## Summary
Adds discoverable keyboard shortcuts for the Advisors area, covering
both navigation between advisor sub-pages and in-page actions on the
Security/Performance Advisor pages. Built on the shared shortcut
registry (`apps/studio/state/shortcuts/`) so they show up in the command
menu and follow the existing chord conventions (`V` for adVisor,
mirroring auth-nav / database-nav).
Linear: [FE-3413](https://linear.app/supabase/issue/FE-3413)
### Shortcuts
| Shortcut | Action | Scope |
| --- | --- | --- |
| `V` then `S` | Go to Security Advisor | Anywhere under
`/project/<ref>/advisors/*` |
| `V` then `P` | Go to Performance Advisor | Anywhere under
`/project/<ref>/advisors/*` |
| `V` then `R` | Go to Advisor Settings (Rules) | Anywhere under
`/project/<ref>/advisors/*` |
| `1` | Switch to Errors tab | Security / Performance Advisor page |
| `2` | Switch to Warnings tab | Security / Performance Advisor page |
| `3` | Switch to Info tab | Security / Performance Advisor page |
| `Shift+R` | Refresh / rerun the advisor | Security / Performance
Advisor page |
| `Escape` | Close lint details panel | When a lint row is selected |
## Test plan
- [x] From anywhere in Advisors, `V S` / `V P` / `V R` route to Security
/ Performance / Rules
- [x] On Security and Performance Advisor pages, `1` / `2` / `3` switch
tabs and update the `preset` query param
- [x] `Shift+R` reruns the linter (disabled while a refresh is
in-flight)
- [x] `Escape` closes the lint details side panel when a lint is
selected
- [x] Digit shortcuts do not fire while typing in inputs (`ignoreInputs:
true`)
- [x] Shortcuts appear in the command menu under the Advisors group
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added keyboard shortcuts for Advisors (tab navigation, refresh/rerun,
close detail) with visible shortcut hints on tabs, refresh/rerun
buttons, close controls, and the Advisors menu; pages wire shortcuts to
tab switching, refresh, and close actions.
* **Chores**
* Registered Advisors shortcuts globally and added an Advisors
navigation group for discovery in the shortcuts reference.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46238?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Danny White <3104761+dnywh@users.noreply.github.com>
## Problem
Project settings still uses the deprecated `Modal` for:
- transferring a project
- upgrading Postgres in _Infrastructure_
## Solution
- use `Dialog` instead
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Refactor**
* Migrated project upgrade confirmation and project transfer flows to a
unified dialog-based UI for improved consistency and accessibility.
Visual structure (headers, sections, footers) and action placement were
standardized; existing functionality, validation, and user workflows
remain unchanged.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46265?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Docs update.
## What is the current behavior?
No docs for client-side trace propagation with the JS SDK. Users with
OpenTelemetry-instrumented apps had no way to find out that supabase-js
can attach W3C Trace Context headers and that `trace_id` shows up in API
Gateway and Edge Function logs.
## What is the new behavior?
New guide at `/guides/telemetry/client-side-tracing` covering
requirements, opt-in setup (`tracePropagation: true`), advanced options,
domain scoping, where `trace_id` appears in Supabase logs, and
troubleshooting. Linked from the Logging & observability nav.
Preview:
https://docs-git-docs-otel-sdk-supabase.vercel.app/docs/guides/telemetry/client-side-tracing
## Additional context
First of several planned SDK tracing guides. When the next SDK gets one
we'll restructure into a shared `tracing/` folder.
## Summary by CodeRabbit
* **Documentation**
* New comprehensive guide for client-side trace propagation with the JS
SDK: explains W3C Trace Context header behavior, requirements, setup
steps, opt-in examples, advanced configuration, domain/security notes,
and troubleshooting when trace IDs are missing.
* Added a new "Tracing with the JS SDK" entry in the Logging &
observability navigation for easy access to the guide.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* New comprehensive guide for client-side trace propagation with the JS
SDK: explains W3C Trace Context header behavior, requirements, setup
steps, opt-in examples, advanced configuration, domain/security notes,
and troubleshooting when trace IDs are missing.
* Added a "Tracing with the JS SDK" entry under Logging & observability
for quick access.
* Documentation metadata updated to reference the latest source
snapshots.
* Lint rules updated to allow "OpenTelemetry", "Zipkin", and "noop".
