## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Refactored the Database Create Index side panel to align with the
recommended Studio form patterns.
## What is the current behavior?
The side panel was using a legacy layout that did not follow the common
Studio form patterns.
It's also not a real form.
## What is the new behavior?
The Create Index side panel in the Database section is now consistent
with the Studio form patterns.
It's now a real form using `react-hook-form`
## Additional context
Before:
<img width="668" height="855" alt="image"
src="https://github.com/user-attachments/assets/d15ee63c-8d03-4780-8945-1792f0493133"
/>
After:
<img width="606" height="856" alt="image"
src="https://github.com/user-attachments/assets/78e0269c-e79c-42d1-a2c2-9465c0b0c46a"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **UI Improvements**
* Reworked index-creation panel into a validated, form-driven workflow
with clearer field interactions, multi-column selector, live read-only
SQL preview, and updated submit/cancel behavior.
* Footer actions: Cancel resets the form and closes the panel; Create
triggers form submission and reflects loading state.
* **Tests**
* Updated end-to-end flow to click "Select a table" (replacing "Choose a
table") during index creation.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Gildas Garcia <1122076+djhi@users.noreply.github.com>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Feature / performance improvement.
## What is the current behavior?
The Database > Tables list renders every table for the selected schema
in a single `useTablesQuery({ includeColumns: true })` fetch.
## What is the new behavior?
- Database > Tables list uses `useInfiniteTablesQuery` with a 50-row
page size, streaming pages as the user scrolls.
- An `IntersectionObserver` sentinel attached to the footer status row
triggers `fetchNextPage()` while `hasNextPage` is true; the same row
doubles as the table count / loading indicator.
- Search is debounced (300 ms) and passed as `nameFilter` to the hook,
which forwards it to pg-meta's `getTablesPaginatedSql`. The backend
returns only matching rows, so search works across the whole schema
rather than only the loaded pages.
## Additional context
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Debounced search filtering for tables
* Infinite-scroll pagination with sentinel-driven loading
* Footer shows “Loading more tables…” and dynamic table counts
* **Bug Fixes**
* Ensure table list refresh after create/duplicate by invalidating
infinite-list cache
* **Tests**
* Updated end-to-end waits and helpers to match the new paginated
table-loading API
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES/NO
## What kind of change does this PR introduce?
Bug fix, feature, docs update, ...
## What is the current behavior?
Please link any relevant issues here.
## What is the new behavior?
Feel free to include screenshots if it includes visual changes.
## Additional context
Add any other context or screenshots.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Accessibility**
* Improved screen-reader label for table row action menus so table
controls are clearer for assistive‑technology users.
* **Tests**
* Enhanced end-to-end test reliability: tightened selectors, added
dialog/toast visibility and API-wait synchronization, scoped lookup
fixes, removed redundant cleanup helper, and updated test setup to mark
a terms-of-service dismissal to reduce flakiness.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Performance improvement / feature
## What is the current behavior?
The Schema Designer fetches all tables in a single request via
`useTablesQuery`. For schemas with 400+ tables this blocks first paint
on a large payload.
## What is the new behavior?
`SchemaGraph` uses `useInfiniteTablesQuery` (pageSize: 100) so the first
100 tables paint immediately. A "Load more tables" button appears above
the legend whenever more pages remain, letting users load the rest on
demand.
## Additional context
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added a "Find table…" selector and keyboard shortcut to quickly locate
and focus tables; supports incremental loading and debounced name search
(with literal wildcard handling).
* Schema Graph shows a bottom "Load more tables" control with loading
state and preserves view after loading more.
* **Refactor**
* Table listing switched to infinite/paginated retrieval and improved
"no tables" logic; server-side name filtering supported.
* **Tests**
* E2E tests add a schema-visualizer wait helper and update flows to
support the paginated visualizer.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46402?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
- Minor issues here, the validation for creating names is there but
users can create crons with empty names through SQL
- When they edit the name in the Cron editor, since we use names as the
where clause it treats it as a new create
- So a duplicate cron is created
- Since creating requires a name, the validation is moved to the
component rather than zod and disabled when editing mode is on!
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Cron jobs can now be created without requiring a name field.
* Improved handling to properly distinguish between creating new cron
jobs and editing existing ones.
* **Bug Fixes**
* Fixed issue where editing unnamed cron jobs would create duplicate
entries instead of updating the existing job in place.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46486?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Right now material views and views don't have any options on the context
menu, they only have a copy name. This adds copy schema, export CSV,
export SQL and delete table to that list
Added E2E tests to cover the use cases
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Delete views and materialized views via confirmation dialogs with
optional cascade
* Copy SQL definitions for views and materialized views
* Export views and materialized views as CSV and SQL from the entity
menu
* Confirmation modals now show dependency warnings and cascade toggle
consistently
* **Tests**
* End-to-end tests covering copy, export, and delete flows for views and
materialized views in the table editor
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46383?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<img width="1285" height="654" alt="image"
src="https://github.com/user-attachments/assets/10074f07-3ac0-4f1f-b920-4255c67968d6"
/>
Updates file storage buckets to make use of new page components and
follow more standard full width pages as recommended in our design
system.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Search input now always visible with dynamic placeholder and cancel
control.
* “Go up one level” navigation button shown in list view when not at
bucket root.
* **Style**
* Thinner icon strokes and smaller button/icon sizing across the Storage
Explorer and preview.
* Header, breadcrumbs, and page container spacing/layout refined;
explorer outer container simplified.
* Selection count UI made compact/monospaced; new layout tokens for
header and bulk-action rows.
* **Tests**
* Unit and e2e tests updated; added e2e helper for rename/create inputs.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46184?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## What kind of change does this PR introduce?
Chore: component migration and copy update.
## What is the current behavior?
`DownloadSnippetModal` and `RenameQueryModal` use an awkward tabs-based
layout. The download action is labelled "Download" throughout, and the
NPX toggle was incorrectly labelled "NPM".
## What is the new behavior?
- Both modals are migrated to the `Dialog` component.
- The download dialog replaces the tab layout with a select (Migration /
Seed file / SQL file) and a CLI/NPX toggle.
- Action language changed from "Download" to "Export" (context menu
item, dialog title, select label) — more accurate since the user runs a
CLI command rather than triggering a browser download.
