## Context
Part of an investigation to see how we can make the dashboard more
resilient for large databases by ensuring that the dashboard never
becomes the reason for taking down the database accidentally.
Am proposing that for interfaces that rely heavily on queries to the
database for data to render, we add preflight checks to ensure that we
never run queries that exceed a certain cost threshold (and also have UI
handlers to communicate this) - this can be done by running an EXPLAIN
query before running the actual query, and if the cost from the EXPLAIN
exceeds a specified threshold, the UI throws an error then and skips
calling the actual query.
## Demo
Am piloting this with the Table Editor, and got an example here in which
my table has 500K+ rows, and I'm trying to sort on an unindexed column:
https://github.com/user-attachments/assets/ccad2ea9-d62c-4106-8295-2a6df5941474
With this UX, the pros are that
- It's relatively seamless and not too invasive, most users won't notice
this unless they run into this specific scenario
- We can incrementally apply this to other parts of the dashboard, next
will probably be Auth Users for example
However there are some considerations:
- The additional EXPLAIN query adds a bit more latency to the query
since its a separate API request to the query endpoint
- ^ On a similar note, it will hammer the API a bit more, which may
result in higher probability of 429s
- However, I reckon that the preflight checks are meant to be used
sparingly and only for certain parts of the dashboard that we believe
may cause high load.
- e.g for the Table Editor, reckon we only need this for fetching rows?
The count query is largely optimized already (although we could just add
a preflight check there too)
- It's just meant to be a safeguard to prevent running heavy queries on
the database
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Query preflight with cost checks and a user-facing high-cost dialog
showing cost details and remediation suggestions.
* Grid exposes an explicit error flag and surfaces richer error
metadata.
* **Bug Fixes**
* Standardized error handling and more consistent error displays across
the app.
* Explain analysis now reports an additional max-cost metric for
queries.
* **UI**
* Tweaked empty-state interaction/layout and slightly wider header
delete control.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Ali Waseem <waseema393@gmail.com>
## Summary
Adds exposure tracking for the HomeV2 experiment and the Getting Started
section. These events help measure user engagement with the new home
page experience and track how many users see the Getting Started
onboarding flow.
Resolves
[GROWTH-602](https://linear.app/supabase/issue/GROWTH-602/track-home-page-and-getting-started-exposure-events)
## Changes
- Add `home_new_experiment_exposed` event that fires when users see the
HomeV2 experiment (captures which variant they're assigned)
- Add `home_getting_started_section_exposed` event that fires when the
Getting Started section is displayed (captures current workflow state)
- Define corresponding TypeScript interfaces in telemetry-constants.ts
- Both events use `useRef` to ensure they only fire once per component
mount
## Testing
Tested locally and on staging that events fire to posthog.
**Quick test:**
1. Navigate to a project home page with the `homeNew` flag enabled
2. Verify `home_new_experiment_exposed` event fires in PostHog with the
correct variant
3. For projects < 10 days old, verify
`home_getting_started_section_exposed` fires when the section is visible
4. Confirm events don't fire for dismissed sections or mature projects
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added exposure tracking for home experiment variants and the Getting
Started section to surface which experience users see.
* **Chores**
* Standardized and consolidated analytics calls to improve reliability
of interaction tracking.
* Enhanced event payloads to capture workflow choices, step
interactions, and dismissals for better product insights.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context
Related to unifying read replicas into database replication page which
is currently in internal testing
## Changes involved
- Updates the "New replica" CTA in `DatabaseSelector` (e.g within the
SQL Editor) to link to the replication page instead of settings
infrastructure
- Refactor replication UI to use URL query states for new destination +
edit destination
## To test
- [ ] Verify that the "New replica" CTA links correctly to replication
page if flag is on
- [ ] Verify that new + edit destination UI works as expected
- Note that there's some server side validation for ETL replication now
so might be tricky to test creating an actual ETL replication
- Minimally can test creating a read replica and ensure that the UI
behaviour is all as expected
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added unified replication experience with URL-based state management
for destination creation and editing
* **Refactor**
* Simplified replication panel component interfaces and consolidated
destination data fetching logic
* Enhanced edit flows to leverage URL parameters for seamless navigation
* **Chores**
* Marked legacy read replica creation panel as deprecated
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context
Addresses a small footgun where copying and paste a single value with
new lines and hitting save in the edge function secrets page will also
save the new lines in the secret name.