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46218?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Chris Chinchilla <chris.ward@supabase.io>
Co-authored-by: Chris Chinchilla <chris@chrischinchilla.com>
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
## Summary
- Adds `apps/www/scripts/fetchAgentSkills.mjs` — at build time (`pnpm
content:build`) fetches the latest `index.json` from
`supabase/agent-skills` release assets and writes it verbatim to
`public/.well-known/agent-skills/index.json`
- Skill URLs are absolute GitHub Release asset URLs, embedded by the
agent-skills repo at release time (supabase/agent-skills#87) — no URL
rewriting needed on this side
## How it works
1. Fetches latest release from `supabase/agent-skills` via GitHub API
2. Downloads `index.json` from the release assets
3. Writes it verbatim to `public/.well-known/agent-skills/index.json`
Clients discover and install skills from
`supabase.com/.well-known/agent-skills/index.json` and fetch tarballs
directly from GitHub Release assets.
## Dependency
Requires supabase/agent-skills#87 to be merged and released so the
published `index.json` contains absolute URLs.
---------
Co-authored-by: Pedro Rodrigues <44656907+Rodriguespn@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
Co-authored-by: Pedro Rodrigues <pedro.rodrigues@supabase.io>
- add loading state to "Installed" integrations in sidebar
- share filtering and sorting logic from legacy to new marketplace
- integrate missing/empty categories
- refine featured integrations hero component
<img width="296" height="473" alt="Screenshot 2026-05-20 at 12 30 14"
src="https://github.com/user-attachments/assets/efbc0bd1-3e78-4033-9e65-abaa257d2a73"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added loading indicators while installed integrations are being
fetched.
* **Improvements**
* Enhanced integration categorization to surface meaningful categories
for more integrations.
* Empty categories are now hidden from the category filter.
* Sorting now prioritizes installed integrations and improves
alphabetical ordering.
* Simplified and more consistent status badge display.
* Updated featured integrations ordering and fixed featured hero
rotation to restart its progress animation when resumed.
* **Refactor**
* Consolidated filtering and sorting into a shared hook for consistent
behavior.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46146?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Problem
The observability overview page fetched service health data by making
six separate calls to the generic \`logs.all\` endpoint with
hand-crafted SQL (via \`genChartQuery\`). This coupled the overview to
SQL internals and missed out on the purpose-built \`service-health\`
endpoint that accepts structured \`lql\` filters and a \`granularity\`
parameter.
## Fix
- Added \`/platform/projects/{ref}/analytics/endpoints/service-health\`
to \`platform.d.ts\`, including the \`ProjectServiceHealthResponse\`
schema and \`UsageApiController_getProjectServiceHealth\` operation.
- Created \`apps/studio/data/analytics/service-health-query.ts\` with a
\`getServiceHealth\` fetch function and \`useServiceHealthQuery\` hook
following the same pattern as other analytics query files.
- Added a \`serviceHealth\` key factory to
\`apps/studio/data/analytics/keys.ts\`.
- Rewrote \`useServiceHealthMetrics.ts\` to call the new endpoint per
service using \`lql\` selectors (\`s:postgres_logs\`, \`s:auth_logs\`,
etc.) and a \`granularity\` value derived from the selected interval
(\`1hr\` -> \`minute\`, \`1day\` -> \`hour\`, \`7day\` -> \`day\`). The
timeseries normalisation and chart data pipeline is unchanged.
- Updated the refresh handler in \`ObservabilityOverview.tsx\` to
invalidate the new query key prefix and removed the now-unused
\`postgrest-overview-metrics\` invalidation.
## How to test
- Navigate to a project's Observability > Overview page.
- Verify that the Service Health table loads data for all six services
(Database, Auth, Edge Functions, Realtime, Storage, Data API).
- Switch between the 1hr, 1day, and 7day interval selectors and confirm
the charts update.
- Click the Refresh button and confirm the charts reload.
- Click a bar in any chart and confirm navigation to the corresponding
logs page scoped to that time window.
- Confirm no regressions in the Database Infrastructure section (CPU,
RAM, disk, connections).
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Centralized service‑health fetching for consistent cross‑service
metrics and improved charting.
* New analytics key and backend endpoint for project service‑health; API
schemas added.
* Backend support for an additional log‑drain type (hidden from the UI).
* **Bug Fixes**
* Improved refresh behavior for service‑health data.
* Clear "No requests in this period" fallback and correct charts when
totals are zero.
* **Tests**
* Added unit tests for service‑health data extraction and
transformation.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46100?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
## What kind of change does this PR introduce?
Chore: component migration and copy update.
## What is the current behavior?
`DownloadSnippetModal` and `RenameQueryModal` use an awkward tabs-based
layout. The download action is labelled "Download" throughout, and the
NPX toggle was incorrectly labelled "NPM".
## What is the new behavior?
- Both modals are migrated to the `Dialog` component.
- The download dialog replaces the tab layout with a select (Migration /
Seed file / SQL file) and a CLI/NPX toggle.