- NPM toggle label corrected to NPX; internal `npm` property key renamed
to `npx` for consistency.
| Before | After |
| --- | --- |
| <img width="1024" height="759" alt="Add Auth Hook (General) SQL Editor
Pickles Pantry Supabase-C6F22F8B-19FF-486E-8C08-915895495875"
src="https://github.com/user-attachments/assets/98637802-5e05-4431-87f8-b2e83216082a"
/> | <img width="1024" height="759" alt="Add Auth Hook (General) SQL
Editor Pickles Pantry Supabase-5B63AD0C-7CD0-4BB2-BEC8-5DBAE94963CE"
src="https://github.com/user-attachments/assets/a8f48c2f-a7e2-42fd-b52c-89a133811ad8"
/> |
| <img width="1024" height="759" alt="Add Auth Hook (General) SQL Editor
Pickles Pantry Supabase-1F28FADA-46D1-4C0A-BE96-6CFF2317FDCF"
src="https://github.com/user-attachments/assets/afb904d0-689b-4756-b0b4-8177703934e4"
/> | <img width="1024" height="759" alt="Add Auth Hook (General) SQL
Editor Pickles Pantry Supabase-652E6E8D-1CD2-4465-BC82-46EDB974CD8C"
src="https://github.com/user-attachments/assets/f1adfb6b-fba6-495f-b571-1713c3eebb4d"
/> |
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Refactor**
* Updated the SQL query export modal UI from a tabs-based interface to a
dropdown-based selection for choosing export formats.
* Revised menu and dialog labels to "Export query" for improved clarity.
* Enhanced code block presentation in the export modal.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46242?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Gildas Garcia <1122076+djhi@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
## Summary
- Closes
[FE-3399](https://linear.app/supabase/issue/FE-3399/make-table-editor-filter-bar-wait-for-a-value)
- Table editor's filter bar was firing a row request as soon as a
property was selected, before any operator/value was set. This regressed
after #46071 unified the table editor and unified logs onto the shared
`FilterBar`.
- `LogsFilterBar` already validates that each condition has a
propertyName, operator, and non-empty value before applying.
`FilterPopoverNew.handleApply` did not — it called `setFilters`
unconditionally on every `onApply` from the shared bar (property change,
operator change, blur, etc.). This PR mirrors the `LogsFilterBar`
validation so the table editor stops requesting rows until the condition
is complete.
## Test plan
- [ ] Open the table editor on any table
- [ ] Click the filter bar, pick a column → no network request fires, no
toast, grid unchanged
- [ ] Pick an operator → still no request
- [ ] Type a value and hit Enter → row request fires, grid filters
- [ ] Remove the filter → grid refetches with no filter
- [ ] New e2e test: `pnpm --prefix e2e/studio run e2e --
features/filter-bar.spec.ts --grep "does not trigger a row request"`
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Filter validation now prevents incomplete filter conditions from being
applied, ensuring only fully-specified filters affect table data.
* **Tests**
* Added end-to-end test coverage for filter bar operations to verify
expected behavior during filter setup.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46113?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Backports a batch of e2e test stabilization fixes — each commit is
scoped to a single failure class and only touches `e2e/studio/` files.
**Changed:**
- **`_global.setup` — playwright-locks cleanup was dead code**: the
lock-cleanup block was at the bottom of `Global Setup`, but every branch
above it returns early — so it never ran. Tests that use
`withFileOnceSetup` (cron-jobs) would see a stale `setup.done.json`
marker from the previous run and silently skip their setup, leaving e.g.
`pg_cron` uninstalled and all 11 cron-jobs specs failing. Moved the
cleanup to before any early return.
- **filter-bar — Home key**: macOS Chromium doesn't honor a standalone
`Home` keypress inside text inputs (macOS routes "go to line start" via
`Cmd+ArrowLeft` / `Fn+ArrowLeft`). Tests that expected the cursor to
jump to position 0 silently kept the previous selection. Replaced with
`el.setSelectionRange(0, 0)` so the assertion runs against a known
cursor position on every OS.
- **filter-bar — date filters**: tests inserted rows with `CURRENT_DATE`
/ `NOW()` (postgres session TZ = UTC) and asserted with JS-local dates
from `getDateValue()`. Near midnight the two diverged and the filter
returned 0 rows. Switched the inserts to explicit `getDateValue()`
strings so insert and assert use the same calendar day.
- **queue-table-operations — `networkidle`**: Studio holds long-poll /
SSE connections (PostHog, realtime), so `page.reload({ waitUntil:
'networkidle' })` never resolves and timed out. Replaced with a targeted
`waitForTableToLoad` API waiter.
- **sql-editor — RLS smoke test**: a hard-coded table name
(`pw_rls_smoke_test`) collided across 3 parallel workers running against
the same db. Suffixed with `test.info().parallelIndex`.
- **table-editor — FK spec timeout**: `waitForApiResponseWithTimeout`
for `query?key=table-update` returns `null` on timeout (silent), then
the panel-close assertion fails. Bumped 15s → 30s to absorb
parallel-load latency.
- **table-editor / storage-helpers — URL encoding & redirect race**:
post-action URL assertions were over-specific (`%20` vs `+` encoding)
and the bucket-delete redirect could race other history updates. Relaxed
the regex to accept both encodings; asserting the row removal directly
is a more stable signal than the redirect URL.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Tests**
* Improved end-to-end determinism with explicit dates/timestamps and
stable cursor positioning
* Prevented parallel-test collisions by using unique identifiers for
resources
* Made page reloads and API waits more robust for long-lived connections
and increased timeouts
* Strengthened assertions to rely on stable UI signals instead of
transient navigation/network state
* Ensured test setup reliably cleans up temporary locks before any setup
steps run
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46039?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Alaister Young <10985857+alaister@users.noreply.github.com>
## What kind of change does this PR introduce?
Studio UI cleanup.
## What is the current behaviour?
The SQL editor query warning modal repeats itself with an admonition, a
nested warning panel, and extra confirmation copy. Single-warning cases
are harder to scan than they need to be.
## What is the new behaviour?
The warning now uses `AlertDialog` and resolves each detected issue into
concise title/body copy. Single-warning cases show one short
description, while multi-warning cases show a compact list. The existing
RLS actions are preserved.
## Testing instructions
Manual SQL editor checks:
Open the Studio SQL editor, paste each snippet, click **Run**, verify
the warning copy, then click **Cancel**. These snippets are only
intended to trigger the warning UI, so do not confirm the dangerous
ones.
