## Description
Replaces legacy `anon` / `service_role` key references with the new
`publishable` / `secret` naming across SDK spec files under
`apps/docs/spec/`. Mirrors the rename table established by
[supabase-js#2280](https://github.com/supabase/supabase-js/pull/2280),
so the auto-generated reference docs at
supabase.com/docs/reference/{js,dart,kotlin,python,swift} stay
consistent with the SDK source.
## Files changed
| File | Highlights |
| --- | --- |
| `supabase_js_v2.yml` | Rename example vars `anon_key` →
`publishable_key`, `service_role_key` → `secret_key`; admin notes use
`secret`. |
| `supabase_dart_v2.yml` | Rename `anonKey` param → `publishableKey`
(matches the live Flutter SDK — see
[supabase-flutter/supabase.dart#L81](https://github.com/supabase/supabase-flutter/blob/main/packages/supabase_flutter/lib/src/supabase.dart#L81));
update call-site; example var `serviceRoleKey` → `secretKey`; admin
notes use `secret`. |
| `supabase_kt_v2.yml`, `supabase_kt_v3.yml` | Replace
`'publishable-or-anon-key'` placeholders with `'your-publishable-key'`;
admin notes use `secret`; fix `importAuthToken(\"service_role\")` →
`importAuthToken(\"your-secret-key\")` (the Kotlin SDK's
`importAuthToken(accessToken: String, …)` takes a JWT, not a role name).
|
| `supabase_py_v2.yml` | All `service_role` references → `secret`;
example var `service_role_key` → `secret_key`. |
| `supabase_swift_v2.yml` | Replace placeholders with
`'your-publishable-key'`; admin notes use `secret`; example var
`serviceRoleKey` → `secretKey`. |
| `storage_v0_config.yaml` | Rewrite `ANON_KEY` / `SERVICE_KEY` env var
**descriptions** in publishable/secret terms. **Env var names kept** —
see below. |
## Why the storage env var names are unchanged
`storage_v0_config.yaml` documents the env vars used to configure the
storage server (multi-tenant deployments). The `id` and `title` fields
must match the actual env var names the binary reads. The storage server
still reads its config from env vars literally named `ANON_KEY` and
`SERVICE_KEY`:
-
[`storage/src/config.ts#L614`](https://github.com/supabase/storage/blob/master/src/config.ts#L614)
— `getOptionalConfigFromEnv('SERVICE_KEY')`
-
[`storage/src/config.ts#L625`](https://github.com/supabase/storage/blob/master/src/config.ts#L625)
— `getOptionalConfigFromEnv('ANON_KEY')`
There is no `PUBLISHABLE_KEY` / `SECRET_KEY` reader on master. Renaming
the doc IDs would break self-hosted deployments — users following the
docs would set the wrong env var and the storage server would silently
fall back to generating its own JWT. Until the storage server itself
adds publishable/secret env support, only descriptions can be updated.
(Same reasoning for not bumping `storage_v0_config.yaml` →
`storage_v1_config.yaml`: the `_v0_` tracks the storage server's own API
version, paired with `storage_v0_openapi.json` downloaded from
`supabase.github.io/storage/api.json`. The server hasn't shipped a v1
API.)
## What we deliberately did NOT rename
Per the same rules established in supabase-js#2280:
- **JWT role claims** like `role: 'anon'` / `role: 'service_role'` —
these are functional Postgres role names in JWT payloads, not key
labels.
- **Real SDK identifiers** that haven't been renamed in the source (we
only rename in the doc when the underlying SDK rename has shipped). The
Dart `anonKey` rename was safe to apply because the Flutter SDK already
ships `publishableKey` as the preferred named parameter (with `anonKey`
`@Deprecated`).
## Out of scope
- **All `*_v1.yml` SDK spec files** (`supabase_js_v1`,
`supabase_dart_v1`, `supabase_kt_v1`, `supabase_swift_v1`). Older SDK
versions, not worth churning.