- Action language changed from "Download" to "Export" (context menu
item, dialog title, select label) — more accurate since the user runs a
CLI command rather than triggering a browser download.
- NPM toggle label corrected to NPX; internal `npm` property key renamed
to `npx` for consistency.
| Before | After |
| --- | --- |
| <img width="1024" height="759" alt="Add Auth Hook (General) SQL Editor
Pickles Pantry Supabase-C6F22F8B-19FF-486E-8C08-915895495875"
src="https://github.com/user-attachments/assets/98637802-5e05-4431-87f8-b2e83216082a"
/> | <img width="1024" height="759" alt="Add Auth Hook (General) SQL
Editor Pickles Pantry Supabase-5B63AD0C-7CD0-4BB2-BEC8-5DBAE94963CE"
src="https://github.com/user-attachments/assets/a8f48c2f-a7e2-42fd-b52c-89a133811ad8"
/> |
| <img width="1024" height="759" alt="Add Auth Hook (General) SQL Editor
Pickles Pantry Supabase-1F28FADA-46D1-4C0A-BE96-6CFF2317FDCF"
src="https://github.com/user-attachments/assets/afb904d0-689b-4756-b0b4-8177703934e4"
/> | <img width="1024" height="759" alt="Add Auth Hook (General) SQL
Editor Pickles Pantry Supabase-652E6E8D-1CD2-4465-BC82-46EDB974CD8C"
src="https://github.com/user-attachments/assets/f1adfb6b-fba6-495f-b571-1713c3eebb4d"
/> |
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Refactor**
* Updated the SQL query export modal UI from a tabs-based interface to a
dropdown-based selection for choosing export formats.
* Revised menu and dialog labels to "Export query" for improved clarity.
* Enhanced code block presentation in the export modal.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46242?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Gildas Garcia <1122076+djhi@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
## Problem
SQL Editor still uses the deprecated `Modal` for:
- renaming queries
- downloading snippet
## Solution
- use `Dialog` instead
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Refactor**
* Updated modal dialog implementations across the SQL Editor to use
modern UI standards, improving code quality and maintainability.
* Refined state management for query-related modal operations including
downloads and renaming to ensure consistent and reliable user
interactions.
* Streamlined dialog structure and behavior patterns to reduce code
complexity and improve overall consistency in the SQL Editor interface.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46228?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## What kind of change does this PR introduce?
Chore. Rename / UX copy update in Studio's SQL Editor.
## What is the current behavior?
The SQL Editor sidebar has a **Community** section containing two pages:
- **Templates**: reusable SQL snippets for common tasks
- **Quickstarts**: end-to-end examples and starter projects
The section label "Community" is misleading because these are
first-party presets maintained by the Supabase team, not
user-contributed content. "Quickstarts" also doesn't clearly convey
"end-to-end example".
## What is the new behavior?
- **Community** → **Reference** (sidebar section header)
- **Quickstarts** → **Examples** (route: `/sql/quickstarts` →
`/sql/examples`)
- Templates keeps its name and route (`/sql/templates`), description
updated to "Reusable SQL snippets for common tasks"
Taxonomy:
- **Templates** = reusable SQL patterns you adapt
- **Examples** = end-to-end walkthroughs you run as-is
A permanent redirect is added so `/sql/quickstarts` gracefully forwards
to `/sql/examples`. The existing `/sql/templates` route is unchanged.
| Before | After |
| --- | --- |
| <img width="1024" height="759" alt="Quickstarts SQL Editor Pickles
Pantry Supabase-644881A5-6396-43AA-9AC4-61FFFFF18831"
src="https://github.com/user-attachments/assets/ff876c78-c499-4bac-b1ae-91e31817511d"
/> | <img width="1024" height="759" alt="Examples SQL Editor Pickles
Pantry Supabase-573775FA-E38F-4F8D-92E3-114237410C36"
src="https://github.com/user-attachments/assets/bdb8910f-94e9-4c21-bb3a-f6513008d8bc"
/> |
## Additional context
- `CommunitySnippetsSection.tsx`: header label + route keys updated; the
underlying `community` localStorage key is intentionally unchanged to
avoid resetting stored collapsed/expanded state for existing users.
- ESLint rule baselines and a docs troubleshooting link updated to
reflect the new filenames/routes.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Updated troubleshooting guide to reference the correct SQL examples
location.
* **New Features**
* Renamed "Quickstarts" to "Examples" throughout the SQL editor for
improved clarity.
* Updated SQL template and examples section descriptions and labels to
better reflect their purpose.
* Reorganized SQL editor navigation to streamline access to templates
and examples.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46241?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
## What kind of change does this PR introduce?
Refactor. Resolves FE-3216.