Destructive operation warning:
```sql
drop table if exists public.codex_warning_destructive;
```
UPDATE without WHERE warning:
```sql
update public.codex_warning_table set id = id;
```
Prevent database connections warning:
```sql
alter database postgres connection limit 0;
```
Missing RLS warning:
```sql
create schema if not exists codex_warning;
create table codex_warning.missing_rls (id bigint);
```
Multiple issues warning:
```sql
drop table if exists public.codex_warning_destructive;
update public.codex_warning_table set id = id;
create schema if not exists codex_warning;
create table codex_warning.missing_rls_multi (id bigint);
```
## Additional context
| Before | After |
| --- | --- |
| <img width="1024" height="759" alt="Codex Warning Table Maintenance
SQL Editor Hammer Toolshed Supabas-BDBD32C7-FCE8-4623-ACF2-D2554233EBB4"
src="https://github.com/user-attachments/assets/aaed16c2-9910-424a-8a3c-f9815139b1bf"
/> | <img width="1024" height="759" alt="Codex Warning Table Maintenance
SQL Editor Hammer Toolshed Supabas-C8964C98-1CF9-4992-89D6-86C081C884E8"
src="https://github.com/user-attachments/assets/d291c559-1e64-4c63-b918-b20b58d9a2a5"
/> |
| <img width="1024" height="759" alt="Codex Warning Table Maintenance
SQL Editor Hammer Toolshed Supabas-C341A032-B5B0-49A2-8EA2-E3E6EEC54E4F"
src="https://github.com/user-attachments/assets/667d9d1a-e34b-4411-9f91-4972ee8d1a23"
/> | <img width="1024" height="759" alt="Codex Warning Table Maintenance
SQL Editor Hammer Toolshed Supabas-FC66ADE9-6AF1-44D2-A6B6-F7B2FC935C0E"
src="https://github.com/user-attachments/assets/1348377e-6606-47c0-aa95-128d7f86ed56"
/> |
| <img width="1024" height="759" alt="Codex Warning Table Maintenance
SQL Editor Hammer Toolshed Supabas-43AAD9FA-7FAC-4DCE-A713-00E8FC76B343"
src="https://github.com/user-attachments/assets/bdadedc2-f17d-4011-ae67-5248097b3e92"
/> | <img width="1024" height="759" alt="Codex Warning Table Maintenance
SQL Editor Hammer Toolshed Supabas-279EC81D-31C7-49C7-B4A8-EEEF1738740A"
src="https://github.com/user-attachments/assets/0c178fff-ff49-4522-870d-7a3401c6af30"
/> |
| <img width="1024" height="759" alt="Codex Warning Table Maintenance
SQL Editor Hammer Toolshed Supabas-D405AED5-613F-4C78-909E-F718C67CF17E"
src="https://github.com/user-attachments/assets/a4399935-3596-471b-854a-c689e2e0df07"
/> | <img width="1024" height="759" alt="Codex Warning Table Maintenance
SQL Editor Hammer Toolshed Supabas-725FBCE6-5606-4BC3-B13F-6210DBADF6F2"
src="https://github.com/user-attachments/assets/0dcd08fc-cfb4-4d67-b167-eb6eaa768764"
/> |
| <img width="1024" height="759" alt="Codex Warning Table Maintenance
SQL Editor Hammer Toolshed Supabas-EA6563AF-DE7E-4AB8-9164-AC66164CA581"
src="https://github.com/user-attachments/assets/ef56fe0f-0243-4ff3-a2b2-ee8b3fe2330a"
/> | <img width="1024" height="759" alt="Codex Warning Table Maintenance
SQL Editor Hammer Toolshed Supabas-EC85EFB1-715E-4841-BBCA-51F88B539595"
src="https://github.com/user-attachments/assets/5be05527-920d-4f23-92eb-c7cd0bbff13e"
/> |
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Prevented unintended modal dismissal and duplicate handling when
confirming.
* **Refactor**
* Redesigned SQL editor warning modal with structured, consolidated
warnings, adaptive title/confirmation copy, and centralized handling of
missing-RLS table names.
* Added conditional "Run and enable RLS" confirmation when available.
* **Tests**
* Updated end-to-end tests to match the new modal headings and body
text.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/45912)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Problem
We run the e2e tests across two shards to reduce their duration.
However, one takes longer than the other.
## Solution
Use a currently hidden Playwright feature to balance their load
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Upgraded Playwright test dependency to a newer version for refreshed
test tooling and fixes.
* Adjusted end-to-end test shard weighting to rebalance distribution
across parallel runs.
* **Tests**
* Stabilized several end-to-end editor interactions to make E2E flows
more reliable.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Mark provenance of SQL via the branded types SafeSqlFragment and
UntrustedSqlFragment. Only SafeSqlFragment should be executed;
UntrustedSqlFragments require some kind of implicit user approval (show
on screen + user has to click something) before they are promoted to
SafeSqlFragment.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Editor and RLS tester show loading states for inferred/generated SQL
and include a dedicated user SQL editor for safer edits.
* **Refactor**
* Platform-wide SQL handling tightened: snippets and AI-generated SQL
are treated as untrusted/display-only until promoted, improving safety
and consistency.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Summary
Adds the first batch of keyboard shortcuts for the Database → Schema
Visualizer page, following the registry pattern established for the SQL
editor and table editor.
Fixes [FE-3115](https://linear.app/supabase/issue/FE-3115).
## Shortcuts
| Shortcut | Action |
| --- | --- |
| `Mod+Shift+C` | Copy schema as SQL |
| `Mod+Shift+M` | Copy schema as Markdown |
| `D` then `P` | Download schema as PNG |
| `D` then `S` | Download schema as SVG |
| `O` then `A` | Open the auto-layout confirmation dialog |
| `O` then `S` | Open the schema selector |
All six entries appear in the Cmd+K command menu under "Shortcuts" and
in the global shortcuts sheet (`Mod+/`) under a new "Schema Visualizer"
group while the page is mounted. None are surfaced in Account →
Preferences yet (`showInSettings: false`), matching how the SQL/table
editor batches shipped.
The schema selector and auto-layout button are wrapped in the unified
`Shortcut` component so the keybind is shown on hover (Linear-style).
The dropdown items for copy/download don't get hover hints since
tooltips on dropdown items don't make sense — they're discoverable via
Cmd+K instead.
## Toasts
Each user-visible action now confirms via a sonner toast:
- `Successfully copied as SQL` — fires on Copy as SQL (button or
`Mod+Shift+C`).
- `Successfully copied as Markdown` — fires on Copy as Markdown
(dropdown or `Mod+Shift+M`).
- `Successfully downloaded as PNG` / `Successfully downloaded as SVG` —
already present in `useExportSchemaToImage`; fires on click or `D → P` /
`D → S`.
- `Failed to download current view: …` — error toast on download failure
(also pre-existing).
## Notes
- `Mod+Shift+C` and `Mod+Shift+M` collide with the SQL editor's
`results.copy-csv` / `results.copy-markdown` shortcuts. They coexist
cleanly because `useShortcut` only fires while the hook is mounted, and
the two pages live on different routes. Both labels appear in the global
shortcuts sheet honestly scoped per surface.
- `SchemaSelector` was promoted to a `forwardRef` component that spreads
extra props onto its outer `<div>`. This was needed for `<TooltipTrigger
asChild>` to attach event handlers and the ref properly — previously
they were silently dropped and the hover tooltip didn't render.
