## Problem
The `_Shadcn_` suffix isn't needed anymore on `Select` components
## Solution
Remove it. No other changes
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Refactor**
* Updated internal component architecture to standardize and simplify
the codebase. These changes improve code maintainability and consistency
across the application without affecting existing functionality or user
experience.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/45988)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Logo field now accepts/editable logo URL, plus a new storage-based
Logo Picker to select or remove images from project storage.
* Full storage picker: browse buckets, columns/list views, search,
drag‑and‑drop uploads, file previews (image/audio/video), and
single-file selection with responsive mobile/desktop layouts.
* **Refactor**
* Logo submission streamlined to send the provided URL directly (legacy
file-read/upload flow removed).
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## Summary
- Added token_endpoint_auth_method field to the OAuth app create/update
sheet, visible only when client type is set to "Confidential"
- Supports client_secret_basic (HTTP Basic Auth header) and
client_secret_post (request body) options; public clients automatically
use none
- Wired the field into both create and update API payloads
## Test plan
- Create a confidential OAuth app -> Token Endpoint Auth Method selector
should appear and submit correctly for both options
- Create a public OAuth app -> selector should not appear; none is sent
in the payload
- Edit an existing confidential app -> selector should pre-populate from
the saved value
## What is the new behavior?
<img width="1244" height="1660" alt="image-KvVBmAG6@2x"
src="https://github.com/user-attachments/assets/76ab2687-6be4-4b74-a830-e670a2bb4be2"
/>
<img width="1264" height="1652" alt="image-gLARAPwt@2x"
src="https://github.com/user-attachments/assets/fd5770d5-acfd-4edb-bd5e-af582108f092"
/>
related: https://github.com/supabase/supabase/pull/43128
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added token endpoint authentication method configuration for OAuth app
creation and updates
* Authentication method automatically adjusts based on client type
(public clients use 'none')
* Token endpoint auth method field conditionally displayed for
confidential clients only
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
This PR migrates the whole monorepo to use Tailwind v4:
- Removed `@tailwindcss/container-queries` plugin since it's included by
default in v4,
- Bump all instances of Tailwind to v4. Made minimal changes to the
shared config to remove non-supported features (`alpha` mentions),
- Migrate all apps to be compatible with v4 configs,
- Fix the `typography.css` import in 3 apps,
- Add missing rules which were included by default in v3,
- Run `pnpm dlx @tailwindcss/upgrade` on all apps, which renames a lot
of classes
- Rename all misnamed classes according to
https://tailwindcss.com/docs/upgrade-guide#renamed-utilities in all
apps.
---------
Co-authored-by: Jordi Enric <jordi.err@gmail.com>
This PR preps the monorepo for a migration to Tailwind v4:
- Bump all Tailwind dependencies and libraries to the latest possible
version, while still compatible with Tailwind 3.
- Cleans up obsolete Tailwind 3 specific options and configs.
- Cleans up unused CSS files and fixes the CSS imports.
- Migrates all `important` uses in `@apply` lines to using the `!`
prefix.
- Move `typography.css` to the `config` package and import it from the
apps.
- Migrated all occurrences of `flex-grow`, `flex-shrink`,
`overflow-clip` and `overflow-ellipsis` since they're deprecated and
will be removed in Tailwind 4.
- Make the default theme object typesafe in the `ui` package.
- Migrate all `bg-opacity`, `border-opacity`, `ring-opacity` and
`divider-opacity` to the new format where they're declared as part of
the property color.
- Bump and unify all imports of `postcss` dependency.
## Problem
We used to have a `_Shadcn_` suffix for all the shadcn form components
because we also had `formik` form components.
This is not needed anymore.
## Solution
- Remove the suffix
- Update all usages
Show OAuth server endpoints in oauth server settings page.
Preview: [OAuth Server
settings](https://studio-staging-git-chore-show-oauth-server-endpoints-supabase.vercel.app/dashboard/project/_/auth/oauth-server)
<img width="1138" height="496" alt="Screenshot 2026-01-09 at 12 00 31"
src="https://github.com/user-attachments/assets/eeca7726-0426-4abe-990d-271b702e4f7b"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added an OAuth endpoints table showing Authorization, Token, JWKS, and
Discovery/OpenID URLs with copy-to-clipboard and a masked preview mode.
* Inline preview of the Authorization URL when an authorization path is
set.
