Hardik K

ohh okk no issues.

A lot of strong updates in this release cycle — especially around security posture, deployment workflows, and making Supabase more production-ready for larger teams. The change around new tables in the `public` schema no longer being auto-exposed to the Data API is probably one of the most important long-term improvements here. Requiring explicit grants by default is a much safer model and aligns better with least-privilege security practices. It reduces the chance of accidentally exposing internal tables through PostgREST or GraphQL simply because they were created in `public`. The new `@supabase/server` SDK also looks promising. Having a runtime-aware server SDK that standardizes auth handling, CORS, context injection, and client creation across Edge Functions, Vercel Functions, Bun, Deno, and Cloudflare Workers should reduce a lot of duplicated boilerplate and inconsistent server-side auth implementations. The branching improvements are also interesting from a developer-experience perspective. Removing the GitHub dependency for branching lowers friction significantly for teams that want database preview environments without tightly coupling everything to Git integrations. A few highlights that stand out technically: * Custom OAuth/OIDC provider support is a huge win for enterprise and regional deployments * ISO 27001 certification is important for teams with compliance/security requirements * Explicit Data API exposure controls improve default security posture * Terraform Edge Function resources help infrastructure-as-code workflows mature * OpenAPI FDW additions in Wrappers continue pushing Postgres as an integration platform * RSS/Markdown changelog feeds are surprisingly useful for automation + AI tooling workflows The Stripe Sync Engine move to the Stripe GitHub org also makes sense strategically. Having the integration maintained closer to the Stripe ecosystem should theoretically improve long-term ownership and domain expertise around billing synchronization. One thing that’s becoming increasingly noticeable is that Supabase is evolving from a “Firebase alternative” into a broader developer platform with: * infra tooling * compliance/security layers * AI integration workflows * server runtime tooling * database branching * enterprise auth support * operational tooling That shift is pretty significant. Related references: * [[Supabase Auth Docs](https://supabase.com/docs/guides/auth?utm_source=chatgpt.com)](https://supabase.com/docs/guides/auth?utm_source=chatgpt.com) * [[Supabase Edge Functions Docs](https://supabase.com/docs/guides/functions?utm_source=chatgpt.com)](https://supabase.com/docs/guides/functions?utm_source=chatgpt.com) * [[Supabase Branching Docs](https://supabase.com/docs/guides/deployment/branching?utm_source=chatgpt.com)](https://supabase.com/docs/guides/deployment/branching?utm_source=chatgpt.com) * [[OIDC Specification](https://openid.net/developers/how-connect-works/?utm_source=chatgpt.com)](https://openid.net/developers/how-connect-works/?utm_source=chatgpt.com) * [[ISO 27001 Overview](https://www.iso.org/isoiec-27001-information-security.html?utm_source=chatgpt.com)](https://www.iso.org/isoiec-27001-information-security.html?utm_source=chatgpt.com) Overall, this feels like a strong release month with a clear focus on production readiness, platform maturity, and developer workflow improvements.

This would be a really useful quality-of-life improvement for projects with multiple schemas. Right now, the table search being scoped only to the currently selected schema makes navigation noticeably slower once a project grows beyond a simple `public` schema setup. In larger applications, it’s common to organize tables across schemas for domains like: * `auth` * `billing` * `analytics` * `internal` * `storage` * `audit` * `multi-tenant` partitions In those cases, developers often remember the table name but not necessarily which schema it belongs to. Having to manually switch schemas just to search introduces unnecessary friction in day-to-day workflows. A global “search across all schemas” option would significantly improve discoverability and navigation speed, especially for teams managing large Postgres projects. Some ideas that could make the feature even stronger: * schema-aware search results (`billing.invoices`, `analytics.events`, etc.) * keyboard shortcut support * fuzzy matching * recently accessed tables * filter by schema/type * indexed/global metadata search for fast lookup * optional toggle between “current schema only” and “all schemas” Even something lightweight like: ```txt Search tables... ☑ Search across all schemas ``` would already solve most of the usability issue. This also aligns well with how developers typically navigate IDEs/codebases — global search tends to scale much better than context-scoped search once projects become large. Related references: * [[PostgreSQL Schemas Docs](https://www.postgresql.org/docs/current/ddl-schemas.html?utm_source=chatgpt.com)](https://www.postgresql.org/docs/current/ddl-schemas.html?utm_source=chatgpt.com) * [[Supabase Database Docs](https://supabase.com/docs/guides/database?utm_source=chatgpt.com)](https://supabase.com/docs/guides/database?utm_source=chatgpt.com) Definitely seems like a worthwhile UX improvement for the dashboard.

