## What kind of change does this PR introduce?
Add support to use supabase projects as a pg catalog and storage when
adding a ducklake replication.
## What is the current behavior?
Only simple form with raw input text for custom parameters is available.
## What is the new behavior?
Being able to select supabase project to directly use projects in
supabase for the ducklake.
I also fixed a warning we had in the console for this form (cf
screenshot)
## Additional context
[API Changes ](https://github.com/supabase/platform/pull/34282)
https://github.com/user-attachments/assets/4ff9ee65-6ba4-4f17-9ea1-9aebad34171c
<img width="862" height="228" alt="Capture d’écran 2026-06-18 à 09 58
50"
src="https://github.com/user-attachments/assets/1592c3be-807e-426f-9a5a-84979e05d93c"
/>
### Test scenario
Follow the screencast, go to your supabase project (better if it's in
ap-southeast-1)
Create a test table with 1 row for example
-> Database -> Replication -> New destination -> Select ducklake and use
supabase option
-> Keep the same current supabase project selected for both catalog and
storage
-> Create destination -> You'll get a warning about the storage and
credentials
-> Confirm creation
-> Wait until it's in status Running, if it's runing then it works
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Release Notes
* **New Features**
* Added DuckLake replication destination with **Use Supabase** and
**Custom parameters** modes.
* Added DuckLake bucket selection with a **“New bucket”** creation
dialog.
* Added/expanded BigQuery, Analytics Bucket, and Snowflake destination
configuration.
* **Improvements**
* Updated DuckLake create vs edit behavior: mode selection is hidden in
edit mode and configuration is mapped correctly for the selected
variant.
* Enhanced field-level validation (including whitespace-only handling)
and added clearer validation issue messages.
* Added a cross-region warning for DuckLake when catalog and storage
regions differ.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Signed-off-by: Benjamin <5719034+bnjjj@users.noreply.github.com>
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
## Context
Support horizontal scrolling for unified logs
## Changes involved
Also chucked in some refactors and clean up
- `DataTableInfinite` to directly import components from the `ui`
package rather than a separate `Table` component that just applies class
names to the table components from `ui`
- Adjust footer of unified logs such that it'll remain in place despite
horizontally scrolling unified logs
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Release Notes
* **Style**
* Improved infinite data table layout with consistent row/cell styling
across loading, empty, and error states.
* Sticky header behavior is now more reliably applied.
* “Load more” footer button uses a smaller sizing for a cleaner footer
layout.
* **Refactor**
* Updated table rendering to use shared UI primitives and improved
scroll/container handling for the infinite table experience.
* **Chores**
* Simplified the underlying table component structure for consistency.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Jordi Enric <37541088+jordienr@users.noreply.github.com>
## Context
Storage settings "Global file size limit" field goes off the card on
smaller viewports
<img width="1592" height="1258" alt="image"
src="https://github.com/user-attachments/assets/bdc58ff1-f54a-4e09-adc8-79c8a1a0b3f1"
/>
Just removes a className on the FormItemLayout that's causing it - have
verified that doesn't cause other issues
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Style**
* Updated the layout configuration of the Global file size limit field
in Storage Settings.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Problem
We now have `ConnectSheet` and it has been rolled out to everyone.
## Solution
Remove the previous `Connect` components
## Out of scope
There are opportunities to refactor/move the remaining files in the
`apps/studio/components/interfaces/Connect` directory. That will be
addressed in a dedicated PR to ease reviewing.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Refactor**
* Restructured the database connection setup interface and reorganized
framework integration components throughout the application.
* Updated internal architecture for managing connection strings, API
keys, and configuration utilities.
* Modified how framework-specific setup documentation and code examples
are organized and delivered across supported platforms.
* Updated configuration management for code analysis.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
Based on the contents from: @kallebysantos
https://github.com/kallebysantos/play.supabase.unit-tests
## What kind of change does this PR introduce?
Bug fix, feature, docs update, ...
## What is the current behavior?
Please link any relevant issues here.
## What is the new behavior?
Feel free to include screenshots if it includes visual changes.