Fix is just adding a trim
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Internal code organization and refactoring improvements to enhance
codebase maintainability and consistency across the Functions module.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context
Just adding some documentation to the more complex parts of the
dashboard in hopes to ease working on these parts for those who aren't
familiar
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Folder creation and updates in the SQL Editor now properly sync to the
backend with API calls, success notifications, and improved error
handling.
* Snippet save/upsert behavior updated: saves run via API with
optimistic handling and debounced execution; default automatic refresh
after save has been reduced to avoid unnecessary invalidations.
* **Documentation**
* Added a comprehensive SQL Editor guide covering UI, data flow, snippet
management, and improvement notes.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
`create-react-app` is deprecated, so this PR brings vite before
`create-react-app` when opening React in the connect dialog.
## Summary
Removes two concluded A/B experiments that didn't produce positive
results:
- **tableQuickstart**: Tested AI-powered table generation, template
selection, and assistant integration for new table creation
- **realtimeButtonVariant**: Tested hiding the realtime button or
replacing it with a triggers button
## Changes
- Delete `TableQuickstart/` folder with AI widget, templates widget, and
generation hooks
- Delete `useRealtimeExperiment` hook and remove variant-conditional
logic
- Delete `/api/ai/table-quickstart/generate-schemas` endpoint
- Remove telemetry event definitions for both experiments
- Remove local storage exposure tracking key
- Remove API endpoint from proxy whitelist
- Clean up eslint baseline references
## Testing
- [x] Tested locally - Table Editor renders correctly without experiment
widgets
- [x] TypeScript compiles without errors
- [x] No remaining references to removed experiment code
**Quick test:**
1. Navigate to Table Editor → New Tab shows only "Create a table" card
(no AI/Templates/Assistant variants)
2. Open table create panel → Realtime checkbox shows unconditionally
when realtime is enabled
## Linear
fixes GROWTH-609
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Removed Features**
* AI-powered table generation and quickstart assistance (templates, AI
widget, generation hook, templates data, and related utilities)
* Quickstart templates widget and predefined table templates
* Database triggers management interface
* Realtime experiment gating and related experiment variants
* **API & Storage**
* Hosted AI quickstart API endpoint removed
* Local storage key for quickstart exposure tracking removed
* **Telemetry**
* Quickstart- and realtime-experiment telemetry events removed
* **UI Changes**
* Simplified realtime toggle control in the table editor
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
docs update
## What is the current behavior?
Please link any relevant issues here.
- Minor grammar fixes
- Delete bulk: countries → characters table name
- Text search: Replaced "fat" with "the", added data sources and
responses for 3 examples
- Or filter: Fixed reponse typo, changed book_id → section_id
- Order modifier: Added missing .execute()
- Link identity: Fixed dict syntax {provider:} → {"provider":}
- Unlink identity: res → response
- List users: Removed trailing comma
- Reauthenticate: updateUser() → update_user()
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Enhanced grammar and terminology consistency throughout documentation.
* Improved code examples with standardized formatting, naming
conventions, and accurate references.
* Expanded documentation examples with additional data context and
sample outputs to clarify expected results.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Illia Basalaiev <illiab@IMB3.local>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
docs update
## What is the new behavior?
Adds PostgREST mirror codes
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Added a comprehensive PostgREST Error Codes guide covering database-
and API-level errors, HTTP status mappings, JSON examples, SQL query
samples, and log-analysis/debugging tips.
* Updated REST API Guides navigation to include the new Error Codes
documentation link.
* **Style**
* Expanded spelling allow-list to include "Grantor" (case variant) and
"SQL".