This would be a very valuable feature for teams using Edge Functions in production. Right now, rolling back typically means manually redeploying a previous commit/version from source control, which works, but can become operationally stressful during incidents where fast recovery matters. Built-in deployment versioning + rollback support would provide several benefits: * safer production releases * faster incident recovery * easier experimentation/canary deployments * reduced downtime during bad deploys * better operational confidence for teams shipping frequently A deployment history UI showing: * function version * deployment timestamp * git commit SHA * deploy author * environment variables snapshot/reference * rollback button would already cover most real-world recovery workflows. It could also be useful to support: * instant rollback to previous healthy deployment * staged/canary releases * deployment health checks * rollback via CLI/API * audit logs for deployment actions * immutable deployment artifacts This becomes especially important for Edge Functions handling: * authentication flows * Stripe webhooks/payments * cron jobs * realtime events * background processing * user-facing APIs In those cases, a bad deployment can have immediate production impact, and “redeploy the old code manually” is not always ideal under pressure. For now, the safest approach is probably: * keep all Edge Functions in Git * tag stable releases * automate deployments through CI/CD * maintain rollback-ready deployment scripts * avoid deploying directly from local-only changes Related references: * [[Supabase Edge Functions Docs](https://supabase.com/docs/guides/functions?utm_source=chatgpt.com)](https://supabase.com/docs/guides/functions?utm_source=chatgpt.com) * [[Supabase CLI Docs](https://supabase.com/docs/guides/cli?utm_source=chatgpt.com)](https://supabase.com/docs/guides/cli?utm_source=chatgpt.com) * [[GitHub Actions CI/CD Docs](https://docs.github.com/en/actions?utm_source=chatgpt.com)](https://docs.github.com/en/actions?utm_source=chatgpt.com) Definitely agree this would be a strong platform feature, especially as more teams use Supabase Edge Functions for production workloads rather than lightweight utility endpoints.

This makes sense and aligns with standard runtime support expectations across the ecosystem. Once a Node.js release reaches EOL, continuing to officially support it becomes increasingly risky — especially for libraries handling authentication, realtime connections, storage operations, database access, and server-side function execution. Security patches, OpenSSL updates, dependency compatibility, and runtime behavior all become harder to guarantee on unsupported versions. Appreciate the early notice and the clear migration timeline. Giving developers until June 30, 2026 provides a reasonable upgrade window for teams managing production deployments, CI pipelines, Docker images, serverless runtimes, and monorepos with pinned Node versions. For teams preparing the migration, it may also help to highlight a few operational considerations: * update `.nvmrc`, Docker base images, and CI workflows * verify compatibility of native dependencies/build tooling * check serverless platform runtime support * test websocket/realtime behavior under Node 22+ * validate ESM/CommonJS interoperability if upgrading older projects It could also be useful to publish: * a dedicated migration guide for Node 20 → 22 * minimum supported package manager versions * known incompatibilities or breaking runtime changes * recommended Docker images/examples Related references: * [[Node.js Release Schedule](https://nodejs.org/en/about/previous-releases?utm_source=chatgpt.com)](https://nodejs.org/en/about/previous-releases?utm_source=chatgpt.com) * [[Node.js End-of-Life Policy](https://nodejs.org/en/about/eol?utm_source=chatgpt.com)](https://nodejs.org/en/about/eol?utm_source=chatgpt.com) * [[Supabase JavaScript Client Docs](https://supabase.com/docs/reference/javascript/introduction?utm_source=chatgpt.com)](https://supabase.com/docs/reference/javascript/introduction?utm_source=chatgpt.com) Overall, this seems like a reasonable and responsible move from a long-term maintenance and security perspective.

