Auth Overview

Learn about all the exciting feature of Auth within Supabase. Docs.

https://youtu.be/6ow_jW4epf8

API Features

Learn more about the power of PostgREST for RESTful APIs. Docs.

https://youtu.be/rPAJJFdtPw0

And more

Community

There was a lot of activity this month.

Supabase at Jamstack conf

Supabase attended the Jamstack conf. Watch us catch up with Matt, the cofounder of Netlify (minute 8).

https://youtu.be/phC14xfwvjc

Supabase at Next.js conf

And Jon made a guest appearance at this year's amazing Next.js Conf.

https://youtu.be/GpXEMB1pDRE

Community Highlights

  • Vue 3 | Workout Tracker App - John Komarnicki video
  • Adalo + Supabase - Flywheel Media video
  • Nuxt 3 Beta + Supabase - BenCodeZen video
  • Made With Supabase (now on Nuxt 3) - Zernonia site
  • Nuxt 3 + Tailwind + Supabase - Ekene Eze video
  • SQL Functions - Răzvan Stătescu article
  • supabase-py v0.0.3 released - repo
  • nuxt-supabase v2.2.1 released - repo
  • vue-supabase v2.2.3 released - repo

GitHub

We hit 20K stars!! 21,268 to be exact: github.com/supabase/supabase

stars

Source: repository.surf/supabase

Check out some of our other community stats in our latest Series A Blog Post.

Coming Next: Launch Week III

We had Launch Week numero uno in March, and the sequel "Launch Week II: the SQL" in July.

Now we're going even bigger with the third installment: Launch Week III: The Trilogy. Join us on 29th November on our Discord.

Did you know it's been 2 years since the first commit to Realtime, our real-time engine for Postgres? Before we even existed as a company!

We spent this month improving docs and content content, improving UX, and onboarding Developer Advocates!

Hackathon v2

To kick off Hacktoberfest, another Supabase Hackathon is happening right now. You've got another 7 days to be in to win a limited edition t-shirt.

Abort Requests

We added support for AbortController in our Javascript library so that you can abort long-running queries. [Docs]

Improved table management

We've made a number of changes to the Dashboard to expose some great features of PostgreSQL including:

Column types

We've improved the column Type field so that it supports your custom types.

Is Unique

We've made it simple to add a unique constraint.

Edit columns

By popular request, you can now view all columns in a table at a glance and edit them in bulk.

Cross-schema relationships

We updated our grid to support relationships across multiple schemas.

Improved Auth Docs

We've revamped the Auth docs - The docs are now broken down into Authentication and Authorization, and organized alongside our Deep Dive series.

Low Code demo

Low Code demo, Using Supabase with Clutch.io - @_dijonmusters ran a session at General Assembly showing how to use these two tools together to create apps using a low code approach. https://youtu.be/5fsKMTeBKKY

Community

There was a lot of new content this month.

Videos

Twitter

We hit 16.5k followers. Follow us there for advance frontend tips and 👁️⚡👁️

GitHub

Not far from 20K stars: github.com/supabase/supabase Source: repository.surf/supabase

Discord

Our Discord is growing fast. Come hangout with 3500+ developers building on Supabase today: discord.supabase.com

Hiring

We're Hiring SREs. We're fully remote and we love Open Source. See open roles.

Coming Next

We're warming up for another Launch Week! Last time was "Launch Week II: the SQL". We're going to need another month to come up with a good pun again, so we'll aim for November.

Get started

August Beta 2021

Sep 13, 2021

We've raised $30M and shipped a bunch of features. Let's dive into what's been happening at Supabase during the month of August.

This is also available as a blog post and a video demo.

We raised $30 million

We raised our Series A. We'll use the funds to do more of the same - ship features and hire open source developers. We'll release more details soon. Read more on TechCrunch.

Realtime Security, codename: WALRUS

If you've been waiting for Row Level Security to land in Postgres subscriptions, then you're going to love our new repo: Write Ahead Log Realtime Unified Security (WALRUS). The name might be a bit forced, but the security design is deliberate. It's not in production yet, but we're making the repo public for comments using an RFC process.

Custom SMS templates

If you're using SMS login in Auth v2, you can now customize the SMS which is sent to your users. Read more in the docs.

Dart and Flutter Docs

Thanks entirely to @dshukertjr, we now have in-depth reference Dart documentation for CRUD, Auth, Realtime and more!

We launched the South Korea region

We added another region for those wanting to host their data and APIs in Seoul. We now have 12 regions to choose from

Table creation is even easier

You can now create columns while creating your table. We've also added improvements for composite primary keys and foreign key creation.

Unbreakable CSV Imports

Our previous importer would choke on CSV files which were too large. Not any more!