- `SchemaSelector` and the auto-layout `AlertDialog` accept controlled
`open` props now so the shortcuts can drive them and the tooltip can be
suppressed while the popover/dialog is open (`Shortcut` gained a
`tooltipOpen` passthrough for this).
- Auto-layout still pops the existing confirmation dialog rather than
running directly — destructive enough to keep the guardrail.
## Test plan
- [x] On the Schema Visualizer page, each of the six shortcuts fires the
corresponding action.
- [x] Hover the schema selector and the Auto layout button — tooltip
shows the action label and keybind badge.
- [x] Open the schema selector popover (click or `O → S`) — hover
tooltip is suppressed while open.
- [x] Open the auto-layout confirm dialog (click or `O → A`) — hover
tooltip is suppressed while open.
- [x] Cmd+K shows all six entries under "Shortcuts" while on the page;
navigating away unregisters them.
- [x] `Mod+/` shortcuts sheet has a "Schema Visualizer" group listing
all six.
- [x] Copy as SQL / Markdown each fire a confirmation toast; PNG / SVG
downloads each fire a confirmation toast.
- [x] On the SQL editor results page, `Mod+Shift+M` / `Mod+Shift+C`
still copy results (no regression from the duplicate keybinds).
- [x] The download dropdown items still work via click; PNG/SVG
downloads succeed.
- [x] All other consumers of `SchemaSelector` (~15 callsites) render
unchanged after the `forwardRef` promotion.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Keyboard shortcuts for schema visualizer: copy as SQL/Markdown,
download PNG/SVG, auto-layout, and focus selector
* Success toasts when copying content to clipboard
* **Improvements**
* Schema selector and auto-layout dialog can be opened/closed via
keyboard and programmatically
* Shortcut tooltips can be suppressed when related overlays/dialogs are
open
* Schema Visualizer added to the shortcuts reference sheet
* **Tests**
* E2E tests dismiss transient toasts to avoid UI interference
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context
Resolves FE-3126
Just cleaning up the table editor header with a bit of refactors
(pre-req to investigating collapsing filter bar and table editor header
actions into a single row)
## Non-visual changes involved
- Break down components within `GridHeaderActions` into smaller ones
- `IndexAdvisorPopover`
- `SecurityDefinerViewPopover`
- `RealtimeToggle`
- Deprecate use of `useUrlState` in `GridHeaderActions` to use
`useQueryState` instead
- Improve types for `TwoOptionToggle`
## Visual changes involved
- Collapse realtime button toggle into a button icon, with no text (just
tooltip)
- Adjust layout of buttons a little
### Before
<img width="796" height="118" alt="image"
src="https://github.com/user-attachments/assets/436bca94-4d91-471a-a184-487c6f78dc04"
/>
### After
<img width="731" height="132" alt="image"
src="https://github.com/user-attachments/assets/5fd30982-a1fc-4f92-a590-146d1e69d52a"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Index Advisor popover with recommendations.
* Realtime toggle to manage realtime table publication.
* Security Definer view popover with optional autofix.
* Insert menu for adding rows/columns and CSV import.
* **Bug Fixes**
* Adjusted filter bar input sizing for improved readability.
* **Refactor**
* Header layout updated and insert/import actions moved into dedicated
components.
* **Tests**
* Updated end-to-end selectors for the Insert row menu item.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## TL;DR
- extends https://github.com/supabase/supabase/pull/45076
- closes https://github.com/supabase/supabase/issues/45113
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Sequence values now properly sync after bulk row inserts, ensuring
correct auto-increment behavior for subsequent inserts.
* **Tests**
* Added end-to-end coverage for CSV import, including a "Paste text"
import path that verifies custom-owned sequences are synchronized before
the next insert.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Gildas Garcia <1122076+djhi@users.noreply.github.com>
Co-authored-by: Ali Waseem <waseema393@gmail.com>
## Problem
When using LLMs, it's useful to describe your tables in markdown format.
## Solution
- Add an _Copy as SQL_ and _Copy as Markdown_ in the schema visualiser
table menu
<img width="320" height="235" alt="image"
src="https://github.com/user-attachments/assets/b465d6aa-a011-4308-86de-78725328630b"
/>
- Refactor the _Copy as SQL_ and _Download current view_ buttons in a
single button/dropdown combo and add _Copy as markdown_:
<img width="333" height="143" alt="image"
src="https://github.com/user-attachments/assets/a823988b-abff-4840-b5a5-53a5830065b4"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* "Copy as Markdown" for schemas and individual tables.
* "Copy as SQL" for individual tables.
* Per-column descriptions included in schema/table exports.
* **Style**
* Export actions consolidated into a compact, grouped dropdown with
adjacent copy action for streamlined header controls.
* **Tests**
* Unit tests for markdown export helpers.
* E2E tests updated to use the new export UI and adjusted dialog timing.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
## TL;DR
fixes csv imports with explicit id values leaving auto generated primary
keys out of sync
by resolving the primary key sequence correctly after import
## ex:
| Before | After |
| --- | --- |
| <img width="378" height="201" alt="Before: stale sequence after CSV
import"
src="https://github.com/user-attachments/assets/34c827f5-c69b-4c05-aa67-9fb6fd65a040"
/> | <img width="435" height="196" alt="After: sequence synced after CSV
import"
src="https://github.com/user-attachments/assets/bb84f286-1b3e-44a5-965b-5f2faa3f7622"
/> |
## ref:
- closes https://github.com/supabase/supabase/issues/45073
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Release Notes
* **Bug Fixes**
* Fixed identity sequence synchronization during CSV imports. After
spreadsheet data is inserted, the system now properly updates sequence
values, ensuring subsequent rows receive correct identifiers.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Replaces "stored procedures" with "functions" for everything related to
the Data API.
## Additional context
It's not accurate to call database functions "stored procedures". It may
have been that way before Postgres 11, but now it causes confusion
because PostgREST allows functions and not stored procedures.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Standardized terminology across docs, SDK guides, CLI/config specs,
examples, UI, and config comments to use "database functions" instead of
"stored procedures".
* Updated API docs, CLI/config descriptions, Studio UI labels, help
text, empty-state and navigation copy, RPC documentation, and example
text for consistency.
* Adjusted explanatory text and error/help messages to reflect the
revised terminology.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## TL;DR
fixes enum create/update failures when names contain quotes
(also added a smol e2e)
## Ex:
<table>
<tr>
<td><strong>Before</strong></td>
<td><strong>After</strong></td>
</tr>
<tr>
<td>
<img width="424" height="178" alt="Before"
src="https://github.com/user-attachments/assets/d1815f4e-3879-4f8d-8d24-40d2c1f5563d"
/>
</td>
<td>
<img width="233" height="75" alt="After fix"
src="https://github.com/user-attachments/assets/f3f9b53c-b234-4e18-9b2d-db97ca4713d5"
/>
</td>
</tr>
</table>
## ref:
- closes https://github.com/supabase/supabase/issues/45022
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Fixed enumerated type description handling to preserve special
characters (quotes and apostrophes) without unintended escaping.