This feels less like a minor integration bug and more like a deployment-safety issue that can impact production reliability. Silently replacing an existing Edge Function named `stripe-webhook` is especially risky because that is an extremely common and predictable naming convention for Stripe webhook handlers. In production systems, webhook endpoints usually contain business-critical logic such as subscription lifecycle updates, refunds, entitlement syncing, email triggers, audit logging, and signature verification. Overwriting that function without a collision check creates a very large blast radius. The env var behavior is also concerning. Replacing a project-wide `STRIPE_SECRET_KEY` with a restricted key can unintentionally break unrelated Stripe workflows across the entire application stack — checkout creation, billing portal sessions, refunds, admin actions, scheduled jobs, and any server-side Stripe SDK usage that expects full permissions. The most important thing here is that none of this appears to have been communicated clearly during installation. The installer messaging says it will deploy Stripe-related Edge Functions, but it does not explicitly warn that it may: * overwrite existing function slugs * modify shared environment variables * reconfigure active webhook endpoints * affect existing production billing infrastructure The suggested mitigations are very reasonable and align with standard platform safety practices: * perform pre-install collision detection for existing Edge Function slugs * require explicit confirmation before replacing resources * namespace integration-owned functions (`stripe-sync-webhook`, `stripe-sync-worker`, etc.) * avoid mutating existing env vars unless explicitly approved * use integration-scoped secrets such as `STRIPE_SYNC_SECRET_KEY` * display a full install plan before deployment (functions, env vars, webhook URLs, DB objects) A dry-run style “resources to be created/modified” screen before installation would probably prevent most of these incidents. Also appreciate the detailed recovery notes. The fact that you documented: * webhook URL restoration * env var recovery * function renaming * verification of signing secrets * downstream operational impact makes this much easier for both maintainers and other users to understand and reproduce. For anyone building platform tooling, this is a good example of why installers should behave more like infrastructure migrations than simple one-click add-ons. Production systems need guardrails, especially around globally shared resources and payment infrastructure. Related concepts from Stripe + webhook best practices: * Webhook endpoint isolation: [[Stripe Webhooks Docs](https://docs.stripe.com/webhooks?utm_source=chatgpt.com)](https://docs.stripe.com/webhooks?utm_source=chatgpt.com) * Principle of least privilege for API keys: [[Stripe Restricted API Keys](https://docs.stripe.com/keys?utm_source=chatgpt.com#limit-access)](https://docs.stripe.com/keys?utm_source=chatgpt.com#limit-access) * Deployment safety / migration-style change visibility: [[Supabase Edge Functions Docs](https://supabase.com/docs/guides/functions?utm_source=chatgpt.com)](https://supabase.com/docs/guides/functions?utm_source=chatgpt.com) Overall this is a valuable report and definitely seems worth addressing before more teams install Sync Engine into projects that already have existing Stripe infrastructure wired up.

This is a serious integration safety issue and the behavior described makes sense from a platform-risk perspective. Silently overwriting an existing production Edge Function (`stripe-webhook`) without any collision warning is dangerous, especially because `stripe-webhook` is a very common and predictable function name for Stripe integrations. The env var overwrite is equally concerning. Replacing an existing `STRIPE_SECRET_KEY` with a restricted key can unintentionally break unrelated billing flows across the entire project, which creates a much larger blast radius than users would expect from installing a sync integration. The suggested fixes are reasonable and would significantly reduce risk: * Add pre-install collision detection for existing Edge Function slugs * Use namespaced function names like `stripe-sync-webhook` * Avoid overwriting existing env vars without explicit confirmation * Clearly list all resources/functions/env vars that will be created or modified during installation Thanks for documenting the recovery steps as well — that context is extremely useful for anyone else integrating Stripe on an already configured production project.