This PR migrates the whole monorepo to use Tailwind v4:
- Removed `@tailwindcss/container-queries` plugin since it's included by
default in v4,
- Bump all instances of Tailwind to v4. Made minimal changes to the
shared config to remove non-supported features (`alpha` mentions),
- Migrate all apps to be compatible with v4 configs,
- Fix the `typography.css` import in 3 apps,
- Add missing rules which were included by default in v3,
- Run `pnpm dlx @tailwindcss/upgrade` on all apps, which renames a lot
of classes
- Rename all misnamed classes according to
https://tailwindcss.com/docs/upgrade-guide#renamed-utilities in all
apps.
---------
Co-authored-by: Jordi Enric <jordi.err@gmail.com>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Instructed granting least-privilege table permissions for anon,
authenticated, and service roles prior to enabling Row Level Security
across multiple guides and quickstarts.
* Clarified SQL examples and inline comments, added explicit GRANT steps
and RLS SELECT policies, rephrased policy guidance, and adjusted example
ordering and section numbering for clearer setup and testing.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Docs update
## What is the current behavior?
Current docs are wrong and yield `ERROR: parameter "pg_net.ttl" cannot
be changed now`
## What is the new behavior?
Additional permissions required, setting should be at the system level
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Updated pg_net setup guidance to require system-level configuration,
added note that changing pg_net parameters requires superuser privileges
(with grant example), and clarified applying parameter changes via
system-level set followed by restarting the pg_net background worker.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Corrected internal documentation links across auth guides (Custom
Access Token Hooks), database hit-rate guides (Disk IO / compute
anchors), functions deployment (Dashboard quickstart), and product
security (Realtime authorization) for proper targets and path
formatting.
* Updated Storage page doc links for analytics and vector introductions.
* Updated Database page “Supabase ETL” docs link to the replication
guide.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Updated SDK initialization examples to reflect current authentication
patterns across multiple Supabase integration guides
* Enhanced security documentation with expanded guidance on protecting
sensitive credentials like secrets and service role keys in frontend and
Edge Function environments
* Clarified Row-Level Security access patterns and data availability
considerations when using publishable keys
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: fadymak <dev@fadymak.com>
## Summary
- Reframe client-side guidance around publishable keys instead of anon
keys
- Clarify the three data access paths: Data API, Edge Functions, and
direct database connections
- Add explicit note that the Data API can be disabled when only using
Edge Functions or direct connections
- Split the frontend guidance into its own section for clearer scanning
## Testing
- Not run (not requested)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Updated security guide with clarified data-access approaches and best
practices for secure configuration.
* Enhanced guidance on key usage and Row Level Security (RLS)
recommendations.
* Added references for disabling data access in specific scenarios.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Updates our documentation pages around the Data API to include
instructions on how to grant the necessary privileges across API roles
across tables and functions. Current behaviour means this is largely
unnecessary as privileges are granted by default on public schema, but
adding instructions will help cover scenarios where this isn't the case
and expose some of the underlying magic happening.
## To test:
- These updates refer to new settings that are added to the data api
that give more visibility and control over what tables and functions are
accessible via the api.
- To view these settings you'll need enable `tableEditorApiAccessToggle
` feature flag
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Added a new "Data API" guide and removed the old "Hardening the Data
API" page
* Updated navigation links to surface the new Data API guide
* Expanded quickstarts, SDK install pages, and security guides with
step‑by‑step Data API exposure, default‑privileges, RLS guidance, and
SQL GRANT examples (including function EXECUTE notes)
* Updated troubleshooting references and added redirects for legacy
documentation paths
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Claude Haiku 4.5 <noreply@anthropic.com>
Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com>
Co-authored-by: SaxonF <1072756+SaxonF@users.noreply.github.com>
Co-authored-by: Chris Chinchilla <chris.ward@supabase.io>
Co-authored-by: Chris Chinchilla <chris@chrischinchilla.com>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Replaces "stored procedures" with "functions" for everything related to
the Data API.
## Additional context
It's not accurate to call database functions "stored procedures". It may
have been that way before Postgres 11, but now it causes confusion
because PostgREST allows functions and not stored procedures.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Standardized terminology across docs, SDK guides, CLI/config specs,
examples, UI, and config comments to use "database functions" instead of
"stored procedures".
* Updated API docs, CLI/config descriptions, Studio UI labels, help
text, empty-state and navigation copy, RPC documentation, and example
text for consistency.
* Adjusted explanatory text and error/help messages to reflect the
revised terminology.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
docs update
## What is the current behavior?
Some guidance on deleting objects (and data) with cascading deletes etc
## What is the new behavior?
A guide that covers deleting objects (and data) and the impact that can
have on the DB, as well as ways to mitigate it
## Additional context
Drafted as a similar question about dropping large (>10TB) tables has
been mentioned a few times
---------
Co-authored-by: Jean-Paul Argudo <jean-paul.argudo@supabase.io>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Updates verbiage throughout docs to use postgres over postgresql.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Updated terminology throughout documentation, guides, and resources
for consistent product naming across all user-facing materials,
including page titles, descriptions, and reference documentation.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Select returns null
return returns hello world
(so this example has always been broken)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Updated the database functions guide with refined code examples.