## What is the current behavior?
The AWS Marketplace create-organisation dialog owns its own copy of the
organisation name, type, and company-size form fields. It’s duplicative
and has drifted from the normal `/new` organisation form, making the AWS
flow harder to keep aligned.
This is stacked on #46058.
## What is the new behavior?
- Extracts the shared organisation details schema, defaults, option
constants, and fields from the normal `NewOrgForm`
- Reuses those shared fields in both the full organisation creation form
and the AWS Marketplace create-and-link dialog
- Keeps the AWS Marketplace flow anchored in the onboarding interstitial
rather than routing through `/new`
- Keeps the AWS-specific buyer ID, AWS-managed organisation endpoint,
create-and-link success state, and modal dismissal behaviour
| Before | After |
| --- | --- |
| <img width="1024" height="759" alt="Link AWS Marketplace
Supabase-3742FEDF-53BD-4E80-926D-498B2EA94773"
src="https://github.com/user-attachments/assets/617ee422-1cf0-4858-801b-a4ee5ee402c9"
/> | <img width="1024" height="759" alt="Link AWS Marketplace
Supabase-0FEE2292-CB9F-43AA-B131-B6A549890970"
src="https://github.com/user-attachments/assets/ff017468-f8ac-469a-bb17-eea07842306f"
/> |
## Additional context
The shared field extraction is intentionally limited to organisation
details. Billing, plan selection, spend cap, Stripe, captcha, and the
`/new/[slug]` redirect behaviour stay owned by `NewOrgForm`; AWS
Marketplace keeps its separate create-and-link container because AWS
owns the billing contract.
## Validation
- `pnpm --filter studio exec vitest --run
tests/pages/aws-marketplace-onboarding.test.tsx`
- `pnpm --filter studio lint:ratchet --rule no-restricted-exports`
- `git diff --check`
Full Studio typecheck was also run, but it currently fails on existing
unrelated repo-wide React/implicit-any errors outside this diff.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Improved AWS Marketplace organization creation dialog to prevent
accidental closure while the creation process is in progress.
* **Improvements**
* Standardized organization details form handling across different
organization creation flows for improved consistency and user
experience.
* **Tests**
* Added comprehensive test coverage for the AWS Marketplace organization
creation workflow, including form submission, validation, and state
transitions.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46087?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## What kind of change does this PR introduce?
Feature. Resolves DEPR-556.
## What is the current behavior?
AWS Marketplace onboarding uses a separate scaffold and AWS-specific
organization selection UI, so it does not match the newer shared connect
interstitial pattern used by Redeem Credits.
## What is the new behavior?
- Moves `/aws-marketplace-onboarding` onto the shared connect
interstitial shell with AWS and Supabase branding
- Reuses the shared organization selector behaviour from Redeem Credits,
including last-visited organization promotion, selected organization
promotion, the create-organization card, and compact overflow disclosure
- Keeps the existing AWS data path for buyer eligibility, onboarding
info, organization linking, AWS-managed organization creation, and
success/error/ineligible states
- Removes the now-unused legacy AWS Marketplace layout/scaffold
components
- Removes the temporary reviewer mocks from the branch before merge
## Additional context
This PR preserves the current AWS-managed organization creation modal so
the AWS flow keeps working while adopting the shared connect sheet.
FE-3216 should move that creation path into the general organization
form later, likely replacing the AWS-specific modal with a preconfigured
`/new` flow that can still return to AWS Marketplace onboarding and link
automatically.
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
## What kind of change does this PR introduce?
Chore / docs update. Related to DEPR-551. Stacked on #46053.
## What is the current behavior?
`Admonition` still accepts `label` as a backwards-compatible alias for
`title`, and a few www blog posts plus the Docs MkDocs admonition
transform still use or emit that alias.
## What is the new behavior?
Removes the `label` prop from `AdmonitionProps`, migrates the remaining
www blog Admonitions to `title`, and updates the Docs MkDocs transform
to emit `title` directly.
This leaves `title`, `description`, and `children` as the supported
Admonition content API.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Refactor**
* Admonition now uses a single required title prop for headings; the
legacy label prop is removed and no longer used.
* **Documentation**
* Updated docs and blog posts to pass admonition heading via title and
removed notes about label support.
* **Tests**
* Component tests adjusted to validate the new title-only behavior and
to ensure legacy label usage is rejected.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46054?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
## What kind of change does this PR introduce?
Feature. Resolves FE-3418
## What is the current behaviour?
Platform webhooks (org and project) have no keyboard shortcut coverage.
Every action requires a mouse click.