## Additional context
Add any other context or screenshots.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Release Notes
* **Documentation**
* Completely redesigned the unit and integration testing guide for
Deno-based Supabase Edge Functions using a concrete example
* Added a recommended test folder structure and example business-rule
module
* Introduced BDD-style unit testing patterns with runnable commands
* Expanded end-to-end integration testing guidance, including mocking of
outgoing REST calls
* Updated test utilities for environment setup and JWT generation
* Refreshed best practices and resources sections
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Kalleby Santos <kalleby_santos@hotmail.com>
Co-authored-by: Kalleby Santos <105971119+kallebysantos@users.noreply.github.com>
## Context
> [!IMPORTANT]
> Changes in this PR only apply to the local environment - there should
not be any changes to staging (nor production)
Given that read replicas currently sit under database replication, the
UI currently waits for replication destinations to load before rendering
the page. However for local development, setting up of the ETL API isn't
necessary nor applicable for everyone so this indirectly adds friction
if we just want to work with read replicas.
## Changes involved
- Opting to skip retrying fetching ETL related requests if the error
returned is "replication API URL is not configured"
- This is indicative that the local platform isn't set up for ETL yet
- ^ Database replication page will hence not wait for ETL requests to
succeed before finally rendering the UI
- Node diagram will also then render properly (just read replicas)
- Add a small admonition to visualize this
<img width="1079" height="301" alt="image"
src="https://github.com/user-attachments/assets/32bd5d2f-a76e-417e-bedf-9a04de3bb305"
/>
## To test
- Will only be able to test locally - basically just head over to the
database replication page (unless you somehow already have ETL API set
up locally)
- But can also verify that there's no changes on staging preview
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Improved error messaging when ETL is not configured in local
development environments
* Enhanced error handling for replication API failures with better
non-retryable error detection
* **Improvements**
* Refined replication diagram rendering based on destination setup state
* Updated dropdown menu interactions for read replica management
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Updated the error message in the toast users get when they try to sign
in but do not have their email address verified. This should reduce the
support tickets we get asking to resend the verification email.
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Bug fix, feature, docs update, ...
## What is the current behavior?
<img width="842" height="176" alt="image"
src="https://github.com/user-attachments/assets/e76590ad-960a-4527-91a3-0b717da3f335"
/>
## What is the new behavior?
<img width="842" height="332" alt="image"
src="https://github.com/user-attachments/assets/2422c2fe-0988-4241-877e-dbb0896ceb3b"
/>
## Additional context
Add any other context or screenshots.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Improved error messaging for sign-in failures due to unconfirmed email
addresses. Users now receive clearer, more detailed guidance regarding
email verification and expired link instructions.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Replaced the `DowngradeModal`'s `AlertDialog` with a normal `Dialog`,
since `AlertDialog` won't close if you click outside the modal by
design.
Left is current PR, right is staging:
<img width="1600" height="537" alt="Screenshot 2026-06-18 at 10 07 46"
src="https://github.com/user-attachments/assets/ce1bcc17-d1c9-4fcd-ad3b-f2fcfd8824f6"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Refactor**
* Updated the downgrade confirmation modal to use the newer dialog UI
components.
* Preserved the existing warning and checklist content (including
project impact and email/reset notices) and kept the same confirm/cancel
behavior and disabled state handling.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Gildas Garcia <1122076+djhi@users.noreply.github.com>
## Context
Noticed this discrepancy when debugging fetching of feature flags
internally
We use the user's auth session's email to fetch feature flags, but
there's a unique case whereby if the email is updated, the session's
email will still be stale, although the user's `user_metadata.email`
does get updated correctly.
Am hence opting to default to `session?.user.user_metadata.email` for
fetching flags, and falling back to `session?.user.email` instead
## To test
- [ ] Ensure that configcat feature flags are still working as expected
on preview
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Bug Fixes
* Improved reliability of feature flag configuration by enhancing how
user email is retrieved during sessions.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Removes an always on clipped outline in editor. Will look at focus
styles as part of editor refactor.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Style**
* Updated the code editor styling to provide a cleaner visual
presentation by refining outline properties.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
As context, the events page pulls data from our webinar MDX files, Luma
(for Hackathons, Events, and Meetups), and Notion (for third-party
events we participate in). I recently unified our multiple Luma
calendars into one and started using tags for Luma events.
I fixed a few things on the /events page:
1. Webinars now show the proper location instead of "Unknown"
2. Event cards now show location properly depending on where the source
of the events are
3. Event data is pulled from Luma and categorized based on tags.
Fallback tag is "event" if a tag is absent
Note that this structure assume that Notion events are third-party, Luma
events are first-party (Hosted by Supabase), and Webinars are always
online. This is a safe assumption for the time being, but I will revisit
in the future if that changes.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Events now display tags and categories from Luma event data.
* Webinar events are identified and labeled as "Supabase Live" with a
video icon for improved visibility.