Documentation now demonstrates improved Postgres function syntax and
streamlined return mechanisms, providing developers with clearer
guidance for implementing database functions following current best
practices.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
This PR fixes some prettier issues:
- Bump and unify all prettier versions to 3.7.3 across teh whole repo
- Bump the SQL prettier plugin
- When running `test:prettier`, check `mdx` files also
- Run the new prettier format on all files
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
*Summary*
- reorganize the navigation menu to highlight modules, consolidate API
security content, and move guide entries (auto-generated docs, type
generation, security topics) to the intended sections
- relocate the Data API hardening and custom claims RBAC guides into the
API subtree, updating internal references and redirects, and fixing
cross-links (including adjusting the Security reference order)
- adjust data API topic references (e.g., securing guide and role
management) to point to the new paths and ensure the helper link
ordering follows the requested layout
*Testing*
- Not run (not requested)
Change 1
<img width="1286" height="576" alt="image"
src="https://github.com/user-attachments/assets/d903e9b0-bbfc-403f-bcb9-eee540e466db"
/>
Change 2
<img width="1176" height="666" alt="image"
src="https://github.com/user-attachments/assets/82b3ea4c-b8d4-4cb9-ad90-6c39c8a1a997"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Reorganized API documentation structure, consolidating REST and
GraphQL API guides under a dedicated API section.
* Moved security-related guides to API documentation paths for better
organization.
* Implemented automatic redirects for old documentation links to new
locations.
* Updated navigation menu to reflect the restructured documentation
layout.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Chris Chinchilla <chris.ward@supabase.io>
Co-authored-by: Chris Chinchilla <chris@chrischinchilla.com>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Blog post on using pg_partman instead of TimescaleDB to prepare for the
upcoming deprecation
## What is the current behavior?
## What is the new behavior?
Blog post to include migration information for those using Timescale
## Additional context
Not to be merged until pg_partman is released in 15 and 17 images
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Added a comprehensive pg_partman guide covering setup, time- and
integer-based partitioning, maintenance, automation, and resources.
* Added a migration guide for moving from TimescaleDB hypertables to
native PostgreSQL partitioning using pg_partman.
* Updated TimescaleDB docs with migration notes and support guidance.
* **New Features**
* Listed pg_partman in the public extensions reference and added
navigation entries linking to the pg_partman guide and migration guide.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
## What kind of change does this PR introduce?
UI update
## What is the current behavior?
- Database settings uses an older, much wider, layout
- This will become problematic later on as more complex elements are
added to the page
- Titles and descriptions are inconsistently formatted
## What is the new behavior?
| Before | After |
| --- | --- |
| <img width="1728" height="994" alt="Oldie 2 Toolshed
Supabase-EE998752-3696-45E4-A842-9666049153D8"
src="https://github.com/user-attachments/assets/8f0004cf-3bb4-4b00-900a-b116b80371a6"
/> | <img width="1728" height="994" alt="Oldie 2 Toolshed
Supabase-7E86FD58-35BB-4912-8B2F-8C7AAA03B462"
src="https://github.com/user-attachments/assets/606b51b4-21a0-4b7b-870b-ac92ed363f3c"
/> |
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
I modified previous webinars to include the following:
- A YouTube embed of the recording
- New "Watch the Recording" CTA buttons
- New slug for the go page `/vibe-coding-done-right-webinar`
---------
Co-authored-by: Alan Daniel <stylesshjs@gmail.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
We are now saving our old webinar videos as unlisted YouTube videos.
I added the video embeds to previous webinars.
---------
Co-authored-by: Alan Daniel <stylesshjs@gmail.com>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
New Go landing page for the upcoming Bolt webinar. This is where we will
direct customers who want to learn more to go to request a meeting.
---------
Co-authored-by: Alan Daniel <stylesshjs@gmail.com>
This PR:
- Adds a new Join types and join modifiers section to the
joins-and-nesting guide.
- Documents default left join semantics for embedded relations.
- Explains !inner for inner-join behavior.
- Explains : aliasing and ! join modifiers (!inner, !foreign_key).
- Adds join/filter examples with expected JSON results.
- Includes query examples across JavaScript, Dart, Swift, Kotlin,
Python, and URL.
---------
Co-authored-by: Chris Chinchilla <chris.ward@supabase.io>
## Description
Adds a troubleshooting article for the `UNUSED_EXTERNAL_IMPORT` build
warnings
that Vite/Rollup/Nuxt users see when bundling apps that use
`@supabase/supabase-js`.