* **Improvements**
* Reorganized OAuth server settings for clearer enable/disable flow,
conditional field visibility, and disable confirmation.
* Dynamic loading of the endpoints table, improved loading skeletons,
layout refinements, and form reset to reflect saved defaults.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Ali Waseem <waseema393@gmail.com>
## What kind of change does this PR introduce?
Chore that resolves DEPR-394.
## What is the current behavior?
This stack is consolidating RHF field-array patterns in smaller
reviewable steps.
After the key/value work lands, repeated single-value inputs are still
implemented separately across auth and SSO forms, and the design-system
docs only document the key/value pattern.
## What is the new behavior?
- adds a shared `SingleValueFieldArray` component in `ui-patterns`
- migrates repeated single-value inputs in:
- Redirect URL allow-list modal
- OAuth app redirect URIs
- SSO domains
- SSO attribute mapping
- documents the single-value pattern in the design system with:
- a dedicated fragment page
- updated forms guidance
- updated form pattern demos
- adds focused redirect URL modal coverage
## Additional context
This is PR 3 of a 3-PR stack for DEPR-394.
Base PR: #44058
## Summary
Fixes several high-impact Sentry errors reported in production.
### Fixed Issues
- **[SUPABASE-APP-EJ3](https://supabase.sentry.io/issues/7356937474/)**
— `TypeError: Cannot read properties of undefined (reading 'direct')`.
`connectionStringPooler` could be `undefined` when the connection source
doesn't match any key in the connection strings map. Added an early
return guard in `resolveConnectionString`.
- **[SUPABASE-APP-B17](https://supabase.sentry.io/issues/7117468199/)**
— `RangeError: Invalid time zone specified: Etc/Unknown`.
`dayjs.tz.guess()` returns `"Etc/Unknown"` for some users with
misconfigured browser/OS timezones. Added a shared
`guessLocalTimezone()` helper that validates the guessed timezone via
`Intl.DateTimeFormat` and falls back to UTC. Applied across all 4 call
sites.
- **[SUPABASE-APP-BCM](https://supabase.sentry.io/issues/7192934901/)**
— `TypeError: Cannot convert undefined or null to object`.
`Object.entries(definition.properties)` crashed when a JSON schema
definition existed but had no `properties` field. Updated the guard to
check `definition?.properties` instead of just `definition`.
- https://supabase.sentry.io/issues/7357780302/?project=5459134
- https://supabase.sentry.io/issues/7358344652/?project=5459134
- https://supabase.sentry.io/issues/7096737077/?project=5459134
## Test plan
- [ ] Verify connect dialog renders without errors when connection data
is still loading
- [ ] Verify API docs Entity view handles schema definitions without
properties
- [ ] Verify charts/tooltips display correct timezone labels
---------
Co-authored-by: Ivan Vasilov <vasilov.ivan@gmail.com>
## Context
Main fix is to adjust the new home page + connect dialog (and connect
sheet) to render the project's custom domain if available
<img width="471" height="255" alt="image"
src="https://github.com/user-attachments/assets/3a208b2e-bdeb-43f5-a2e7-3495881dbaaa"
/>
<img width="1065" height="233" alt="image"
src="https://github.com/user-attachments/assets/2a7b8f81-8c0b-4803-bf0a-fc16a2f1e0e1"
/>
## Changes involved
- Created a `useProjectApiUrl` hook that will return the API URL
depending if custom domains is available, otherwise default to default
project API URL
- Refactored all the other places that were manually deriving the
project's endpoint
- Storage Explorer -> copy URL
- Edge Functions
- Integrations -> Data API + API Docs
- Auth Providers -> Callback URL
- Also updated the copy CTA for the addons page
- Instead of just "Change xxx", make it a bit more actionable
- For add ons with binary states (Custom domains, IPv4)
- If not enabled yet, "Enable xxx", otherwise "Toggle xxx"
- For PITR
- If not enabled yet, "Enable PITR", otherwise "Change recovery
duration"
- Also added "Edit custom domain" CTA if enabled
<img width="1144" height="518" alt="image"
src="https://github.com/user-attachments/assets/4f152ea5-0cc7-412c-95e8-ad5bb37c19c3"
/>
## To test
- [ ] Verify that for a project with custom domain set up, all the
affected UI mentioned in the above section look correct
## Context
Related to FE-2461
More refactoring to clean up usage of `useQueryStateWithSelect`, in the
following pages
- Auth OAuth Apps
- Cron Jobs
- Vaults Secrets Management
- Database Hooks
- Wrappers
## To test
In each of those pages, verify that
- [ ] Clicking the "new" cta updates the URL params, and refreshing
should re-open the sheet
- [ ] Editing an existing item should update URL params, and refreshing
should re-open the sheet with the right item
- Verify that if the URL param has the wrong id, page should not open
the sheet, show a toast, and reset the URL param
- [ ] Deleting an existing item should update URL params, and refreshing
should re-open the sheet with the right item
- Verify that if the URL param has the wrong id, page should not open
the sheet, show a toast, and reset the URL param
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Added "item not found" toasts and clearer feedback after
create/update/delete actions; prevent opening create flows when server
features are disabled.