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Chris Chinchilla <chris.ward@supabase.io>
Simple changes to the docs.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Enhanced SAML SSO attribute mapping guide with support for
multi-valued arrays, default values for missing attributes, and multiple
alternative attribute name lookup.
* Clarified identity data storage location and expanded configuration
examples with resulting JWT claims and database representations.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Chris Chinchilla <chris.ward@supabase.io>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Simplified React getting-started tutorial: concise, action-oriented
steps, inline code replaced by external sample references, removed the
Bonus: Profile photos section, and expanded README guidance and setup
steps.
* **Examples**
* User-management example converted to a user-focused auth flow with
safer unmount handling, adjusted profile/account interactions, and
updated sample references.
* **Chores**
* Upgraded example dependencies and tooling to align with newer React
and ecosystem versions.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
docs update
## What is the current behavior?
no issues
## What is the new behavior?
I am included into humans.txt
## Additional context
onboard
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated the public team list to include a new contributor.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: ferhat elmas <elmas.ferhat@gmail.com>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Update OG image for the PrivateLink blog post
## What is the current behavior?
Old OG image
## What is the new behavior?
Updated OG image
## Additional context
Follow-up to #42178 - updating the OG image for the PrivateLink
announcement blog post.
Co-authored-by: Ana Mogul <ana1337x@users.noreply.github.com>
## Summary
Adds session-based deduplication for experiment exposure events.
Previously, exposure events used `useRef` which reset on page refresh,
causing duplicate events. Now events dedupe by PostHog session ID using
`sessionStorage`, firing once per session even across page refreshes.
## Changes
- Add `captureExperimentExposure()` method to `PostHogClient` with
session-based dedupe
- Add `getSessionId()` method to retrieve PostHog session ID
- Create `useTrackExperimentExposure` hook for clean usage
- Migrate existing experiments to new hook:
- RLS option experiment (`/new/[slug]`)
- Realtime button experiment
- Table create generate policies experiment
## How it works
1. Event triggered → if PostHog not ready, queue to `pendingExposures[]`
2. PostHog `loaded` → flush queue through `fireExposureIfNew()`
3. `fireExposureIfNew()` checks
`sessionStorage['ph_exposed:{experimentId}']`
4. If value matches current session ID → skip (already fired)
5. If differs or missing → fire event, store session ID
## Testing
- [x] Tested locally and on preview - verified on project creation page
- [x] PostHog events sent successfully (200 responses)
- [x] Session deduplication working (no duplicate events on page refresh
or org switch)
- [x] Lint passes with 0 errors
**Quick test:**
1. Go to `/new/<org-slug>` project creation page
2. Check `sessionStorage` for `ph_exposed:project_creation_rls_option`
key
3. Refresh page - event should not fire again (same session ID)
## Linear
Resolves GROWTH-608
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* More reliable experiment exposure reporting with session-aware
deduplication, queued delivery, and consent respect to ensure events are
recorded when available.
* **Bug Fixes**
* Prevents duplicate exposure events within a session and avoids firing
exposures without a valid session.