**File:**
`apps/docs/content/troubleshooting/unused-external-import-warning-vite-rollup.mdx`
## What the article covers
- What the warning looks like
- Why it's a false positive (re-exported external imports not recognised
as "used"
by Rollup's code-body check)
- `onwarn` suppression snippet for Vite/Rollup
- `onwarn` suppression snippet for Nuxt
## Related
- https://github.com/supabase/supabase-js/issues/2010
- https://github.com/supabase/supabase-js/pull/2122
---------
Co-authored-by: Chris Chinchilla <chris.ward@supabase.io>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
docs update
## What is the current behavior?
Superuser settings list is out of date
## What is the new behavior?
Update superuser settings with [new
configs](https://github.com/supabase/postgres/blob/21338c84583acc6f0d65fc99f014c83206aaa32d/ansible/files/postgresql_config/supautils.conf.j2#L13)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Updated PostgreSQL custom configuration guide with new superuser-level
settings options including deadlock timeout, parameter logging, network
connectivity, safe update enforcement, and function tracking
capabilities.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Docs update to resolve ambiguity. Clarifies assigning pool size
percentage in proportion to Database Max Connections, as it could be
mistaken for a percentage of max client connections.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Release Notes
* **Documentation**
* Improved clarity in the database connection management guide regarding
pool size configuration thresholds.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Summary
- move the auto-enable RLS trigger SQL example from the event trigger
guide into the row-level-security guide with a full example
- keep a reference in the event trigger guide that points to the
row-level-security section instead of duplicating the SQL snippet
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Reorganized PostgreSQL Row Level Security documentation with a new
dedicated guide section on automatically enabling RLS for newly created
tables
* Note: Auto-enable RLS applies only to tables created after
installation; existing tables require manual enabling
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
docs update
## What is the current behavior?
prisma fails with error:
```
Error:
`--to-schema-datamodel` was removed. Please use `--[from/to]-schema` instead.
```
## What is the new behavior?
prisma command runs successfully
## Additional context
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Updated database guide with current Prisma migration command syntax
for improved accuracy and reliability.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
* feat(docs): add docs on data api selective grants
Add docs on selective grants for Data API, including the new Dashboard
UI toggles. Also includes edits to the 42501 troubleshooting doc to help
users when problems arise because of revoked grants.
* ci: Autofix updates from GitHub workflow
* fixup! feat(docs): add docs on data api selective grants
* Update pgjwt documentation with link to Supabase JWT Handling Documentation
Added notes about JWT handling in Supabase. It might seem stupid but for whatever reason I though I needed the extension turned on and delayed upgrading my database because of this. I read through the documentation and finally realized it has zero impact on the JWT functionality built in. Figured someone else out there may not realize this and is delaying upgrading theis postgres version, so I added a note at the top clarifying how Supabase handles JWT with a link to the documentation.
* Update apps/docs/content/guides/database/extensions/pgjwt.mdx
* Update pgjwt documentation regarding Postgres versions
Clarified information about pgjwt extension usage based on Postgres version.
---------
Co-authored-by: Chris Chinchilla <chris.ward@supabase.io>
Co-authored-by: Chris Chinchilla <chris@chrischinchilla.com>
* docs: update link for Row Level Security documentation in JWT guide
* docs: update Figma sign-in link in Flutter guide
* docs: force link to Supabase Login with Apple to work (existing relative URL generates incorrect link in live site).
* docs: update link for Postgres UUID tutorial
* docs: update link for deprecated Android One Tap. Fix broken link to dart signInWithOAuth (the hydrated link on the live site is broken)
* docs: update links for MFA enforcement and backup documentation
* Update apps/docs/content/guides/auth/quickstarts/with-expo-react-native-social-auth.mdx
* Update apps/docs/content/guides/auth/social-login/auth-google.mdx
---------
Co-authored-by: Chris Chinchilla <chris@chrischinchilla.com>
* docs: remove link to token-transformer since that repo has since been refactored and no particular file contains the code originally linked to
* docs: update Redis link in rate limiting examples to point to the correct URL
* docs: update Supabase URLs to current magic link docs
* docs: update README for postgres-on-the-edge function to remove polyscale line (service no longer exists) and add resource links to relevant deno blog post
* docs: update Open Graph image generation examples links to the new documentation URL
* docs: update README with new Quickstart: Swift guide URL
* docs: update Supabase Vector links to reflect new URL
* docs: add two new link suggestions the replace the current broken one. Choose one.
* docs: update documentation links for Postgres Language Server to reflect new URL
* docs: update event trigger matrix documentation link to compensate for fact that 'current' verb does not work for some of their links
* Update apps/docs/content/troubleshooting/supabase-grafana-memory-charts.mdx
Co-authored-by: Chris Chinchilla <chris@chrischinchilla.com>
---------
Co-authored-by: Chris Chinchilla <chris@chrischinchilla.com>
Ivan Vasilov