* **Tests**
* Extended enumerated types test coverage to include creation, updates,
and deletion of types with special characters in names and descriptions.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Lets self-hosted Studio toggle flags in `enabled-features.json` at
container start time via `ENABLED_FEATURES_*` env vars, without
rebuilding the prebuilt image. Addresses
[FE-3036](https://linear.app/supabase/issue/FE-3036/allow-enabled-featuresjson-flags-to-be-overridden-via-env-vars)
and is a prerequisite for
[COM-205](https://linear.app/supabase/issue/COM-205/add-feature-flag-to-disable-all-logs-in-studio).
**Added:**
- `packages/common/enabled-features/overrides.ts` — pure parser that
maps `ENABLED_FEATURES_*` env vars to a disabled-features list
(forward-only key mapping, boolean validation, typo warnings) + 10
vitest tests
- `apps/studio/pages/api/enabled-features-overrides.ts` — Next.js API
route reading `process.env` at request time; no-op (`{
disabled_features: [] }`) when `IS_PLATFORM`
- `apps/studio/data/misc/enabled-features-override-query.ts` — React
Query hook with `staleTime: Infinity`, `enabled: !IS_PLATFORM`
- `packages/common/enabled-features/README.md` — docs the env var
convention, resolution order, `IS_PLATFORM` gating, and the
`Support.constants.ts` build-time caveat
**Changed:**
- `apps/studio/hooks/misc/useIsFeatureEnabled.ts` — merges the
override's `disabled_features` with `profile.disabled_features`
### Env var shape
One var per flag, prefixed `ENABLED_FEATURES_`. Feature key → env name:
uppercase with every non-alphanumeric char replaced by `_`.
```bash
ENABLED_FEATURES_LOGS_ALL=false
ENABLED_FEATURES_BRANDING_LARGE_LOGO=true
```
Values are `true`/`false` case-insensitively. Other values and prefixed
vars that don't match a known feature are logged and ignored.
### Resolution order (runtime, Studio only)
1. `ENABLED_FEATURES_*` (self-hosted, via API route → React Query →
hook)
2. `profile.disabled_features` (hosted, from `/platform/profile`)
3. `enabled-features.json` static value
4. Default (enabled)
`ENABLED_FEATURES_OVERRIDE_DISABLE_ALL` still short-circuits everything.
### Known limitation
`apps/studio/components/interfaces/Support/Support.constants.ts:4` calls
`isFeatureEnabled('billing:all')` at module load to build
`CATEGORY_OPTIONS`, which is spread into Zod form schemas. That call
site stays resolved from the JSON — documented in the package README.
`billing:all` isn't on the radar for self-hosted runtime toggling.
## To test
- `cd packages/common && pnpm exec vitest run enabled-features` — 10 new
tests pass
- `pnpm --filter studio run typecheck` clean
- Spin Studio locally with `NEXT_PUBLIC_IS_PLATFORM=false` and
`ENABLED_FEATURES_LOGS_TEMPLATES=false`;
`/project/[ref]/logs/explorer/templates` should reflect the flag after
the override fetch resolves
- Confirm the API route returns `{ disabled_features: [] }` when
`NEXT_PUBLIC_IS_PLATFORM=true`
- Set a typo like `ENABLED_FEATURES_LOGS_TMEPLATES=false` and check the
warning in container logs; flag stays enabled
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Runtime feature-flag overrides for self-hosted deployments (env var
driven), new API endpoint and client-side hook to fetch overrides, and
client logic now merges profile and runtime overrides.
* **Documentation**
* Added comprehensive README describing the feature-flag system and
override configuration.
* **Tests**
* Added unit tests for override parsing and E2E tests covering runtime
override behavior.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Alaister Young <10985857+alaister@users.noreply.github.com>
Fixes a false positive in the CREATE-TABLE-without-RLS warning modal
added in #45008. The warning was firing on `CREATE FUNCTION` statements
because the `SELECT..INTO` detector was matching plpgsql variable
assignments inside `$$…$$` function bodies.
Reported example that triggered the modal with no table actually being
created:
```sql
create or replace function schema_checks()
returns jsonb
language plpgsql
as $$
declare
ret jsonb;
begin
select jsonb_build_object('value', 'ok') into ret;
return ret;
end;
$$;
```
**Changed:**
- `SQLEventParser.match()` now strips the body of `$tag$…$tag$` blocks
before running detectors. Tags are kept as markers; content is blanked
out so function bodies, DO blocks, and dollar-quoted string literals are
never scanned as DDL.
- Updated a pre-existing parser test that asserted the buggy behaviour
(it expected `CREATE TABLE fake` inside a `$$…$$` string literal to be
detected — `$$…$$` is a string literal in Postgres, not DDL).
**Added:**
- Regression tests in `SQLEditor.utils.test.ts` covering: the exact
reported function, DO blocks with `select into`, `create table` text
inside a function body, mixed top-level `CREATE TABLE` + function with
`INTO` assignments, and custom `$body$…$body$` tags.
- Parser-level regression test in `sql-event-parser.test.ts`.
## To test
- In the SQL editor, paste the function from the Slack report and run it
— the RLS warning modal should not appear.
- Run `create table foo (id int8 primary key);` on its own — modal still
appears as before.
- Run `create table foo (id int8); create or replace function bar()
returns int language plpgsql as $$ declare v int; begin select 1 into v;
return v; end; $$;` — modal should flag only `foo`, not `v`.
- Run an existing destructive query (`drop table x`) — unaffected, modal
still works.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Parser no longer treats DDL/DML-like text inside PL/pgSQL functions,
DO blocks, or dollar-quoted bodies (including nested/custom tags) as
top-level CREATE TABLE/SELECT INTO, preventing false detections and UI
warnings.
* **Tests**
* Added unit and e2e regression tests covering dollar-quoted blocks,
nested dollar tags, DO blocks, SELECT INTO inside functions, and
positive controls with a real top-level CREATE TABLE.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Alaister Young <10985857+alaister@users.noreply.github.com>
Adds a pre-execution warning in the SQL editor when a `CREATE TABLE`
statement is run without enabling Row Level Security on the new table.
Responds to the press call-out around SQL editor security.
<img width="708" height="498" alt="Screenshot 2026-04-18 at 4 31 07 PM"
src="https://github.com/user-attachments/assets/4f23ed5e-f32c-46f0-b0da-ac6d4c661c7c"
/>
**Added:**
- Pre-execution check in `executeQuery` that detects `CREATE TABLE`
statements without a matching `ALTER TABLE ... ENABLE ROW LEVEL
SECURITY` in the same submitted SQL.