* **Refactor**
* Consolidated disparate exposure-tracking logic into a unified
hook-based approach, simplifying tracking across the app.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
- finished the axiom log drain started in #40209
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Release Notes
* **New Features**
* Added Axiom as a new log drain destination for telemetry data
collection
* Added Amazon S3 as a new log drain destination for log storage
* Extended log drain configuration form with fields for S3 bucket
credentials and Axiom API details
* Added documentation for setting up Axiom log drain integration
* **Documentation**
* Added Axiom log drain setup guides with dataset creation and
configuration steps
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context
Addresses a UX confusion where users are unsure of which schema to
install database extensions in. Am opting to show a "Default" badge on
the extensions schema just to lower the cognitive load for this step if
the extension doesn't have a specific schema it needs to be installed in
<img width="416" height="322" alt="image"
src="https://github.com/user-attachments/assets/b938afdb-31d7-4e9f-a065-7b3b185ac8e1"
/>
If the extension has a recommended schema, we'll show a badge as well
(Related [PR](https://github.com/supabase/supabase/pull/40968))
<img width="429" height="300" alt="image"
src="https://github.com/user-attachments/assets/cf42bce3-a99c-4877-9d16-9f2013b91e16"
/>
Otherwise, if there's a fixed schema, then no badge
<img width="427" height="283" alt="image"
src="https://github.com/user-attachments/assets/608c0c4f-ea8e-4462-ad66-9e3b3bb43265"
/>
## Other changes
- Refactored `EnableExtensionModal` to use react hook form + Dialog
component
- Refactored checking of default schema to use React Query
## To test
- [ ] Verify the UI changes
- [ ] Verify that you can still enable / disable extensions - and ensure
that they're being installed in the right schemas
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Enhanced extension enable dialog with form-driven schema selection,
read-only default-schema display, and "create custom schema" flow
* "Recommended" and "Default" badges next to schema choices;
platform-specific warnings and callouts
* Fetches and surfaces extension default/recommended schema to guide
selection
* **Refactor**
* Dialog-based UI with integrated form validation and improved enable
workflow
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Alaister Young <alaister@users.noreply.github.com>
- adds s3 log drain form
- fixes issue tabbing over inputs
to test you can create an s3 bucket in a aws account, create some
credentials and try it, however I've tested it already and the logs
reach S3 just fine.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added Amazon S3 as a new log drain destination with configuration for
bucket, region, access credentials, and batch timeout settings.
* **Documentation**
* Updated guide documentation to include the new S3 destination
alongside existing options and standardized Datadog terminology.
* **Improvements**
* Simplified error message rendering in form layouts for improved
performance.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Ali Waseem <waseema393@gmail.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
<img width="1196" height="427" alt="image"
src="https://github.com/user-attachments/assets/6784b5e9-99c8-4fc9-b9f5-49672ba6e768"
/>
This reworks the security section within our project creation form to
expose two options.
1/ Enable or disable Data API which is essentially the same as we had
previously, just reframed
2/ Enable auto RLS which creates an event trigger that enables RLS on
all tables created via public schema. This is the same as what we do via
the RLS banner in authentication pages.
Note that this also removes the option to disable Data API on public
schema and move to dedicated schema. The user can still do this post
project creation . Assumption is this is rarely changed on project
creation and adds complexity.
To test:
1. Create a new project
2. Enable Data API and enable RLS setting
3. After project creation, go to triggers -> event tab -> notice enable
rls trigger
4. Create project and disable Data API
5. After project creation , go to settings/api and make sure data api is
disabled
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added an optional automatic Row-Level Security (RLS) event trigger
option in project creation (toggleable via experiment).
* **Improvements**
* Security panel simplified to checkbox-based controls for Data API and
RLS.
* Project creation form now includes the enableRlsEventTrigger flag and
applies related setup when enabled.
* Telemetry records RLS experiment exposure, variant, and whether the
RLS trigger was enabled.
* Free-project messaging updated to consider user limits.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Charis Lam <26616127+charislam@users.noreply.github.com>
Co-authored-by: Sean Oliver <882952+seanoliver@users.noreply.github.com>
## What kind of change does this PR introduce?
Bug fix
## What is the current behavior?
- Links on the UI Patterns introduction page are wrong and therefore 404
- Introduction pages on the sidebar are also wrong and 404
## What is the new behavior?
Fixes for both of the above
## Additional context
Thanks [Emilio](https://github.com/supabase/supabase/pull/42309) for
letting us know!
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Updated navigation structure in the design system documentation to
direct users to introduction pages for UI Patterns, Fragments, and
Components sections.
* Refined internal documentation links for improved navigation
consistency.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
docs update
## What is the current behavior?
prisma fails with error:
```
Error:
`--to-schema-datamodel` was removed. Please use `--[from/to]-schema` instead.
```
## What is the new behavior?
prisma command runs successfully
## Additional context
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Updated database guide with current Prisma migration command syntax
for improved accuracy and reliability.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Added my name as part of onboarding
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES/NO
## What kind of change does this PR introduce?
Bug fix, feature, docs update, ...