- **`cli_v1_commands.yaml`**. This file is auto-generated by the CLI
repo's release workflow
([`cli/tools/bumpdoc/main.go`](https://github.com/supabase/cli/blob/develop/tools/bumpdoc/main.go))
and the example outputs come from
[`cli/docs/templates/examples.yaml`](https://github.com/supabase/cli/blob/develop/docs/templates/examples.yaml)
— embedded in the CLI binary at build time. Any edits we make here would
be clobbered by the next CLI release. The fix needs to land upstream in
the CLI repo (note: the CLI itself already ships publishable/secret
naming in \`supabase status\` output — see
[`cli/internal/status/status.go#L40-L44`](https://github.com/supabase/cli/blob/develop/internal/status/status.go#L40-L44)
— but the doc-generation template is stale).
- **`supabase_csharp_v0.yml` / `supabase_csharp_v1.yml`** — checked,
already neutral. Both files use a generic `SUPABASE_KEY` env var with no
`anon` / `service_role` references.
- **Renaming the legacy Dart `anonKey` parameter itself** — that's an
SDK-side change. The Flutter SDK already exposes `publishableKey` as the
preferred parameter; full removal of `anonKey` will happen in a future
major version per the SDK's own deprecation comment.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Standardized API key naming across SDK docs: use publishable (client)
and secret (server/admin) key terminology
* Updated server-side admin examples and warnings to require secret keys
and emphasize never exposing them in client code
* Unified initialization examples across JavaScript, Dart, Kotlin,
Python, and Swift
* Corrected Storage spec metadata to point to the proper configuration
file
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Replaces "stored procedures" with "functions" for everything related to
the Data API.
## Additional context
It's not accurate to call database functions "stored procedures". It may
have been that way before Postgres 11, but now it causes confusion
because PostgREST allows functions and not stored procedures.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Standardized terminology across docs, SDK guides, CLI/config specs,
examples, UI, and config comments to use "database functions" instead of
"stored procedures".
* Updated API docs, CLI/config descriptions, Studio UI labels, help
text, empty-state and navigation copy, RPC documentation, and example
text for consistency.
* Adjusted explanatory text and error/help messages to reflect the
revised terminology.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Summary
- Adds a warning note to `onAuthStateChange()` that an `onError` handler
is **required**
- Updates all three Dart code examples (spotlight, specific-event,
unsubscribe) to include `onError`
## Background
Network errors (e.g. a token refresh attempted while the device is
offline) are emitted as stream errors on `onAuthStateChange`. If no
`onError` handler is provided, Dart rethrows them as unhandled zone
exceptions, crashing the app.
This is tracked in supabase/supabase-flutter#1281. The SDK itself
already handles this internally (`supabase_auth.dart` has its own
`onError`), but user-facing code that calls `.listen()` without
`onError` is still vulnerable.
The companion SDK fix (example app + doc comment in
`gotrue_client.dart`) is in a separate PR in
`supabase/supabase-flutter`.
## Test plan
- [ ] Review the rendered diff in the Dart reference docs
(`/docs/reference/dart/auth-onauthstatechange`)
- [ ] Confirm all three code examples now show `onError`
- [ ] Confirm the new note is visible in the Notes section
🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Clarified auth-state change docs to require explicit error handling in
listeners and updated all examples to show an error callback to avoid
unhandled exceptions.
* Updated the documented list of auth event names to the new set
(including initialSession and mfaChallengeVerified) and adjusted
examples accordingly.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Docs - [CLI Config
Reference](https://supabase.com/docs/guides/local-development/cli/config#auth.mfa.totp.enroll_enabled)
## What is the current behavior?
Default values in the cli config reference for mfa totp are set as
`true` which is not correct.
## What is the new behavior?
Changed to use `false` and match the default `config.toml`.