* **Improvements**
* Enhanced event metadata display with improved location and category
information.
* Streamlined event categorization for more consistent handling across
event sources.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## What kind of change does this PR introduce?
UI bug fix. Resolves FE-3617.
## What is the current behavior?
On `/org/[slug]/integrations`, the Vercel section renders full-width and
the page uses a mixed layout: GitHub still uses the old Scaffold
two-column pattern while `VercelSection` was migrated to `PageSection`
without a page container in #46868.
## What is the new behavior?
- Migrates `/org/[slug]/integrations` to `PageHeader` + `PageContainer
size="small"` + `PageSection`, matching project settings integrations
- Puts the Vercel "Install Vercel Integration" CTA in the same dashed
card pattern as "Add new project connection" (org + project)
- Consolidates GitHub into a shared `GitHubSection` with
`isProjectScoped`, mirroring `VercelSection`
| Before | After |
| --- | --- |
| <img width="1728" height="997" alt="Integrations Peels Org
Supabase-BEB84402-99AA-4EF2-8B8F-3CAE98FEA33D"
src="https://github.com/user-attachments/assets/f52741d5-9c31-4707-a10f-c613e0b80bf4"
/> | <img width="1728" height="997" alt="Integrations Freebie
Supabase-975CF6FD-135B-4E84-AD0B-B47CD8F2AC73"
src="https://github.com/user-attachments/assets/1d665601-a38e-4e6b-b205-fde99efa2237"
/> |
## To test
- [x] `/org/{slug}/integrations`: GitHub and Vercel sections contained,
vertically stacked
- [x] Vercel connection tree connectors render correctly when
integration is installed
- [x] `/project/{ref}/settings/integrations`: no regression
- [x] Org keyboard shortcut for add connection still works
---------
Co-authored-by: Cursor <cursoragent@cursor.com>
## Problem
The facet counts in the unified logs sidebar were slow to load. The
query scanned the logs table about 14 times, once for each group of
counts (the total, each log type, each level, and method, status, and
pathname).
## Fix
Count the facets that have few distinct values (total, log type, level,
method, status) in a single scan instead of one scan each. Pathname
stays on its own scan because it has too many distinct values to count
that way.
A facet you are filtering on still gets its own scan, so it can keep
showing counts for its other values while the rest of the sidebar
reflects the filter.
This takes the common case from about 14 scans down to 3. The result
shape is unchanged, so nothing else needed updating.
Note: facet values with a count of zero are no longer returned. Only
values that actually appear show up.
## How to test
- Open Unified Logs for a project with the otelUnifiedLogs flag on.
- Check that the sidebar counts (log type, level, method, status,
pathname) and the total badge match what they showed before, and load
faster.
- Filter by a facet (e.g. log type) and confirm that facet still lists
counts for its other values, while the other facets update to match the
filter.
- Run the unit tests in apps/studio for UnifiedLogs.queries.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Refactor**
* Updated unified log counting to a more efficient single-pass SQL
approach for facet and per-dimension counts.
* Standardized log-type filtering behavior across unified queries and
facet/count generation.
* **Bug Fixes**
* Improved “total/all” counts to correctly respect active filters,
including correct source handling and default log-type exclusion.
* **Refactor**
* Limited facet displays to the top 20 values per facet; facet totals
are now calculated from the retained rows.
* **Tests**
* Expanded SQL and filtering assertions to cover the new counting
structure and facet row behavior.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
## TL;DR
fixes protected schema empty tables still exposing CSV import actions in
table editor...
## ref:
- closes https://github.com/supabase/supabase/issues/41358
- supersedes: https://github.com/supabase/supabase/pull/41362
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Updated the table empty state so CSV import actions are shown only
when the table is allowed to accept imports, and are hidden for
protected cases (including foreign-table scenarios).
* **Tests**
* Added an end-to-end test confirming that empty tables in protected
schemas do not expose the “Import data from CSV” button or the
drag-and-drop CSV hint.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Introduced a new library called Superbase/Server. To help developers
using third party API frameworks, we want to make it easier than ever to
install and use as needed.
- One click copy
- Custom prompt to get started
- Validated API key permissions to ensure we don't leak secrets to other
users in your org/project
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## New Features
- Added a **Server** connection mode end-to-end, including mode-specific
prompting and steps for installing **`@supabase/server`** and setting
required variables.
- Added a server **.env** panel with per-variable copy, **“Copy all
variables”**, and permission-aware secret reveal/copy.