Connection strings

We now provide a handy copy utility for various database connection strings because we were so tired of looking them up on Stack Overflow.

We released a primer on Row Level Security

RLS can be a bit foreign for developers getting started with Postgres. This video by @_dijonmusters demystifies it. If you find the video a useful medium for learning, consider subscribing to our channel.

https://www.youtube.com/watch?v=Ow_Uzedfohk

Community

We had a community Hackathon

We held a one-week async Hackathon. Check out all the winners - it was truly impressive what people were able to build in just 7 days.

We had a team Hackathon

The Supabase team didn't want to miss out on the fun so we held our own hackathon. It was a good way to dog-food. Some notable projects include

We hit 18,000 stars on GitHub, and got to the top of GitHub trending for Typescript.

repository.surf/supabase

If you want to keep up to date, make sure you subscribe to our YouTube channel or follow us on Twitter.

Dependency contributions

GoTrue (Auth)

PostgREST (APIs)

pg_net (Function Hooks)

Coming Next

Last December we moved from Alpha to Beta, with a focus on Security, Performance, and Reliability. After a couple of Launch Weeks pushing out new and sexy features, we have decided it's time to focus on these again.

By the time we're done, Supabase will be production-ready for all use cases.

Get started

July Beta 2021

Aug 12, 2021

Supabase is gearing up for another Launch Week on July the 26th. Until then, here's a few new things to try.

This is also available as a blog post and a video demo.

Launch Week II: The SQL

Following the success of our first Launch Week in March, we finished the July with "Launch Week II: The SQL". The community has been sieving through a slew of bad puns and retro memes to discover the new feature announcements.

Auth v2 with Phone Auth

Your users can now log in with SMS based mobile auth! We have a Twilio integration (Guide Here) and will be adding more providers soon.

Other Auth updating include, Twitch logins, and the ability to generate invite, recovery, confirmation, and magic links via the API, for people who want more control over the email templating flow. Read the blog post here.

Storage is now in Beta

Storage updates include Media Streaming, Public Buckets, Directory Uploads, and a Performance Improvements.

Streaming Media in particular opens up a whole new host of potential use cases, learn more about the updates here.

Dashboard v2

We made some major new additions to the dashboard including usage statistics, a new project home, and tons of database insights. Check the post here on what you get and how we built it.

We launched a Discord server

You'll find us hanging out regularly in the #hangout channel. We even "live-fixed" some production errors in there on Monday night (which occurred literally 1 hour before our first announcement of the week! Typical!). We're fast approaching 1,500 members so come and join the action! discord.supabase.com

PostgreSQL 13

All new Supabase projects will be launched with PostgreSQL 13.3, and we're working on a migration path for old projects. This gives you looooaads of new stuff out the box.

PostgREST v8.0

We worked with our friends at PostgREST to make some huge improvements. For those of you who don't know, every Supabase instance comes with a dedicated PostgREST server by default, which provides the auto-generated CRUD API that we wrap with supabase-js.

Flutter/Dart support

Our community driven libs for the fasted growing mobile and web framework are now in beta. Learn more by following the Quickstart guide.

Hackathon

We're running a week long hackathon starting NOW. There are some legit prizes, and you can win in a bunch of different categories. Check the full instructions here on how to participate. Submissions close next Friday at midnight PST.

Hooks & Functions

We made an announcement on the progress of functions, and even shipped a few preliminary components, try them out and give us feedback as we continue to move towards this next major milestone. Read the latest updates here.

Swag Store

Get your hands on some Supabase Swag, hand packed and mailed by our team based in Singapore.

Community

Supabase Github Star Growth 

If you want to keep up to date, make sure you subscribe to our YouTube channel or follow us on Twitter.

Coming Next

Security, stability, performance ... and Functions.

Get started

June Beta 2021

Jul 4, 2021

Supabase is gearing up for another Launch Week on July the 26th. Until then, here's a few new things to try.

This is also available as a blog post and a video demo.

Vercel integration

Vercel just released their new integrations, which means you can now deploy a Postgres database on Supabase directly from your Vercel account. Check it out! vercel.com/integrations/supabase

Discord logins are now available

Building a community? There's almost no better tool than Discord (we're even trialling it ourselves). If you're building a community product, Discord logins are the perfect option.

New Guides

We spent the month building up a new Guides section in our Docs. Here are a few highlights:

Ever wanted to build a Search Engine? We just released a guide which shows you how to implement Full Text Search using Postgres.

OAuth Guides

We released step-by-step guides to help you set up OAuth with Apple, Bitbucket, Facebook, GitHub, GitLab, Google, and Twitter.

Javascript + Postgres

Did you know that you can use Javascript inside your Postgres database? Here's how, with the plv8 extension.