<img width="868" height="723" alt="Screenshot 2026-04-01 at 15 53 54"
src="https://github.com/user-attachments/assets/5e3e33a0-5edb-44d6-a013-4327aef537b4"
/>
## Additional context
Fixes: https://github.com/supabase/cli/issues/3737
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated CLI configuration defaults for TOTP multi-factor
authentication. TOTP enrollment and verification are now disabled by
default. Users relying on these features may need to manually enable
them in their configuration if required.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Docs update
## What is the new behavior?
- Added docs for analytics and vector buckets
- Added missing docs for some storage bucket methods
- Improved OAuth / OTP guide
- Small fixes
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Documentation
- Updated Kotlin authentication guides with improved examples, API
naming consistency, and comprehensive Kotlin Multiplatform support
- Added documentation for identity linking with ID tokens
- Expanded Storage API documentation with new file operation methods
(`exists()` and `info()`)
- Added extensive vector storage bucket operations and management
documentation
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Chris Chinchilla <chris@chrischinchilla.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
## Summary
The CLI now collects usage telemetry (supabase/cli#5019) with opt-out
via `supabase telemetry disable` or `SUPABASE_TELEMETRY_DISABLED=1`. The
self-hosting docs previously stated "no telemetry" without
distinguishing Docker from the CLI. This PR discloses CLI telemetry
across docs and regenerates the CLI reference spec to include the new
telemetry commands.
## Changes
- Update self-hosting telemetry section: Docker has no telemetry, CLI is
separate with opt-out instructions and link to full telemetry docs
- Regenerate `cli_v1_commands.yaml` from CLI v2.88.0, adding
consolidated `supabase telemetry` reference page
- Add Telemetry category to `common-cli-sections.json` for CLI reference
nav
- Add telemetry section to CLI getting-started guide with opt-out
commands and env vars
## Testing
Tested on Vercel preview:
- [x] `/docs/guides/self-hosting#telemetry` renders with CLI telemetry
note and link to full docs
- [x] `/docs/reference/cli/supabase-telemetry` renders single
consolidated reference page
- [x] `/docs/guides/local-development/cli/getting-started#telemetry`
shows opt-out section
## Linear
- fixes GROWTH-754
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Bug fix.
## What is the current behavior?
Running `make` in `apps/docs/spec` (used by the `docs-js-libs-update`
workflow) fails with:
```
ERR_PNPM_RECURSIVE_EXEC_FIRST_FAIL Command "redocly" not found
make: *** [Makefile:56: dereference.api.v1] Error 254
```
This regression was introduced in #44428, which removed `@redocly/cli`
from `packages/generator/package.json` as an "unused" dependency. It was
previously placed there because the Makefile ran `cd packages/generator
&& pnpm exec redocly` — but that directory had no logical ownership of
the dependency.
## What is the new behavior?
- `@redocly/cli` is now a devDependency of `apps/docs`, which is the
package that owns the spec generation workflow.
- The Makefile no longer `cd`s into `packages/generator` for the redocly
calls. It runs `pnpm exec redocly` directly from `apps/docs/spec`, where
the binary is now available.
- The `tsdoc:dereference` targets are unchanged and still `cd` into
`packages/generator` to run scripts defined there.
## Additional context
The `cd packages/generator` pattern for redocly was introduced in #42987
to fix a peer dependency resolution issue with `npx @redocly/cli`. The
fix was correct but placed the dependency in the wrong package. This PR
moves it to its logical home.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Added documentation processing tool as a development dependency.
* Updated documentation generation configuration to optimize command
execution paths.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Problem
The [spec generation Makefile started
failing](https://github.com/supabase/supabase/actions/runs/22142393017)
with:
```text
ReferenceError: React is not defined
at Object. (/Users/.../_npx/.../node_modules/styled-components/dist/styled-components.cjs.js:1:860)
```
This occurred when `@redocly/cli@2.18.2` was released on Feb 16, 2026.
The error happens because `npx @redocly/cli` installs the package in an
isolated temporary cache without properly resolving peer dependencies
(React is a peer dependency of styled-components).