## Improvements
- Updated connection UI layouts (mode selector grid and conditional
config section).
- Improved prompt copying to use mode-specific prompt text when
available.
## Tests
- Added UI tests for server env rendering, secret reveal/copy,
**copy-all** behavior, and permission-restricted scenarios.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Closes#47015
## What kind of change does this PR introduce?
Bug fix.
## What is the current behavior?
The queue message list paginates with `WHERE enqueued_at > <last>` and
`ORDER BY enqueued_at`. `enqueued_at` is not unique: pgmq defaults it to
`now()`, so every message sent in one `send_batch` shares a timestamp.
When a group of same-timestamp messages straddles a page boundary, the
strict cursor skips the rest of that group, so those messages never
appear in the grid even though they are still in the queue. With 40
messages from one batch, only 30 render.
## What is the new behavior?
Pagination uses a composite `(enqueued_at, msg_id)` keyset cursor and
orders by the same pair. `msg_id` is unique within each queue/archive
table and breaks the tie, so no rows are dropped between pages. After
the change, all 40 messages render. This mirrors the cron-runs query,
which already paginates on a unique key.
## Additional context
Added a test in
`apps/studio/data/database-queues/database-queue-messages-infinite-query.test.ts`
asserting next pages use the composite cursor and order by `enqueued_at,
msg_id`.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Improved database queue message pagination to reliably retrieve all
messages, including those with identical enqueued timestamps, preventing
potential message skipping during pagination.
* **Tests**
* Added test coverage for database queue message pagination behavior.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Co-authored-by: Ali Waseem <waseema393@gmail.com>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Updated the Queues quickstart guide for improved clarity, including
revised “Create queue” button labeling, allowed queue-name character
guidance, and refreshed light/dark screenshots.
* Reworked the “What happens when you create a queue?” section,
including Data API exposure guidance and required RLS enablement
details.
* Expanded the permissions section with a clearer enabled-vs-blank role
table and strengthened warnings against client-side exposure.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Rodrigo Mansueli <rodrigo@mansueli.com>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Put Pretty Explain behind a feature flag for experimentation purposes
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* SQL Editor now supports optional feature controls to conditionally
disable “Explain” functionality. When disabled via configuration, the
“Explain” tab and its entry points are hidden, the EXPLAIN ANALYZE
keyboard shortcut (Ctrl/Cmd+Shift+Enter) is disabled, and any automatic
post-run switch to the Explain tab for EXPLAIN-like queries is
prevented. This also reduces unnecessary mounting of Explain UI content
when turned off.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
This updates the remaining stale auth hook references after the auth
hooks guide moved from hash anchors to dedicated subpages.
It switches the RBAC guide to the current custom access token hook page,
updates the MFA verification hook reference in both the docs error-code
source and the shared-data export, and fixes the matching custom access
token hook comments in the Slack Clone SQL examples.
Testing: not run. Link-target updates only.
Refs #46947
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Release Notes
* **Documentation**
* Updated error code and auth hook documentation reference links to
point to more specific canonical documentation pages, improving accuracy
of references for developers.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Pulls the framework-agnostic E2E test fixes out of the TanStack Start
migration PR (#46424) so they can land on `master` independently and
scope that PR down. Test files only — no app/source changes.
> [!NOTE]
> **These changes originate from #46424** (the Next.js → TanStack Start
migration). They were made while getting the E2E suite green on both
builds, but they're pure test-file changes that are framework-agnostic
and already pass on the current Next.js build. A few are *also* written
to tolerate TanStack behaviour (called out in code comments) — harmless
and correct on Next today.
**Changed:**
- `realtime-inspector.spec.ts` — drop the racy
`waitForResponse(/settings/)` (the "Join a channel" UI assertion already
gates on settings loading); click the message row's timestamp instead of
its center, which the wide untruncated-JSON cell pushes under the
always-present detail panel.
- `database.spec.ts` — gate the three Schema Visualizer / Tables tests
on the visualizer UI (`focusTableInVisualizer` already auto-waits for
the schema, including the freshly-created table) instead of the `pg-meta
… public-infinite_tables` XHR.
- `database-webhooks.spec.ts` — wait on the `Database Webhooks` heading
instead of marketing copy that was removed when the page moved to the
new integrations UI.
- `queue-integration.spec.ts` — wait on the unconditional "Create queue"
button instead of the grid (which only renders once a queue exists);
assert creation by polling for either valid end-state.