## What is the current behavior?
Please link any relevant issues here.
## What is the new behavior?
Feel free to include screenshots if it includes visual changes.
## Additional context
Add any other context or screenshots.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Updated the contributors list in project documentation.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Co-authored-by: Alan Daniel <stylesshjs@gmail.com>
Co-authored-by: Chris Chinchilla <chris.ward@supabase.io>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
A feature page copy update:
- headline updated
- revised introduction and key features
- added a call to action on how to create read replicas
- removed benefits/particularly valuable for paragraphs, replaced with
"when to use read replicas"
- added link to blog post
## What is the current behavior?
N/A
## What is the new behavior?
N/A
## Additional context
N/A
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Revised Read Replicas description to emphasize workload isolation and
reduced multi-region latency.
* Reworked feature content into actionable "When to use Read Replicas"
guidance with usage criteria.
* Added step-by-step "Get Started" setup instructions and region
recommendations.
* Updated media to include a video and refreshed
monitoring/configuration guidance.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Co-authored-by: Ana Mogul <ana1337x@users.noreply.github.com>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
docs update - adding myself to humans.txt
## What is the current behavior?
NA
## What is the new behavior?
NA
## Additional context
Onboarding
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated team roster information
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
This is largely to avoid setting state inside a `useMemo()`.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Refactor**
* Optimized CommandMenu page registration timing and dependency handling
to improve synchronization with DOM updates.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
- Adds Kiro to the list of MCP Clients in [MCP
docs](https://supabase.com/docs/guides/getting-started/mcp) / studio
Connect dialog with deep links to install the Supabase
[powers](https://kiro.dev/powers/)
- Makes description above deep link configurable via
`deepLinkDescription` (so Kiro's text can clarify that this installs the
power)
- Adds options to `generateDeepLink` so deep link can be different for
local/hosted platforms (so we can provide different deep links for the
local/hosted Kiro powers)
See MCP docs in preview:
https://docs-git-mattrossman-ai-301-kiro-installation-docs-supabase.vercel.app/docs/guides/getting-started/mcp
<img width="1756" height="1096" alt="CleanShot 2026-01-23 at 17 03
43@2x"
src="https://github.com/user-attachments/assets/dedc156d-6b86-4238-aa32-f7fda414d069"
/>
Resolves
[AI-301](https://linear.app/supabase/issue/AI-301/kiro-installation-docs)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Release Notes
* **New Features**
* Added support for Kiro MCP client with platform-aware configuration
handling
* Enhanced MCP configuration display to show platform-specific deep link
descriptions
* Improved config file rendering with better visual presentation
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Functions page on self-hosted differs from Platform Adds the possibility to see function details page in Self-Host version.
## Summary by CodeRabbit
* **New Features**
* Edge function detail lookup added for self‑hosted deployments (new
retrieval endpoint & store method).
* Consistent navigation to function pages from the functions list.
* **Improvements**
* UI tabs, download, and test controls adapt to deployment type.
* Region, JWT verification, local development, and delete controls shown
only on the platform.
* Edit/save/delete controls enable/disable correctly based on deployment
and permissions.
* Function details load reliably across deployments.
Bug fix
## What is the current behavior?
The client library selector validation was failing when the simplified
support form was used, because the field was required but hidden.
## What is the new behavior?
The client library selector is only required when: client library JSON
flag is on + not using simplified support form + client libraries is
chosen as the problem category.
## Summary by CodeRabbit
* **Bug Fixes**
* Improved support form validation logic and category eligibility for
support access requests.
* Refined conditional rendering of support access toggle based on
selected category.
* **New Features**
* Added feature-flag-based library selection capability for support
submissions.
* **Refactor**
* Streamlined support category options and removed obsolete entries.
* Simplified form schema initialization and made library field optional
where applicable.