* **Style**
* Standardized button labels, sizes and modal/dialog spacing; refined
table column widths and inline code formatting for readability.
* **Refactor**
* Simplified UI state flows across OAuth Apps, Hooks/Webhooks, Cron
Jobs, Vault Secrets, and Wrappers to use consistent URL-driven
interactions and centralized modals.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
* Add shimmering-loader CSS to ui-patterns.
* Import the shimmering-loader classes from the ui-patterns component.
* Remove ShimmeringLoader from studio.
* Migrate studio to use ui-patterns/ShimmeringLoader.
* Migrate away from using default import for ShimmeringLoader.
* Fix the css imports in docs and studio.
* Bump the deps, refactor deprecated code.
* Migrate keepPreviousData usage.
* Migrate all uses of InfiniteQuery.
* Fix refetchInterval in queries.
* Migrate all use of isLoading to isPending in mutations.
* Fix accessing location in claim-project.
* Fix a bug in duplicate query keys.
* Migrate all queries to use isPending.
* Revert "Fix accessing location in claim-project."
This reverts commit 2a07df64b5.
* Revert the rss.xml file to master.
* Remove the query for temp keys. Remove the query for supabase client. Add a function which creates a supabase client with a temp key.
* Add a new query for building the endpoint URL.
* Migrate all oAuth queries and mutations to use the new function for creating a Supabase project client.
* Use the new queries/mutations in the code.
* Use query in refetchInterval for useProjectSettings.
* Replace all uses in StorageExplorer with createProjectSupabaseClient.
* chore(studio): add oauth apps update panel
* chore(studio): add client_type value to oauth app form
* chore(studio): add logo_uri upload field to oauth apps
* chore(studio): don't show oauth app credentials when successfully editing
* chore(studio): apply correct filters to oauth apps
* chore(studio): show client_secret only on confidential apps
* chore(studio): hide regenerate client secret on public oauth apps
* chore(studio): add docs link on auth server page
* oAuth clients index layout
* oAuth apps crud
* is public
* add user count and client secret generation and management
* scaffold oauth server settings
* improve oauth server enablement / disablement
* show cover when oAuth server is disabled
* fix update panel update button
* add site url and authorization path settings values
* move oauth server to it's own nav item
* remove unneeded oauth server settings
* let the user disactivate oauth server even after creating oauth apps
* better delete button
* cleanup
* fix typecheck
* test endpoints
* add EnableOAuth21 feature flag
* update OAUTH_SERVER_ auth config api
* load OAUTH_SERVER_ENABLED in oauth list
* Update the api.d.ts. Remove the custom versions of supa libs.
* Add query for getTemporaryAPIKey.
* Add a hook for initializing a supabase client.
* Add hooks for oAuth Server apps.
* Regenerate pnpm-lock.yaml.
* Revert updates to the platform.d.ts. Not needed for this PR.
* Migrate all code to use the new hooks.
* Try to integrate the mutations and fix some of the sheet and dialogs.
* improve default and saving states
* fix oauth app form validation
* unify components into CreateOrUpdateOAuthAppModal
* create or update oauth app
* Update the OAuth Server page.
* Remove extra files.
* Minor various fixes.
* More fixes to the creation of oauth apps.
* Bump the libs to fix a DELETE oauth app error.
* Clean up the scope feature.
* Move the feature flag in the auth layout.
* Bunch of smaller fixes.
* Regenerate pnpm-lock.
* Revert SidePanel and CardDescription changes.
* Add confirm dialog for regenerating secret.
---------
Co-authored-by: Ivan Vasilov <vasilov.ivan@gmail.com>