## What is the new behaviour?
Adds seven shortcuts across the four UI states of the platform webhooks
pages:
**List page**
| Shortcut | Action |
|---|---|
| `Shift+F` | Focus search input |
| `Shift+N` | Open "New endpoint" sheet |
**Endpoint detail page** (when viewing a specific endpoint)
| Shortcut | Action |
|---|---|
| `Shift+E` | Open the edit sheet |
| `Shift+U` | Copy the endpoint URL |
**Create / edit form sheet**
| Shortcut | Action |
|---|---|
| `Mod+Enter` | Submit the form (create or save) |
**Delivery details sheet** (when a delivery row is open)
| Shortcut | Action |
|---|---|
| `Shift+R` | Retry the delivery (only active for non-success
deliveries) |
| `Shift+C` | Copy the active tab's payload (switches label between
"Copy event payload" / "Copy response payload") |
All shortcuts:
- Are surfaced via `ShortcutTooltip` / `Shortcut` tooltips on their
buttons
- Appear in the keyboard shortcuts reference sheet (`Mod+/`) under a new
**Platform Webhooks** group
- Are gated so they only fire in the appropriate UI state (e.g.
`Shift+E` is disabled while the edit sheet is already open)
- Apply to both the org-level (`/org/[slug]/webhooks`) and project-level
(`/project/[ref]/settings/webhooks`) pages as both use the same
`PlatformWebhooksPage` component
**Shared shortcuts reused** (no new IDs): `LIST_PAGE_FOCUS_SEARCH`,
`LIST_PAGE_NEW_ITEM`, `ACTION_BAR_SAVE`.
## To test
The platform webhooks UI is behind a feature flag for internal folks.
Enable it in Studio via **Account → Feature Previews → Platform
Webhooks**. The backend is not yet integrated, so you can test all the
shortcuts on the 1–2 mock endpoints (and their deliveries) that appear.
**List page** (`/org/[slug]/webhooks` or
`/project/[ref]/settings/webhooks`):
- [ ] `Shift+F` moves focus to the search input
- [ ] `Shift+N` opens the "New endpoint" sheet (tooltip visible on hover
of the button)
**New endpoint sheet**:
- [ ] Fill in a name and a valid URL, select at least one event type
- [ ] `Mod+Enter` submits and creates the endpoint
**Endpoint detail page**:
- [ ] `Shift+E` opens the edit sheet (tooltip visible on the Edit
button)
- [ ] `Shift+U` copies the endpoint URL and shows a toast (tooltip
visible on the copy icon next to the URL)
**Edit sheet**:
- [ ] `Mod+Enter` saves changes
**Delivery details sheet** (click a delivery row to open):
- [ ] `Shift+R` retries a failed/pending delivery (button and shortcut
absent for successful deliveries)
- [ ] On the **Event** tab: `Shift+C` copies the event payload, toast
reads "Copied event payload"
- [ ] On the **Response** tab: `Shift+C` copies the response payload,
toast reads "Copied response payload"
- [ ] Tooltip on both Copy buttons reflects the active tab label
**Shortcuts reference sheet** (`Mod+/`):
- [ ] A **Platform Webhooks** group appears when on an endpoint detail
page or with the delivery sheet open with the relevant shortcuts listed
- [ ] The basic shortcuts are shown under **List pages** when on the
root Webhooks page
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
## What kind of change does this PR introduce?
Docs update. Part of DEPR-198.
## What is the current behaviour?
Auth email template examples and Studio template labels still reflect
older default copy in a few places.
## What is the new behaviour?
Updates Auth docs, local development docs, related snippets, Studio
template labels, and UI Library examples to [match the updated default
Auth email
copy](https://linear.app/supabase/document/email-template-copywriting-updates-04bba460fd2a).
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Updated authentication email template names and descriptions across
guides, replacing "Magic link" with "Sign-in link or code" terminology
* Revised security notification email naming from "Identity
linked/unlinked" to "Sign-in method linked/removed" and "MFA method" to
"Verification method"
* Updated email template example content with improved wording (e.g.,
"Confirm your email address" instead of "Confirm your signup")
* **UI Updates**
* Refined authentication-related UI text labels and descriptions in the
dashboard
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/45706)
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
## What kind of change does this PR introduce?
Feature, bug fix, and docs update. Addresses the AlertDialog async
action behaviour discussed in Slack and follow-up PR feedback.
## What is the current behavior?
`AlertDialogAction` delegates directly to Radix, so confirm actions
close the dialog immediately on click. Async mutation flows have to use
`asChild` with `event.preventDefault()` and a custom loading button to
keep the dialog open while work is in flight.
## What is the new behavior?
- `AlertDialogAction` now accepts async handlers and a controlled
`loading` prop. Promise-returning actions keep the dialog open, show the
existing Button loading state, disable cancel/dismissal while pending,
close on success, and stay open on rejection.