## Solution
Replace `npx @redocly/cli` with `pnpm exec redocly` to use the installed
version from `packages/generator/package.json`.
This ensures:
1. **Proper dependency resolution** - pnpm installs the full dependency
tree including peer dependencies
2. **Version control** - locked to the version in package.json instead
of always fetching latest
3. **Reproducible builds** - won't break when new versions are released
## Changes
- Replace `npx @redocly/cli` → `cd $(GENERATOR_DIR) && pnpm exec
redocly` (5 places)
- Replace `npm run` → `pnpm run` for consistency with project's package
manager (6 places)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated build configuration to execute documentation generation tasks
from a centralized generator directory with unified package management,
ensuring consistent handling of OpenAPI bundling, TypeScript
documentation, and validation workflows.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Summary
This PR updates documentation based on recent changes across multiple
SDK repositories since the last run on 2026-01-22.
## Changes Analyzed
| SDK | Repository | Commits | Latest Tag |
|-----|-----------|---------|------------|
| **js** | supabase/supabase-js | 40 | v2.95.4-canary.2 |
| **dart** | supabase/supabase-flutter | 4 | - |
| **py** | supabase/supabase-py | 12 | v2.28.0 |
| **swift** | supabase/supabase-swift | 14 | v2.41.1 |
| **kt** | supabase-community/supabase-kt | 36 | 3.3.0 |
| **csharp** | supabase-community/supabase-csharp | 1 | v1.1.2 |
## Documentation Updates
### JavaScript SDK (`supabase_js_v2.yml`)
- Added optional `jwt` parameter documentation to
`mfa.getAuthenticatorAssuranceLevel()`
- Added `timeout` and `urlLengthLimit` options to `PostgrestClient`
constructor with example
### Kotlin SDK (`supabase_kt_v3.yml`)
- Added new `getClaims()` API section with description, parameters, and
3 examples
- Added `channel` parameter to OTP `signInWith` config for WhatsApp
support
- Added WhatsApp OTP sign-in example
### Python SDK (`supabase_py_v2.yml`)
- Added `from_.list_v2()` method documentation with cursor-based
pagination support
- Includes `SearchV2Options` parameter documentation and pagination
example
- Added note about new User model fields (`is_sso_user`, `deleted_at`,
`banned_until`) on `get_user`
### Swift SDK (`supabase_swift_v2.yml`)
- Added breaking change note for `mfa.unenroll()`: response now uses
`id` instead of `factorId` (since v2.41.1)
### Phone Login Guide (`phone-login.mdx`)
- Added Kotlin WhatsApp OTP example to the sign-in section
### SDKs with no documentation updates needed
- **Dart**: Only CI and realtime type-cast fix (no user-facing API
changes)
- **C#**: Only README badge fix
## Test plan
- [ ] Verify YAML spec files parse correctly
- [ ] Review rendered documentation for new sections
- [ ] Confirm code examples match actual SDK APIs
---
Generated with [Claude Code](https://claude.com/claude-code)
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Reverts supabase/supabase#42509
`esm.sh` does not work, so we will revert this version for now.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Updated documentation reference links to the latest source code
commit.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
docs update
## What is the current behavior?
Please link any relevant issues here.
- Minor grammar fixes
- Delete bulk: countries → characters table name
- Text search: Replaced "fat" with "the", added data sources and
responses for 3 examples
- Or filter: Fixed reponse typo, changed book_id → section_id
- Order modifier: Added missing .execute()
- Link identity: Fixed dict syntax {provider:} → {"provider":}
- Unlink identity: res → response
- List users: Removed trailing comma
- Reauthenticate: updateUser() → update_user()
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Enhanced grammar and terminology consistency throughout documentation.
* Improved code examples with standardized formatting, naming
conventions, and accurate references.
* Expanded documentation examples with additional data context and
sample outputs to clarify expected results.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Illia Basalaiev <illiab@IMB3.local>
supabase-cli-releaser[bot]