## What kind of change does this PR introduce?
Improvement, studio docs update
## What is the current behavior?
Only instructions for local-development are shown
## What is the new behavior?
Include a new section with useful links for self-hosted environment
## Additional context
<details>
<img width="1475" height="947" alt="image"
src="https://github.com/user-attachments/assets/34f02e03-d666-4521-99af-d25ba778295d"
/>
</details>
---
cc @aantti
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Improvements**
* Reorganized the empty state for Functions into two distinct cards to
improve visual hierarchy and guidance.
* Added a dedicated section explaining local development and CLI usage,
with clearer header actions.
* Introduced a separate card with guidance for self-hosted Supabase and
related runtime notes.
* Increased vertical spacing on the secrets management page for better
readability.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Co-authored-by: Charis <26616127+charislam@users.noreply.github.com>
Bug fix
## What is the current behavior?
The clipboard copy operation for table schema would show the success
toast before the copy actually completed.
## What is the new behavior?
Move the toast showing to the callback so it appears only after the copy
finishes
## Summary
* **Bug Fixes**
* Clipboard success confirmation now appears reliably after the copy
completes.
* **New Features**
* Copied table schemas are automatically formatted for improved
readability.
* **Improvements**
* Enhanced clipboard behavior for better reliability across browsers.
…all support categories (#42254)"
This reverts commit a87387b56e.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Fixed support access eligibility logic to correctly reflect which
support categories qualify for access.
* **Refactor**
* Restructured support form to improve category filtering and visibility
handling for better organization.
* Updated category option structure to properly support hidden category
states and filtering.
* Streamlined support access determination based on selected category,
improving form logic clarity.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
| Before | After |
| --- | --- |
| <video
src="https://github.com/user-attachments/assets/51d20e23-6bd1-458c-b35a-374990a5804f"/>
| <video
src="https://github.com/user-attachments/assets/fb94af78-efb5-477d-a61e-93f0c6153f05"/>
|
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Navigation header now displays proper loading state while retrieving
user authentication data. User-specific interface elements including
Dashboard links and user menu controls now correctly remain hidden until
user data fully loads, preventing premature visibility and ensuring
consistent display timing during page initialization.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
**Logic changes**
- Adds function in `helpers.ts` to extract URLs from text via regex
- I also considering using a library like
[linkify-it](https://www.npmjs.com/package/linkify-it) for this but
figured it's not worth the extra dep
- Adds associated tests in `helpers.test.ts`
- Adds "URL Validity" scorer which performs a HEAD request for links in
Assistant response text and determins what portion of links have `.ok`
responses
- Adds eval case to check correctness of support ticket URL answers
**Prompt changes**
- Informs Assistant of https://supabase.com/dashboard/support/new being
the URL to create support tickets
- Encourages Assistant to "self-debug" issues before directing users to
create support tickets
See [Eval
Report](https://github.com/supabase/supabase/pull/42227#issuecomment-3807772871)
and
[Correctness](https://www.braintrust.dev/app/supabase.io/p/Assistant/trace?object_type=experiment&object_id=1ad0f9b0-5adb-436c-9812-a87aac62c036&r=1ef13459-a98c-4904-925e-6d81276cebb2&s=dbe5c607-a560-462b-8745-41d430744431)
analysis for new support ticket test case.
Resolves AI-384
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added URL validity scoring to evaluations and helper utilities for
extracting/cleaning URLs.
* Added evaluation cases for support-ticket URL handling and OAuth
callback guidance.
* **Documentation**
* Updated assistant guidance to prefer self-resolution, include
support-ticket direction, clarified data-recovery search steps, and
added template-URL notation.
* **Tests**
* Expanded URL extraction and related utility tests to cover many
formats and edge cases.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
This pull request adds documentation and support for the Dropzone (File
Upload) and Realtime Cursor components for both Vue and Nuxt.js
frameworks in the UI library. It updates the sidebar navigation,
introduces new documentation pages, and ensures these components are
referenced in the project overview and component listings.