- Existing workaround usages in Studio have been migrated to the direct
action API (see 'To test' callsite list below)
- design-system docs now include async action examples and
`AlertDialogBody` guidance for inline feedback
https://github.com/user-attachments/assets/1af66410-e9f9-4231-9c6d-fe650bd717a4
## Additional context
- [ ] Once #45572 is rebased onto this change, `ResetTemplateDialog`
should use `AlertDialogAction loading={isResettingTemplate}` with a
promise-returning reset handler instead of a plain loading `Button` in
`AlertDialogFooter`.
## To test
- [x] On Studio API Keys settings, use a project with no publishable or
secret API keys, click the “Create API keys” banner action, and confirm
the Alert Dialog stays open with loading until the default publishable
and secret keys are created.
- [x] Delete a JIT database access rule and confirm the Alert Dialog
stays open with loading until deletion succeeds, and stays open with
inline feedback if it fails.
- [x] With temporary access disabled and existing rules configured,
enable temporary access and confirm the “This will activate existing
rules” Alert Dialog stays open with loading until the configuration
update succeeds, and stays open with inline feedback if it fails.
- [x] Disable external replication and confirm the Alert Dialog stays
open with loading until the mutation succeeds.
- [x] Enable Index Advisor and confirm the Alert Dialog stays open with
loading until the mutation succeeds, and stays open with inline feedback
if it fails.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Alert dialogs support async actions with built-in loading, dismissal
blocking while pending, and preserved dialog on error.
* Two interactive examples demonstrating async success and error flows.
* **Improvements**
* Dialogs now surface inline error messages and consistent
loading/confirm behavior across flows (create keys, replication, JIT DB
access, index advisor).
* Minor UI refinements for action controls.
* **Documentation**
* Docs updated with async-action guidance and inline-error
recommendations.
* **Tests**
* New test suite validating async dialog behaviors.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/45960)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Gildas Garcia <1122076+djhi@users.noreply.github.com>
## Summary
Two surfaces were showing invalid Codex config keys that don't exist in
Codex's schema (which uses `additionalProperties: false`), causing
validation errors for users who followed the setup steps.
- **Studio Connect Sheet** (`connect.schema.ts`): removes the "Enable
remote MCP client support" step, which told users to add
`[mcp]\nremote_mcp_client_enabled = true` to `~/.codex/config.toml`.
Deletes the dead content component and updates tests.
- **Docs MCP panel** (`ui-patterns/McpUrlBuilder/constants.tsx`):
removes the `[features]\nrmcp_client = true` config block from the Codex
`alternateInstructions`. Keeps the valid authenticate (`codex mcp login
supabase`) and verify (`/mcp`) steps.
Closes
[AI-548](https://linear.app/supabase/issue/AI-548/bug-studio-mcp-connect-flow-shows-invalid-codex-config-guidance)
Fixes#43893
## Root cause
Both invalid keys were introduced in #42374 (Feb 2026). A full search
through the [`openai/codex`](https://github.com/openai/codex) git
history confirms neither `remote_mcp_client_enabled` nor `rmcp_client`
ever existed in any version of the codebase (neither the TypeScript CLI
nor the Rust rewrite).
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Towards [FE-3428](https://linear.app/supabase/issue/FE-3428).
## Summary
Cheap render-cost fixes so the Schema Visualizer stays responsive at
400+ tables. No data-layer or API changes — pure render-side work,
isolated to the Schema Visualizer.
- Enable `onlyRenderVisibleElements` on `<ReactFlow>` so xyflow skips
mounting nodes and edges outside the viewport.
- Memoize `TableNode` (custom comparator) and `DefaultEdge` so they
don't re-render on unrelated state changes (pan/zoom, theme toggle,
parent re-renders).
- Drop `resolvedTheme` from the layout effect deps — theme is purely
visual; toggling it no longer re-runs Dagre and replaces every
node/edge.
- `handleSelectionChange` now (a) skips `setEdges` entirely when no
edge's `animated` flipped, and (b) preserves the object reference for
untouched edges so memoized edges don't re-render.
- Precompute a `Map<tableName, …>` lookup in `getGraphDataFromTables` so
FK handle resolution is O(1) per relationship instead of scanning every
table+column.
A follow-up PR will add a `useInfiniteTablesQuery` and switch both the
Schema Visualizer and Database > Tables list onto it for progressive
loading and infinite scroll.
## Caveats
- `TableNode` reads `selectedEdge` from context, so selecting an edge
still re-renders all visible `TableNode`s via context propagation. The
memo guards against props-driven re-renders (pan/zoom/theme).
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Refactor**
* Optimized database schema graph rendering with improved component
caching and efficient relationship lookups.