- New "Run and enable RLS" action in the warning modal that rewrites the
SQL to append `ALTER TABLE [schema.]<table> ENABLE ROW LEVEL SECURITY;`
for each detected table before running.
- Link in the modal to the RLS docs.
**Changed:**
- `RunQueryWarningModal` now renders `Dialog` directly (instead of
`ConfirmationModal`) so it can show three buttons: Cancel / Run without
RLS / Run and enable RLS.
- `sqlEventParser` table-name regex now supports quoted identifiers
containing spaces (e.g. `"My Table"`) and escaped quotes (e.g.
`"user""table"`).
The check runs against the SQL that's actually submitted, so
partial-selection works correctly — selecting only the `CREATE TABLE`
portion will trigger the warning even if there's a matching `ENABLE RLS`
lower in the editor.
## To test
- Open the SQL editor and run `create table foo (id int8 primary key);`
→ modal should appear with the RLS warning bullet and three buttons.
- Click **Run and enable RLS** → query runs, table is created with RLS
enabled.
- Click **Run without RLS** → query runs as written, no RLS.
- Run `create table foo (id int8); alter table foo enable row level
security;` → no modal (RLS already enabled in same submission).
- Run `create table public.bar (id int8); create table baz (id int8);
alter table baz enable rls;` → modal flags only `public.bar`.
- Select only the `create table` portion of a snippet that also enables
RLS lower down and run the selection → modal should still fire.
- Run an existing destructive query (`drop table x`) → modal still works
as before with two buttons (Cancel / Run this query).
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* SQL editor now detects CREATE TABLE statements missing Row Level
Security (RLS) and shows counts and dynamic table/schema details in a
redesigned warning dialog with updated pluralization and a “Learn more”
link.
* New actions: “Run without RLS” and, when available, “Run and enable
RLS” which applies RLS and runs the query; editor can execute an
overridden SQL payload when applying RLS changes.
* **Tests**
* Added comprehensive unit and e2e tests covering RLS detection, SQL
augmentation, trigger handling, identifier parsing, and the “Run and
enable RLS” flow.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Alaister Young <10985857+alaister@users.noreply.github.com>
## Summary
- Makes the new table filter bar the permanent default by hardcoding
`useIsTableFilterBarEnabled` to return `true`
- Removes the feature preview toggle (opt-out) from the preview modal
- Cleans up E2E tests: removes old filter UI test, removes
`enableFilterBar` helper, fixes race condition in column-drop test
- Old filter code paths are left in place for a follow-up cleanup PR
Closes FE-2819
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Removed the table filter bar preview and its opt-in/local-storage
preview key.
* Cleared preview content from the feature preview modal.
* **Tests**
* Removed the UI filtering e2e test and associated preview opt-in
helper.
* Updated filter-bar e2e flows to adjust navigation/wait behavior (added
explicit waits, removed redundant reloads).
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
## Problem
Since the drag & drop refactor, users cannot double click to select the
column name in the columns headers of the table editor. Besides, the
advisor button cannot be clicked either.
## Solution
- Add a delay constraint on the drag & drop operation, allowing click
events to trigger
- Add e2e tests to prevent future reggressions
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Double-click column headers to copy column names to clipboard
* Index Advisor warnings now accessible in the Table Editor
* **Improvements**
* Improved drag start timing and tolerance for smoother column dragging
* Better screen reader announcement for index suggestion actions
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## TL;DR
the table editor definition panel was showing incomplete SQL for views
with `WITH (security_invoker = true)`
ignoring the reloption and making it easy to accidentally strip it when
recreating the view
## prob
When viewing a security invoker view in the Table Editor, the Definition
panel only showed `CREATE VIEW ... AS ...`
without the `WITH (security_invoker = true)` clause
which caused two issues:
1. the displayed SQL was incomplete and didn't match the actual view
definition
2. users copying the SQL to recreate the view would unintentionally lose
the security_invoker setting
## ex:
| Before | After |
|--------|-------|
| `create view public.exposed_api as`<br>`select id, secret from
public.rls_protected_table;` | `create view public.exposed_api with
(security_invoker = true) as`<br>`select id, secret from
public.rls_protected_table;` |
## ref:
- closes https://github.com/supabase/supabase/issues/44934
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* View definitions now show the full CREATE statement (including
materialized views and WITH (...) options) and preserve security options
like security_invoker when viewed or opened in the SQL editor.
* **Tests**
* Added end-to-end test verifying security option preservation in view
definitions and when opening them in the SQL editor.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Supabase Dashboard - Connect
## What is the current behavior?
On the new `<ConnectSheet />` component their is no deep linking like
the previous `<Connect />` component
## What is the new behavior?
Deep linking added onto framework and other options, Example local
links:
http://localhost:8082/project/default?showConnect=true&connectTab=framework&framework=nextjs&using=pageshttp://localhost:8082/project/default?showConnect=true&connectTab=mcp&mcpClient=goose
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Connect Sheet supports URL query parameters for pre-configuring
connection settings (framework, using, method, type, mcpClient).
* Legacy tab identifiers are accepted for compatibility.
* **Improvements**
* Opening, switching, and closing the Connect Sheet now more reliably
syncs and clears related parameters to avoid stale state.
* **Tests**
* Added end-to-end tests covering deep-linking, legacy aliases, and
parameter clearing on close/mode change.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
## TL;DR
fixes the Auth Users provider badge for Web3 users so it reflects the
actual enabled provider state
## problem
Web3 authenticated users appeared `Disabled` in `Authentication -> Users
-> Provider Information`
This happened because the user provider is stored as `web3`, while the
actual enabled state is chain specific (`solana` / `ethereum`)
<p align="left">
<img width="443" height="281" alt="Image"
src="https://github.com/user-attachments/assets/4918cbdb-75a4-4bd9-b9e5-511dcced5447"
/>
</p>
## solution
When the provider is `web3`, resolve the enabled badge from
`raw_user_meta_data.custom_claims.chain` (saw that in the payload while
testing) and map it to the correct Web3 config flag:
- `solana` -> `EXTERNAL_WEB3_SOLANA_ENABLED`
- `ethereum` -> `EXTERNAL_WEB3_ETHEREUM_ENABLED`
<p align="left">
<img width="148" height="43" alt="image"
src="https://github.com/user-attachments/assets/9d21b8fc-da93-4dcd-9cdb-5c0eacef2a27"
/>
</p>
## ref:
- closes https://github.com/supabase/supabase/issues/44724
- closes https://github.com/supabase/supabase/issues/39568
- closes https://github.com/orgs/supabase/discussions/39563
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Corrected web3 provider enabled status detection by mapping user chain
configuration to provider settings.