## To test
- Run the affected specs against a local self-hosted studio and confirm
they pass:
`pnpm --prefix e2e/studio run e2e -- features/realtime-inspector.spec.ts
features/database.spec.ts features/database-webhooks.spec.ts
features/queue-integration.spec.ts`
- Or just let the studio E2E suite run on this PR (Next.js build).
Co-authored-by: Alaister Young <10985857+alaister@users.noreply.github.com>
## What kind of change does this PR introduce?
Bug fix (documentation) — fixes#43920.
## What is the current behavior?
The Drizzle connection example (`db.ts`) at
[`apps/docs/content/guides/database/drizzle.mdx`](https://github.com/supabase/supabase/blob/master/apps/docs/content/guides/database/drizzle.mdx)
does not compile or run as written:
```ts
let connectionString = process.env.DATABASE_URL
if (connectionString.includes('postgres:postgres@supabase_db_')) {
const url = URL.parse(connectionString)!
url.hostname = url.hostname.split('_')[1]
connectionString = url.href
}
// ...
export const db = drizzle(client);
```
- `process.env.DATABASE_URL` is `string | undefined`, so
`.includes(...)` errors with **"Object is possibly 'undefined'"** —
copy-pasting the snippet fails to type-check (the core of #43920).
- `URL.parse()` is a very recent static method (Node 22.1+/modern
runtimes only) and isn't portable for a docs example.
- The final line ends with a stray `;`, which violates this repo's
prettier config (`semi: false`).
## What is the new behavior?
Three surgical fixes to the snippet:
```ts
let connectionString = process.env.DATABASE_URL!
if (connectionString.includes('postgres:postgres@supabase_db_')) {
const url = new URL(connectionString)
url.hostname = url.hostname.split('_')[1]
connectionString = url.href
}
// ...
export const db = drizzle(client)
```
- `DATABASE_URL!` — the example assumes the env var is set (it's set in
the step above), matching Drizzle's own docs.
- `new URL(connectionString)` — standard and portable.
- Dropped the trailing semicolon to satisfy `semi: false`.
No prose changes; the docker hostname-rewrite logic is unchanged.
## Validation
The corrected snippet is **prettier-clean** under this repo's config
(`semi: false`, `singleQuote: true`, `printWidth: 100`) — verified
idempotent
with `prettier --parser typescript`. The change is a single code block
in one
MDX file.
## Additional context
Fixes#43920. The undefined-variable / type-unsafe form was introduced
in #40288.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Updated Drizzle database quickstart: added explicit validation for the
DATABASE_URL environment variable and improved connection-string parsing
to better handle Docker/Supabase hostnames, plus clarified client/DB
initialization steps.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Add 'Sagar Shedge' to humans.txt
## What is the current behavior?
The same as the commit I pulled it on
## What is the new behavior?
No new behaviour.
## Additional context
Add any other context or screenshots.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated the project’s “humans” team roster by adding a new team member
entry.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Co-authored-by: Chris Chinchilla <chris.ward@supabase.io>
Committer: Divya Sharma <divya.sharma@supabase.io>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
docs update
## What is the current behavior?
Current doc link :
https://github.com/supabase/supabase/blob/master/apps/docs/content/guides/platform/upgrading.mdx
## What is the new behavior?
Changed the doc to reflect the upgrade process
## Additional context
- Added pre-upgrade and post-upgrade best practices
- Document upgrade pre-requisites
- Re-arranged the sections
- removed outdated info
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Restructured the database upgrade guide into a single, explicit
step-by-step “How we upgrade” flow
* Added new pre-upgrade and post-upgrade best practices sections
* Expanded upgrade prerequisites, including read-replica requirements,
`pg_upgrade` limitations, and deprecated/unsupported extension guidance
* Updated Postgres 17 upgrade guidance, including handling deprecated
extensions and `pg_cron`-related implications
* Refreshed caveats with updated disk sizing, timing-window details, and
restore guidance
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Divya Sharma <divyasharma@Divyas-MacBook-Pro.local>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Chris Chinchilla <chris@chrischinchilla.com>
Co-authored-by: Chris Chinchilla <chris.ward@supabase.io>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Updated documentation links in Realtime guides and troubleshooting
sections to reflect new URL structure.
* Reorganized internal navigation paths for channel management, error
handling, and performance monitoring resources.