* Enhanced visual element rendering to reduce unnecessary re-renders for
large schemas.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46235?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
This PR is the final PR for Supabase UI Vue&Nuxt with the Realtime Chat
and Infinite Query.
## Additional context
Initiative by Terry
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Release Notes
* **New Features**
* Realtime Chat now available for Vue and Nuxt.js frameworks with full
documentation and composables
* Added Infinite Query composable for Vue with comprehensive guides
* **Documentation**
* New Realtime Chat documentation pages for Vue and Nuxt.js
* New Infinite Query documentation for Vue
* Updated framework support in documentation navigation
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Terry Sutton <saltcod@gmail.com>
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
bug fix: allow email rate limit editing when send email hook is enabled
## What is the current behavior?
when send email hook is enabled, users can't customize the send email
rate limit.
## What is the new behavior?
when send email hook is enabled, users _can_ customize the send email
rate limit.
## Additional context
backend changes are already in place.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Improvements**
* Expanded email rate limit configuration to support Send Email hooks in
addition to SMTP providers.
* Enhanced user guidance with updated messaging and navigation options
for configuring email delivery methods.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46104?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## What kind of change does this PR introduce?
Feature, docs update.
- Resolves FE-3419
- First pass for DEPR-578
## What is the current behaviour?
The Connect sheet can be opened from visible UI and command-menu
actions, but it does not have a direct keyboard shortcut. Studio also
has shortcut conventions in code, but limited agent-facing review
guidance for contributors adding or touching Studio UI.
## What is the new behaviour?
FE-3419:
- Adds `O then C` to open the Connect sheet for active healthy projects.
- Mounts the shortcut from the always-rendered Connect sheet, so it
works without first opening the lazy command menu.
- Surfaces the shortcut on the Connect button tooltip, in the shortcuts
reference sheet, and on the Connect command-menu action.
- Forces the tooltip closed while the sheet is open so Escape closes the
sheet without also driving tooltip state.
- Tracks keyboard shortcut opens with the existing Connect sheet
telemetry event.
- Moves single-item AI Assistant and Inline Editor shortcuts to the
_Global Actions_ section in the cheatsheet.
DEPR-578:
- Adds a short Studio shortcut convention to `.claude/CLAUDE.md`.
- Adds scoped Copilot review guidance for Studio shortcut coverage,
discovery, and collision checks.
- Points the guidance back to the existing shortcut registry,
`useShortcut`, `Shortcut`, and `ShortcutTooltip` implementation context.
| After |
| --- |
| <img width="1576" height="188" alt="CleanShot 2026-05-21 at 11 30
40@2x"
src="https://github.com/user-attachments/assets/ba9d68c8-27ea-4c89-8016-d95d5bcea3ea"
/> |
| <img width="830" height="364" alt="CleanShot 2026-05-21 at 11 48
51@2x-FC627CB5-4A1C-49E2-B748-8AF0A3EBD7BC"
src="https://github.com/user-attachments/assets/d6aa52c1-56b2-4731-8e6b-088e29da43ed"
/> |
Validation:
- `pnpm --dir apps/studio exec vitest --run
components/ui/GlobalShortcuts/ShortcutsReferenceSheet.test.tsx
components/interfaces/ConnectButton/Connect.Commands.test.tsx
components/interfaces/ConnectSheet/useConnectSheetShortcut.test.ts`
- `git diff --check`
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Keyboard shortcut to open the Connect sheet from anywhere; Connect
button displays the shortcut and is enabled only for eligible projects.
* New "Global Actions" group in the shortcuts reference including AI
Assistant, Inline Editor, and Connect.
* **Documentation**
* Added Studio keyboard-shortcuts guidance and linked it in project
instructions.
* **Tests**
* Added tests covering connect shortcut behavior and command
registration.
* **Telemetry**
* Connect-sheet open events now record keyboard shortcut as a source.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46185?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Ali Waseem <waseema393@gmail.com>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Added a pill for on-demand webinars in the /events page. Previously,
webinars were not shown if they had passed. But we embed the video for
the webinar into the landing page so people can discover and find it.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added an "On-demand" event category with dedicated filtering and a
separate on-demand view
* Events page now loads on-demand content and shows "On-demand" badges
where appropriate
* **UI/UX Improvements**
* Banner hides when viewing on-demand events; subtitle updates per view
* Event card layout and badge placement refined; sorting and empty-state
messaging adapt to selected category
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46215?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Alan Daniel <stylesshjs@gmail.com>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Feature — adds a third-party script.
## What is the current behavior?
The `/contact/sales` page submits the HubSpot enterprise form but has no
integration with Default.com for instant enrichment and call scheduling.
Linked issue: FE-3244.