* **Tests**
* Added test coverage for web3 user enabled status display.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Problem
Foreign wrapper forms still use `formik` but we now use
`react-hook-form` everywhere and we'd like to reduce our dependencies.
## Solution
- [x] Write e2e tests for wrappers
- [x] Migrate to `react-hook-form`
## Notes
I tried to cover the 3 cases I identified for foreign wrappers with e2e
tests:
- Add all available tables to a new schema (stripe)
- Add selected tables to a new table (stripe)
- Create dynamic columns (s3 wrapper)
However, they are not exhaustive as I can't test the integration
actually works, only that it was created successfully. Besides, I can't
test the Iceberg wrapper case as it needs actual S3 buckets.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Enhanced column-type selector with searchable combobox, enum support,
icons, and optional recommendation prompts.
* **Refactor**
* Migrated many wrapper/table/editor forms to a schema-driven form
system with stronger validation, dynamic field arrays, and consistent
form controls.
* Updated input field integration to work with the new form control
model.
* **Bug Fixes**
* Improved handling of missing wrapper/error states during wrapper
loading.
* **Tests**
* Added unit tests for form schemas and end-to-end tests for wrapper
creation flows.
* **Chores**
* Removed legacy dynamic-columns component.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## What kind of change does this PR introduce?
Chore / UI consistency fix. Resolves DEPR-418.
## What is the current behavior?
Shortcut hints are still hand-built in several high-traffic Studio
surfaces, which leads to inconsistent rendering and stale
platform-specific markup. Buttons in particular can end up with awkward
spacing and baseline alignment when shortcut labels are inserted
directly into the button text.
## What is the new behavior?
This PR standardises those shortcut hints around `KeyboardShortcut` and
updates the surrounding layout primitives to support that approach more
cleanly.
It includes:
- Design docs
- using `KeyboardShortcut` in the table side-panel `ActionBar`
- replacing hardcoded operation queue button shortcuts in
`OperationQueueSidePanel`
- standardising the command menu trigger shortcut chip and updating the
`LayoutHeader` overrides to match the new DOM shape
- replacing the AI editor empty-state `Cmd/Ctrl + K` hint with
`KeyboardShortcut`
- refining shared shortcut/button primitives so inline shortcuts align
better when used as button accessories
- keeping the SQL utility shortcut work on this branch consistent with
the same shared component approach
| Before | After |
| --- | --- |
| <img width="1454" height="902" alt="CleanShot 2026-03-27 at 15 55
32@2x"
src="https://github.com/user-attachments/assets/3a8de192-3f4c-480b-9d26-9b28becd0ee3"
/> | <img width="1488" height="906" alt="CleanShot 2026-03-27 at 15 29
31@2x-63A17C58-D023-4D3A-9355-6C40A6485328"
src="https://github.com/user-attachments/assets/46ef7f7a-2b8b-4c10-8935-84ca5ad44562"
/> |
| <img width="738" height="328" alt="CleanShot 2026-03-27 at 15 57
07@2x"
src="https://github.com/user-attachments/assets/ad459c41-867d-42f9-a8cb-c936af8326b7"
/> | <img width="726" height="290" alt="CleanShot 2026-03-27 at 15 56
29@2x-ECE4E10F-9693-4ED8-B085-DC436A839F52"
src="https://github.com/user-attachments/assets/95b4bfb4-ec34-4080-8b69-211b5045ca26"
/> |
## Later todo
- [ ] Replace the string-based SQL editor placeholder shortcut in
`SQLEditor` once that placeholder API supports rich content
- [ ] Refactor `CommandOption` to use `KeyboardShortcut` instead of
bespoke platform detection and command-key markup
- [ ] Standardise the remaining DataTable shortcut hints
(`DataTableToolbar`, `DataTableResetButton`, `DataTableFilterCommand`,
`DataTableFilterControlsDrawer`) around `KeyboardShortcut`
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Introduced a new KeyboardShortcut component for displaying keyboard
shortcuts with two visual variants (pill and inline).
* Standardized keyboard shortcut indicators across the application
interface for consistent user experience.
* **Bug Fixes**
* Fixed capitalization inconsistencies in button labels and hotkey
settings.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Problem
We currently have 3 different libraries for drag & drop, two of which
are not actively maintained anymore.
## Solution
Migrate all usage of the two unmaintained libraries to DndKit.
This PR focuses on using DndKit instead of `react-dnd` for column
reordering in the table editor
## Screencast
https://github.com/user-attachments/assets/54fb36f4-5671-42e2-9698-2ae928a69f55
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Column drag-and-drop rebuilt with a live drag preview and improved
pointer/keyboard handling
* **Improvements**
* More reliable column reordering with refined move/freeze/unfreeze
behavior and stable index recomputation
* Standardized column type/format display and simplified grid rendering
* **Accessibility**
* Added accessible labeling for column actions controls
* **Tests**
* End-to-end locator updated to target the column actions button
deterministically
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Summary
- Adds 6 Playwright E2E tests for queue integration: view page, create
basic queue, create unlogged queue, delete queue, purge messages, and
send test message
- Adds `aria-label` to icon-only Purge and Delete buttons in
`QueueTab.tsx` for reliable test selectors
- Follows existing `cron-jobs.spec.ts` patterns for setup/teardown and
API helpers
## Test plan
- [x] All 6 queue integration tests pass locally against self-hosted
Supabase
- [x] Tests run stably in parallel (3 workers)
- [x] Cleanup via `withSetupCleanup` ensures no leftover test queues
## Context
For database extensions, previously dashboard would fire a separate call
just to retrieve the "default schema" for an extension via
`useDatabaseExtensionDefaultSchemaQuery` from the
`pg_available_extension_versions` table (the `schema` from this table
implies where the extension will be installed in)
## Changes involved
Am updating the `useDatabaseExtensionsQuery` to use a custom studio SQL
that will fetch this data in one request via a `LEFT JOIN`, so dashboard
no longer needs to fire a request to `pg_available_extension_versions`
each time we open the `EnableExtensionModal` since all the info we need
is loaded up front.
Have also validated that the cost of the custom studio SQL is low (6.8,
via explain analyze) so performance wise on the project's DB should be
okay.
This will then also allow us to correctly render the "default schema" of
the extensions in the new Install Integration Sheet now that we have
that information up front.
## Misc fix
Also fixed a small issue on the database extensions page whereby if you
searched for an extension that's hidden (e.g pg_tle), there's no "No
results" UI state showing up
<img width="1112" height="319" alt="image"
src="https://github.com/user-attachments/assets/eb488117-2a24-4317-ad73-1d636f9b1bc8"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Per-extension default schema detection surfaced across install flows;
default schema options added to selectors when applicable.
* **Bug Fixes**
* Hidden extensions filtered out earlier so they no longer appear in
lists.