* Improved link consistency across multiple Realtime documentation
sections.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context
When opening an invite to join an organization that's enforced MFA for
their members, if a member does not have MFA enabled yet, they'll see
this UI which is confusing as there's no clear direction on what to do
<img width="500" alt="image"
src="https://github.com/user-attachments/assets/ca2d1047-20bf-40ca-a9ea-91e81c390e40"
/>
## Changes involved
- Updating the UI to consider this error message and prompt users to set
up MFA
<img width="501" height="317" alt="image"
src="https://github.com/user-attachments/assets/d074ac6d-fd74-4fe0-9078-473fd2401045"
/>
- Small UI nudges to account security page
- Tight copywriting to explicitly say MFA
- Opt to use Card instead of Collapsible (collapsible seems unnecessary
given that this is the only UI on this page)
- Before:
<img width="811" height="360" alt="image"
src="https://github.com/user-attachments/assets/1412da3b-3903-4966-85ea-46e0ff443177"
/>
- After:
<img width="817" height="370" alt="image"
src="https://github.com/user-attachments/assets/02d5a2f5-8c1f-4f78-8a20-10c7a4ff563c"
/>
- Tiny change to the user dropdown, say "account" instead of "account
preferences" + change icon
- This imo aligns better as the account page covers more than just
preferences
- Before:
<img width="307" height="178" alt="image"
src="https://github.com/user-attachments/assets/fea43cac-9b0c-4fe4-94a3-946ed0925901"
/>
- After:
<img width="300" height="183" alt="image"
src="https://github.com/user-attachments/assets/800357fe-222f-49b8-b52b-ce4fabff7b95"
/>
## To test
- [ ] Have an organization on paid plan with MFA enforced
- [ ] Invite a user that doesn't have MFA enabled
- [ ] Try to join the organization with that user
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Organization invites now detect and handle MFA requirements with
specific error messaging
* Redesigned Multi-factor authentication section on account security
page
* **Improvements**
* Updated TOTP authenticator help text for clarity
* Updated account menu navigation label
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Alaister Young <alaister@users.noreply.github.com>
Closes DOCS-994
<img width="784" height="171" alt="Screenshot 2026-06-17 at 3 50 27 PM"
src="https://github.com/user-attachments/assets/4ff4afc4-2bc8-4a71-95d8-655171b317b6"
/>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## Problem
The formatting for `!!! note` breaks out multiple nodes when using `code
notation`.
## Fix
This PR formats the `Annotation` MDX component so that it groups the
components into one paragraph rather than multiple.
It also includes a test file, using the example given in the Linear
issue.
## Tophatting
1. Go to
[Hubspot](https://docs-git-docs-format-note-p-supabase.vercel.app/docs/guides/database/extensions/wrappers/hubspot)
in preview.
2. See that the note is formatted correctly. Compare to production.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Tests**
* Added a Vitest suite to verify admonition transformation and
round-trip markdown parsing, including inline wrapping and preservation
of multiple indented content blocks.
* **Bug Fixes**
* Improved admonition rendering so inline admonition content is grouped
into a single paragraph and whitespace-only text is ignored.
* When admonitions include multiple sibling blocks, those blocks are
kept as separate paragraph children for consistent output.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context
If a user switches account without an explicit log out via the
dashboard, landing back on `/org` will redirect users to the last
visited organization as stored in local storage, in which it can result
in the following state if the last visited organization does not exist
in the current account
<img width="2538" height="1060" alt="image"
src="https://github.com/user-attachments/assets/270e482a-3515-48ef-898b-87e76fce80d6"
/>
## Changes involved
Am opting to scope the last visited organization to the user profile
instead - this would be a bit more cleaner than trying to actively clear
the last visited org slug from local storage with implicit account
changes as there's no deterministic way to track that (afaik) from FE
side of things
## To test
Can reproduce the problem as such
- Ensure that you have 2 accounts to log in with, and one account has an
org that the other is not a part of
- For the organization that has the "extra" org, ensure that you click
into it so that the last visited org slug is saved in local storage
- Mimic changing accounts by visiting
`/auth/v1/authorize?provider=github` (using the domain for the env that
you're testing on - e.g localhost:8000 for local, or green for staging
preview)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Unified “last visited organization” handling across the Studio UI with
a shared hook, improving consistency for home/dashboard return,
cancel/back navigation, and account routing.
* **Bug Fixes**
* Updated redirects to only route to an organization when a valid
last-visited value is available; otherwise users go to the general
organizations page.
* Kept MFA enrollment and factor delete/leave flows aligned to the
unified last-visited organization value.