## What is the new behavior?
Injects the Default.com snippet into the `<head>` of `/contact/sales`.
Default.com listens to the HubSpot form submission, enriches the lead,
and routes qualified prospects to instant call scheduling for Sales.
## Additional context
The other form mentioned in the issue (`forms.supabase.com/enterprise`)
lives on a separate subdomain outside this monorepo and will need a
separate change.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Contact sales form now includes integrated form enrichment
functionality.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46130?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Clarify that presence should not be used for high-frequency updates
<img width="1070" height="793" alt="Presence___Supabase_Docs"
src="https://github.com/user-attachments/assets/76e736da-12c3-46ba-8301-6f777e83c900"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Added guidance on optimal use cases for Presence feature, clarifying
it's best suited for slow-changing state and recommending Broadcast for
high-frequency updates.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Co-authored-by: Chris Chinchilla <chris.ward@supabase.io>
## Problem
The _New schema_ form isn't actually a form:
- values and validation are handled manually
- users can't submit with _Enter_
Besides, even though it has a single field, it's displayed in a large
side panel.
We now have guidelines for such cases:
> As a general rule: use dialogs for short, focused tasks and use sheets
for longer forms or more detailed views.
## Solution
- [x] Convert it to a real form
- [x] Convert it to a dialog
## How to test
- In _Table editor_, click the schema selector and choose _Create a new
schema_
- press _Enter_ immediately to check validation
- enter a name and press _Enter_
- Check the _Save_ button show the pending state
## Screenshots
Before:
<img width="462" height="815" alt="image"
src="https://github.com/user-attachments/assets/e1f9adb7-35ce-44da-9341-432d7b452dd2"
/>
After:
<img width="516" height="312" alt="image"
src="https://github.com/user-attachments/assets/77998e66-5e45-4bc8-83f8-bf578aba21b8"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Refactor**
* Improved schema creation form with enhanced validation and error
handling.
* Added loading indicator during form submission.
* Enhanced user feedback with toast notifications for success and error
states.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46201?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Co-authored-by: Alaister Young <alaister@users.noreply.github.com>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES/NO
## What kind of change does this PR introduce?
Bug fix, feature, docs update, ...
## What is the current behavior?
Please link any relevant issues here.
## What is the new behavior?
Feel free to include screenshots if it includes visual changes.
## Additional context
Add any other context or screenshots.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Updated the Drizzle ORM guide to a Deno-native configuration,
replacing the prior import-map example with embedded Deno examples and
references to Edge Function samples.
* **New Features**
* Added an Edge Function example demonstrating Drizzle + PostgreSQL on
Deno.
* Added a shared database schema example including user and countries
table definitions.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/45935?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Chris Chinchilla <chris.ward@supabase.io>
## Summary
- pg_graphql 1.6+ disables schema introspection by default, which breaks
GraphiQL's docs explorer and field autocomplete. This PR adds an in-app
notice + confirmation flow so users can opt into (or later opt out of)
introspection without leaving the GraphQL tab.
- Introspection state is read from, and written to, the `@graphql(...)`
directive embedded in the target schema's Postgres comment (`public` by
default). Other directive options the user has set are preserved when
the introspection key is toggled.
- Ships `parseSchemaComment` / `buildSchemaCommentWith` helpers (with
unit tests) and a `useSetIntrospection` mutation hook, plus collapsible
disabled-state and dismissible enabled-state notices rendered above
GraphiQL. GraphiQL is re-mounted after a toggle so it re-runs
introspection.
## Test plan
- [ ] On a project with pg_graphql >= 1.6 and introspection disabled:
disabled-state notice appears, confirm modal shows the SQL that will
run, enabling re-mounts GraphiQL and populates the docs explorer.
- [ ] On a project with introspection enabled: small enabled-state
banner appears, disabling clears the docs explorer and updates the
schema comment.
- [ ] Existing `@graphql({...})` options (e.g. `inflect_names`,
`max_rows`) survive a toggle; malformed directive text is replaced and a
warning is shown in the confirm modal.
- [ ] On pg_graphql < 1.6 (or extension not installed): no notice
renders, GraphiQL behaves as before.
- [ ] Collapsed-disabled-notice state persists per project via local
storage.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* GraphQL introspection toggle with enable/disable confirmation modal.
* Notices showing current introspection state with controls to change
it.
* GraphiQL automatically remounts and updates when introspection status
changes.
* Per-project persisted collapsed/expanded state for the introspection
notice.
* Background detection of introspection support and schema comment
handling for targeted schemas.
* **Tests**
* Comprehensive tests for parsing/building schema comment directives and
version behavior.
<!-- review_stack_entry_start -->
[](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46170?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)
<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