* Install button now correctly disables when required extensions are
missing.
* **Refactor**
* Consolidated extensions metadata retrieval and simplified schema
selection/validation logic; UI text formatting standardized.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context
Resolves https://github.com/supabase/supabase/issues/43548
There's currently an issue with the Table Editor where if you have, for
example, a nullable `text` column with a default value, inserting a new
row and selecting "Set to NULL" doesn't do anything, and saving will
insert the row with the default value
<img width="700" height="258" alt="image"
src="https://github.com/user-attachments/assets/6a284ebb-c346-40a6-9a30-793118844084"
/>
This stems from a legacy logic in the Table Editor whereby we treat
`null` values as "no input" - which is incorrect as `null` values are
also valid values. So the PR here changes a few things to resolve this
properly:
## Changes involved
Main fix:
- `undefined` will be the "no input" value instead, and it'll be the
default value when generating the row object for inserting a new row
- `NULL` or even empty string like `''` will be treated as they are
(valid inputs)
Secondary adjustments:
- (Queue operations) Queueing an insert with no value but default value
is NULL, will show the placeholder as `DEFAULT` instead of `NULL` for
better accuracy in representation
<img width="892" height="96" alt="image"
src="https://github.com/user-attachments/assets/02cf86bf-c17b-4e25-9a8f-17960b1d2575"
/>
- Added a `Set to Default` CTA here, but will only show up if adding a
new row or updating a queued insert row operation, which will set the
value of the input field back to `undefined` for PG to handle it as the
default value
<img width="734" height="208" alt="image"
src="https://github.com/user-attachments/assets/23887c0c-533e-4494-acbe-61309ff5d7c5"
/>
## To test
Verify within the Table Editor (along with queue operation feature
preview)
- For inserting a new row, setting value to NULL and setting value to
Default works
- For updating a row, setting value to NULL works
## Summary
The `connectSection` A/B experiment concluded as a true null (no effect
on activation or any downstream metric after 13 days at 50/50, ~153K
mature orgs). Saxon decided to ship the Connect section as the permanent
experience. This PR removes the Getting Started control variant, the old
Connect modal, all experiment flag gating, and related telemetry types.
## Changes
- Delete `GettingStarted/` directory (5 files: section component, types,
utils, progress hook)
- Delete old `Connect.tsx` dialog modal (replaced by ConnectSheet)
- Remove `connectSection` PostHog flag reads from `Home.tsx` and
`LayoutHeader.tsx`
- Remove `getSectionVisibility()` experiment logic and
`ConnectSectionVariant` type
- Remove `getting-started` from `DEFAULT_SECTION_ORDER`
- Always render `<ConnectSheet />` in header (no more conditional with
old `<Connect />` modal)
- Remove `variant` prop from `ConnectSection` component
- Remove 4 getting-started telemetry event interfaces from
`telemetry-constants.ts`
- Update `mergeSectionOrder` tests to reflect new section order
## Testing
Tested on Vercel preview:
- [x] Project homepage shows Connect section for new projects (< 10 days
old)
- [x] Connect section hidden for mature projects (> 10 days old)
- [x] Header Connect button opens ConnectSheet (not old modal)
- [x] Connect tiles open ConnectSheet with correct tab
- [x] Section drag-and-drop still works without getting-started in the
order
- [x] Existing users with `getting-started` in localStorage order don't
break (mergeSectionOrder strips it)
## Linear
- fixes GROWTH-730
---------
Co-authored-by: Alaister Young <alaister@users.noreply.github.com>
## What kind of change does this PR introduce?
UI improvements
## What is the current behavior?
- The database tables list and columns list use inconsistent page shells
and table primitives
- The child columns page has weaker information hierarchy and row
actions than the parent tables page
- Responsive column priority on the tables list does not reflect the
most important data on smaller breakpoints
- Table actions and counts are harder to scan than they should be
## What is the new behavior?
- Both pages now use `PageLayout` with matching large-width content
containers
- `ColumnList` now uses the latest `ui` Table primitives instead of the
legacy cleaned-up-later table
- Both pages now show totals in a table footer
- `ColumnList` now uses a tiny filter input, case-insensitive filtering,
inline descriptions under the name, and a primary `Edit` button with
overflow actions
- `TableList` now has improved responsive column priority:
- smallest breakpoint keeps `Rows`
- `Columns` appears from `sm`
- `Size` appears from `lg`
- `Realtime Enabled` appears from `2xl`
- `TableList` now uses `View columns` as the CTA, removes the ambiguous
icon from that CTA, restores the entity icon from `sm` upwards only, and
tightens the name column on the smallest breakpoint only
- Boolean icon columns are right-aligned consistently, with the same
Realtime icon tones applied to both `Realtime Enabled` and `Nullable`
- The columns detail page now uses breadcrumbs for navigation back to
Tables instead of an inline back button
| Before | After |
| --- | --- |
| <img width="1728" height="997" alt="Tables Database Mallet Toolshed
Supabase-0E0E3DE0-4EA1-407F-88D4-B85664D26D8E"
src="https://github.com/user-attachments/assets/3a2e265c-394e-432c-8c29-12317b60fda8"
/> | <img width="1728" height="997" alt="Tables Database Mallet Toolshed
Supabase-C8FC339C-E9DA-4ADB-8458-C7EFF55F2AEC"
src="https://github.com/user-attachments/assets/50c83a3f-a70c-4d09-a8c3-1eeaed68b68b"
/> |
| <img width="1728" height="997" alt="Tables Database Mallet Toolshed
Supabase-FE9196A0-BEAF-4BA5-8A2C-06F934A62C38"
src="https://github.com/user-attachments/assets/707a564a-e764-45ac-8470-8532e22d39bc"
/> | <img width="1728" height="997" alt="Tables Database Mallet Toolshed
Supabase-36E93C1E-7943-4C98-8119-CAF48E2FE5BA"
src="https://github.com/user-attachments/assets/4cba5791-a4d7-4f43-aea0-8277b2ec5d28"
/> |
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES/NO
## What kind of change does this PR introduce?
fixes: #37454
The context menu on the FK row is a lie, its just exposing the cell
underneath. Ideally this should have its own context menu, right now we
only support copy operations.
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
- Index mismatch on ADD then DELETE/EDIT:
formatGridDataWithOperationValues was searching the original rows array
for DELETE_ROW and EDIT_CELL_CONTENT operations, then using those
indices on the modified formattedRows array (which had been shifted by
ADD_ROW's unshift). Both now search formattedRows directly.
- Cross-table operation leaking: The entire operation queue was passed
to formatGridDataWithOperationValues without filtering by the current
table, causing pending ADD_ROW and DELETE_ROW operations from one table
to appear in other tables. Operations are now filtered by tableId before
rendering.