* **Tests**
* Updated onboarding and layout tests to match the new last-visited
organization storage key format and hook/query success behavior.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Details of change
Re-lands DATAENG-1468 (docs page feedback to Postgres) with an
**insert-only** design that avoids the cross-project auth issue that
caused the prior revert.
- New insert-only `feedback_comments` table: anon `insert` policy only
(no select/update/delete). Columns: `page`, `vote`, `title`, `comment`,
`user_id`, `metadata`.
- The docs widget writes the free-text comment to `feedback_comments`
via the **anon key**. The votes `feedback` table is untouched (one row
per vote).
- No user token is sent to the content project anymore (that was the
cause of the previous failure): the feedback client uses the anon key
only.
- The commenter's account user id (gotrue UUID) is read client-side from
the session and stored as a plain `user_id` column for attribution
(comments are logged-in-only). Org/project association is derived
downstream in BigQuery via that id; docs pages aren't project-scoped, so
there's no project_ref/org to capture here.
- Removed the previous update-by-id approach, the per-user RLS policies,
and the obsolete unit test.
## Why the previous version was reverted
It authenticated feedback writes with the supabase.com account session
token, but the requests target the docs content project
(`xguihxuzqibwxjnimxev`), which cannot verify that token. Logged-in
users got `PGRST301 / JWSInvalidSignature`. This version removes the
user token entirely, so writes succeed for everyone.
## Verification
Insert-only RLS means a row can be written but not read/updated/deleted
by `anon`. Comments retrievable with `where comment is not null` is not
needed (separate table); just query `feedback_comments`.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* The feedback form now captures a vote rating along with an optional
title and detailed comments, saving richer context for review.
* **Refactor**
* Feedback submission has been streamlined to write directly to the
database for both vote and comment submissions.
* **Maintenance**
* Updated the feedback data typings to support the new title, comment,
user, page, and vote fields via the new feedback comments storage.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context
Tiny UI nudge to just use the full "Continue with ___" text in the
`SignInWithExternalProvider` UI (can repro by adding a `?method=` param
in the URL on the sign in page)
### Before
<img width="520" height="692" alt="image"
src="https://github.com/user-attachments/assets/f120ade1-8b82-459d-9d82-99027a86bdfd"
/>
### After
<img width="469" height="669" alt="image"
src="https://github.com/user-attachments/assets/7076132a-dee5-40d0-a261-d357808b92b0"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Improvements**
* Standardized the external authentication provider button text across
sign-in and sign-up flows. The primary provider option now consistently
displays **“Continue with [provider name]”**, including the
focused-provider paths, ensuring uniform labeling instead of relying on
caller-provided overrides.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES/NO
## What kind of change does this PR introduce?
Bug fix, feature, docs update, ...
## What is the current behavior?
Please link any relevant issues here.
## What is the new behavior?
Feel free to include screenshots if it includes visual changes.
## Additional context
Add any other context or screenshots.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Release Notes
* **New Features**
* Added “Continue with {provider}” sign-in and sign-up flows using
enabled external identity providers.
* Enabled inbound branding to focus a specific provider for customized
sign-in/sign-up experiences.
* **Improvements**
* Refined the sign-in options layout and “last used” tracking for
clearer authentication choices.
* Updated account identity/provider connection experiences (link/unlink
and management UI).
* **Bug Fixes**
* Fixed hydration mismatches in sign-in and password-related layouts.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
## Problem
It's hard to find a function that references another database entity:
users have to open each of them and look for matches themselves.
## Solution
Add a search input dedicated to function content filtering. Reusing the
existing input to match both names and content may be worse than before
as it would match too many functions if some of them have common sql
keywords in their name.
## Screenshots
<img width="2908" height="672" alt="image"
src="https://github.com/user-attachments/assets/38e35512-d733-434e-8b44-6ff043c01c7e"
/>
<img width="2904" height="560" alt="image"
src="https://github.com/user-attachments/assets/36643865-a1c8-4943-8f13-00272e44eea1"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Search now performs fuzzy matching over function names and bodies,
ranks exact-name matches higher, and respects
schema/return-type/security filters via centralized filtering logic.
* **Style / UI**
* Search input placeholder updated to "Search for a function by name".
* **Documentation / Messaging**
* Empty-state messaging clarified to distinguish no functions vs. no
search matches.
* **Tests**
* Added tests covering the new filtering and ranking behavior.
* **Chores**
* Added runtime dependency for fuzzy-search library.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Problem
The unified log dashboards' Postgres detail panel hid the `query` and
`detail` fields. They were present in the raw log message but never
surfaced in the structured view, making them harder to use when
debugging.