TODO: install new dependencies and resolve conflicts in lock.json
## Additional context
Initiative by Terry :)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added Dropzone and Realtime Cursor components for Vue and Nuxt.js
(file upload with previews/validation; collaborative cursor tracking).
* **Documentation**
* Added comprehensive Vue and Nuxt.js docs and registry entries for
Dropzone and Realtime Cursor with usage examples and API guidance.
* **Bug Fixes**
* Fixed text escaping in several authentication and UI components for
consistent rendering.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Terry Sutton <saltcod@gmail.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Co-authored-by: Ivan Vasilov <vasilov.ivan@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Observability Dashboard: unified overview for service health and
database infrastructure with interactive charts and metric cards (CPU,
memory, disk I/O, connections, error rate, slow queries).
* Service Health Monitoring: per-service health cards and a
multi-service table with error/warning counts and drill-down links to
reports/logs.
* Interval Selector: new chart-interval dropdown with plan-aware
retention messaging.
* Menu & Reports: updated Observability menu with Overview entry and
Custom Reports management.
* **Documentation**
* Added a footer link to troubleshooting guides.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
LLM configuration
## What is the current behavior?
No skills for E2E tests
## What is the new behavior?
Claude skill for E2E tests
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Added comprehensive end-to-end testing guidelines for Studio
Playwright tests, covering test execution, environment setup, robust
selector patterns, common pitfalls, debugging workflows, and CI
troubleshooting.
* **Chores**
* Updated repository ignore settings so skills-related documentation
files are tracked and can be committed.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context
There's some changes for Vector Buckets with the wrappers extension on
version 0.5.7 and above
The "Query from Postgres" CTA (which runs an import foreign schema
command) no longer accepts the bucket name as part of the schema options
(ref
[changelog](https://github.com/supabase/wrappers/releases/tag/v0.5.7)),
and instead takes the bucket name as the remote schema name.
So changes here are to update the SQL for importing foreign schema for
vector buckets if wrappers extension is above 0.5.7
Also - the `::embd` type no longer seems to exist in 0.5.7 as well, so
updated the example code too
## To test
Can probably test on a new US East 1 project on the preview
- [ ] Verify creating a vector bucket table + can query from postgres
(via the Insert vectors CTA after creating a table)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Fixed breadcrumb navigation links for vector bucket pages.
* **Improvements**
* Unified loading state for schema workflows and disabled actions while
loading.
* Enhanced version compatibility checks for foreign schema imports to
support newer extension syntax.
* Adjusted generated SQL for vector data to use the appropriate
embedding syntax based on extension version.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Removes Convex comparison pages from www
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Removed Supabase vs Convex comparison guide
* Removed Convex from available migration solutions
* Removed Convex solution information page
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context
Resolves https://github.com/supabase/supabase/issues/42304
Realised that the Inline Editor behaves differently from the SQL Editor
in which
[`isStatementTimeoutDisabled`](https://github.com/supabase/supabase/pull/36367)
is not set to true for the former which hence runs queries within a
transaction.
PR here sets that to true which should align the behaviour between both
editors
IMO though - the long term fix is just consolidating the editors so that
the behaviours are the same
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* SQL statements in the editor can now execute without timeout
restrictions, allowing long-running queries to complete successfully.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Adding myself, AJ to the list
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES/NO
## What kind of change does this PR introduce?
Bug fix, feature, docs update, ...
## What is the current behavior?
Please link any relevant issues here.
## What is the new behavior?
Feel free to include screenshots if it includes visual changes.
## Additional context
Add any other context or screenshots.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Updated team member credits.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Depends on https://github.com/supabase/platform/pull/28639
### Changes
- Add entitlement check for auth.mfa_enhanced_security feature in MFA
settings
- Disable the "Limit duration of AAL1 sessions" toggle when user lacks
entitlement
- Show upgrade prompt when Enhanced MFA Security is not available on
user's plan
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Enhanced MFA Security option with upgrade availability
* Cloud Marketplace contract linking eligibility checks
* New entitlements: SOC2 reports, Private Link, realtime concurrency
controls, function limits, project-scoped roles
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