Public Storage Buckets

Want to share all your favourite memes? Now it's even easier with Public Storage Buckets. Simply mark a bucket as "Public" and the content will be accessible without a login.

Storage upserts

Supabase Storage now supports upsert. Shoutout to @ankitjena for this Pull Request.

Server restarts

When things go wrong, sometime the best thing you can do is reboot. We released a restart button in the Dashboard, the first of many debugging tools we'll be releasing over the next few months.

Policy editor

We added a new Table Policy Editor which makes Row Level Security even easier. We even included a few templates to get you started.

Build in Public

We run a weekly 1-hour live stream where we build in public.

Community

If you want to keep up to date, make sure you subscribe to our YouTube channel or follow us on Twitter.

External contributions

PostgREST

  • Primarily for Prisma users, we patched PostgREST openapi-mode to ignore anon privileges for the OpenAPI output. Credit to @steve-chavez.

April Beta 2021

May 5, 2021

This month was a "gardening" month for Supabase. The team focused on stability, security, and community support. Check out what we were working on below, as well as some incredible Community contributions.

This is also available as a blog post and a video demo.

Light Mode

We're a developer tool, which means that Dark Mode is extremely popular.

While Dark mode is great, for some people it's not an option. Dark Mode is difficult to use for developers with astigmatisms, or even just working in brightly-lit environments.

So today we're shipping Light Mode. Access it in the settings of your Dashboard.

Translations

With the help of the community, we started internationalizing our main repository:

OpenAPI spec for Storage

We released Storage Api docs built using OpenAPI (swagger).

Stripe Sync Engine (Experimental)

We open-sourced a server which keeps any Postgres database in sync with Stripe. This is experimental only. We're evaluating other tools such as Singer, which provide a more general solution (but are less "realtime"), and we're opening it up here to gather feedback.

Community spotlight: Threaded comments

One of the most powerful Postgres features is "recursive CTEs" which can be used for nested items (comments, pages, friend-graphs). @lawrencecchen has built a full Threaded Comments demo which you can Deploy with a single click. Want to add comments to your blog with Full Text Search? Just use Postgres.

Community spotlight: SupaScript

It looks like @burggraf2 got tired of waiting for us to ship Functions, and decided to build a whole JS ecosystem within his Supabase database. If you want to write PG functions in JS, import remote libraries from the web, and console log to your browser, check out this SupaScript repo.


_18
// After installing:
_18
// https://github.com/burggraf/SupaScript#installation
_18
_18
/**
_18
* Get all users who logged in this week.
_18
* Use in the database: select * from users_this_week();
_18
* Use in the browser: supabase.rpc('users_this_week');
_18
*/
_18
create or replace function users_this_week()
_18
returns json as $$
_18
const moment = require('https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/moment.js', false);
_18
_18
const lastWeek = moment().subtract(7, 'days');
_18
const query = 'select * from auth.users where created_at > $1'
_18
const users = sql(query, lastWeek);
_18
_18
return users;
_18
$$ language plv8;

Community

Supabase Github Star Growth

Source: repository.surf/supabase

If you want to keep up to date, make sure you subscribe to our YouTube channel or follow us on Twitter.

Coming Next

You might have noticed our Dashboard slowly changing (improving), as we migrate the components out to our open source UI Library. This progression is an important step towards offering a UI for Local Development and Self Hosting.

We're also working on our Workflows engine. This is quite a large task, but we're making progress and aiming to ship sometime in July.

One more thing

We started hiring.

Get started

We've been building for 9 months now, are we're getting even closer to Beta.

This is also available as a blog post and a video demo.

Add users

You can now add users manually from your dashboard.

User admin

You can also perform admin functions on existing users - send password reset emails, magic links, and delete users.

Even more powerful SQL Editor

Last month we announced an improved SQL Editor, and this month we've taken it even further. The SQL Editor is now a full Monaco editor, like you'd find in VS Code. Build your database directly from the browser.

Status page

We added a Status Page which tracks the uptime and latency of the Supabase platform.

Kaizen

  • We completed a security audit by DigitalXRAID.
  • Email confirmations now enabled by default for signups.
  • Updated Benchmarking Suite to include more realistic workloads, on various different servers (results published soon).
  • You can now set/edit/remove Foreign Keys via the table editor.

We're now 8 months into building Supabase. We're focused on performance, stability, and reliability but that hasn't prevented us from shipping some great features.

This is also available as a blog post and a video demo.

Supabase.js 1.0

In the lead-up to our Beta launch, we've released supabase-js version 1.0 and it comes with some major Developer Experience improvements. We received a lot of feedback from the community and we've incorporated it into our client libraries for our 1.0 release.

Check out the blog post to learn more.