## Fix
- Select `pgl_parsed.query` and `pgl_parsed.detail` in the Postgres
service flow query.
- Add `Query` and `Details` field configs to the Postgres primary
fields, both with `wrap: true` so long values display in full instead of
truncating.
The parsed Postgres field is `detail` (singular); it is labeled
"Details" in the UI.
## How to test
- Open Studio and navigate to the unified logs dashboard for a project.
- Filter to Postgres logs and select a log row to open the detail panel.
- Confirm the Postgres section now shows `Query` and `Details` rows
below `User`.
- Expected result: rows render the parsed query and detail text,
wrapping for long values, and show an em dash when empty.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* PostgreSQL service flow logs now show additional always-visible
**Query** and **Details** fields, bringing parsed database query content
and expanded information directly into the log view.
* **Tests**
* Updated log inspection coverage to ensure the new parsed fields are
correctly surfaced in the flattened inspection output.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
before
<img width="1360" height="564" alt="Screenshot 2026-06-17 at 11 30 45"
src="https://github.com/user-attachments/assets/69516e92-0c3d-42ad-b893-2d6ffdf9e9f8"
/>
after
<img width="1351" height="596" alt="Screenshot 2026-06-17 at 11 31 29"
src="https://github.com/user-attachments/assets/8c78e4c5-f46b-4419-87bd-d689982c3f5b"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Style**
* Refined the visual presentation of the "Open positions" call-to-action
button on the careers page with improved spacing and layout alignment.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context
Marketplace integrations feature preview is currently showing up in the
feature preview modal irregardless - it should be flagged against the
config cat flag
Also added the `getRoute` param for it, and also set `isPlatformOnly` to
true and `isDefaultOptIn` to false
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added a new "Integrations layout" feature preview controlled by a
feature flag. Users can now access integrations functionality through
this dedicated preview item. The feature is marked as new,
platform-exclusive, and available for user opt-in, directing users to
their project's integrations page.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context
Opting to remove the "Read replicas has moved" notice in Project
Settings -> Infrastructure
Also fixes URLs to new replica in `InstanceConfiguration` and
`DatabaseSelector` - query parameter was changed from `type` to
`destinationType`, so fix ensures that the create replica panel opens
after getting navigated to database/replication
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Updated read replica deployment navigation parameters for consistency
across the infrastructure configuration interface.
* Removed outdated notice message regarding read replica functionality
relocation.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Contributes to DOCS-1052
Contributes to DOCS-1057
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Resolves linting warning for "let's" and adds an exception for product
name.
## Tophatting
1. Read the diff and see if changes make sense in context.
2. Run `pnpm lint:mdx`, search for "let's" and see no instances.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Updated instructional copy across multiple AI, authentication,
database, functions, realtime, storage, and troubleshooting guides to
improve clarity and consistency.
* Replaced conversational phrasing (for example, “Let’s…/Let’s see…”)
with direct imperatives, tightened example lead-ins, and adjusted a few
step explanations for readability.
* Refreshed some tutorial text and code-sample presentation in guides
(no behavioral changes).
* Added/adjusted minor MDX lint guidance in a couple of documents.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Nik Richers <nrichers@gmail.com>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Resolves utilize lint warnings.
## What is the current behavior?
Utilize lint warnings are present.
## Tophatting
To see that this issue is resolved:
1. See the diff for content clarity.
2. Run `pnpm lint:mdx` to see no more remaining utilize errors.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Documentation
- Improved documentation clarity and consistency across platform guides,
including AI going-to-prod, custom claims/RLS RBAC, authentication
(anonymous, Web3, social login), and database connection/configuration.
- Refined technical wording throughout database, realtime, storage,
billing, performance, telemetry, and troubleshooting guides (for
example, standardizing phrasing like “use” vs “utilize”).
- Updated select guidance for clearer wording on database pre-warming
and clarified the scope of the Postgres logging note.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Chris Chinchilla <chris.ward@supabase.io>
Allow `android:apk-key-hash:<base64url SHA-256>` entries in
`WEBAUTHN_RP_ORIGINS` alongside https/localhost-http origins.
Non-http(s) origins are matched as-is downstream and Android is
responsible to binding the origin to the RP ID via digital asset links.
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
New human.
## What is the current behavior?
Please link any relevant issues here.
## What is the new behavior?
Feel free to include screenshots if it includes visual changes.
## Additional context
Add any other context or screenshots.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated team contributors list
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