More powerful SQL Editor

Although it was only intended to be a temporary feature, the SQL Editor has become one of the most useful features of Supabase. This month we decided to make give it some attention, adding Tabs and making it full-screen. This is the first of many updates, we've got some exciting things planned for the SQL Editor.

Keyboard shortcuts for Power Users

For the heavy table editor users, we've gone ahead and added a bunch of key commands and keyboard shortcuts so you can zip around and manipulate your tables faster than ever.

One of the most requested Auth features was the ability to send magic links that your users can use to log in. You can use this with new or existing users, and alongside passwords or stand alone.

Kaizen

  • We have new and improved docs.
  • We converted realtime-js to TypeScript.
  • Dashboard Performance: we heavily optimised our dashboard routes.
  • With the help of the community, we closed a lot of issues during Hacktoberfest.
  • We have started benchmarking all the open source tools we use. We'll publish the results this month.

This is also available as a blog post.

Third-party logins

We've released OAuth logins! You can now enable third-party logins on your app for Bitbucket, GitHub, GitLab, or Google.

Clone tables

You can duplicate your tables, just like you would inside a spreadsheet.

Enable and disable extensions

Extensions are easier to use. You can enable Postgres extensions with the click of a button.

Save your favorite queries

The SQL editor now stores your query history in your browser. You can also save your favorite queries to run later!

GitHub Discussions

Supabase was given access to GitHub Discussions! This is the place for you to ask questions or show off what you've built with Supabase.

Kaizen

This is also available as a blog post.

We're 6 months into building our hosted database platform and we've made some major improvements to our auth system and table view.

Easily create tables

Set up tables and columns directly from the table view.

Invite your team

You can now invite team members to your organisation.

Auth: Email Confirmations

You can now enable Email Confirmations for new users. This can be toggled on or off and the template for this email can be edited via the dashboard.

Typescript support

The biggest communty contribution to date, @thorwebdev added Typescript support to Supabase. He even live streamed the process.

Kaizen

We have a number of small improvements:

Alpha July 2020

Aug 5, 2020

Supabase July Alpha Updates

This is also available as a full blog post with videos.

After 5 months of building, we're releasing one of our most anticipated features: Supabase Auth.

Auth

This month, we're ecstatic to announce a feature we think you'll love: Supabase Auth. It's too big to fit into a monthly update so look out for a full update in the next few days.

We want to make it easy to get started adding Auth to your app, so we've released a simple example and a video tutorial which shows you how to implement a basic auth system using PostgreSQL's Row Level Security.

Table Editor

We've made some massive improvements to our Table Editor that we're excited to share.

Relationship drill down

Last month we made it easy to drill into your table relationships. This month, we make it possible to drill multiple levels deep.

Add, delete, and download rows

We're making it easier to manipulate your data. Next month, you'll be able to add and remove columns directly from the Table view.

New Postgres Extensions

If you launch a new Supabase project, you'll have access to several new Postgres extensions:

  • pgsql-http: HTTP client for PostgreSQL, retrieve a web page from inside the database.
  • pgjwt: PostgreSQL implementation of JSON Web Tokens
  • plpgsql_check: a linter tool for language PL/pgSQL
  • pljava: write Java in your stored procedures, triggers, and functions

Kaizen

We have a number of small improvements:

  • Added Auth documentation to the auto-generated docs in each project
  • Added a new or filter to the client library
  • Table View now remembers which tabs you had open.
  • We have released a lot of new functionality to pg-api, a server for for managing Postgres internals via a REST interface.
  • Performance: the "flash of black" which was appearing on page transition is now gone

Alpha June 2020

Jul 2, 2020

Supabase June Alpha Updates

This is also available as a full blog post with videos.

We're now 4 months into building Supabase, which means another major update. Here's a few things we think you'll love in this release.

View relational data

We're sometimes asked how we will make Postgres as simple as Firebase, since Postgres is a relational database. This month we're making our first steps to prove that relational databases can be even easier to use than document stores. We're releasing an excel-like editing interface which can drill down into your relational data.

image

Manage JSON data

Postgres is an amazing database, giving the flexibility of a document store with the power of a RDBMS. If you use JSON data in Postgres, then we want to make that easy too. Supabase detects when your column is JSON or JSONB, and provides an easy way to edit and view your data. More improvements coming soon for this feature!

image

Choose your region

If you noticed a bit of latency on Supabase, it's because your projects were previously set up in Singapore. It was always our intention that you'd be able to choose your database region, and this month we've delivered it. In the next releases we'll even allow you to go multi-region, instantly replicating your database close to your customers.

image

Backups

A guiding principle at Supabase is zero lock-in. So this month we are exposing your daily database backups on the dashboard, giving you a simple way to migrate off Supabase. We have a lot more to build in this space (WAL-G!), so watch this space.

image

Build in a weekend, scale to millions