## What kind of change does this PR introduce?
feature
## What is the new behavior?
Update dashboard templates to use new `@supbase/server` SDK
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Updates**
* Standardized edge function templates to use a unified request handler
with built-in Supabase context, improved secret-based flows, and
consistent handling of OPTIONS, streaming, binary, and websocket
responses.
* Unified error handling to return consistent JSON error and simplified
success/unauthorized payloads across AI, database, storage, webhook,
email, image, and websocket templates.
* **Documentation**
* Guide examples and text updated to use the revised auth mode naming
(ctx.authMode).
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## What kind of change does this PR introduce?
UI styling consistency for table grid frozen-column borders
## What is the current behavior?
The custom style targeted a non-existent React Data Grid class
(`.rdg-cell-frozen-last`), so the frozen column divider was not visible.
## What is the new behavior?
- Frozen-column divider now targets the actual rendered structure:
- body: `.rdg-row .rdg-cell-frozen:nth-last-child(1 of
.rdg-cell-frozen)`
- header: `.rdg-header-row .rdg-cell-frozen:nth-last-child(1 of
.rdg-cell-frozen)`
- Header bottom border remains consistent on the last frozen column.
- Dark mode now applies a balanced divider contrast using
`border-r-strong` for the last frozen divider (header + body), avoiding
both faint and overly harsh appearance.
| Before | After |
| --- | --- |
| <img width="1167" height="690" alt="colors Table Editor Chisel
Toolshed Supabase-A1CB0078-936B-4213-B931-B2D23C5FCCA9"
src="https://github.com/user-attachments/assets/1f2c89c0-55d0-4fc9-9d9a-c66cda66ec4b"
/> | <img width="1167" height="690" alt="colors Table Editor Chisel
Toolshed Supabase-4E3F8C10-0E40-4035-8D5F-1BCDD0AF75D3"
src="https://github.com/user-attachments/assets/55a3053b-c30b-441b-a3f2-98bc403fdf27"
/> |
| <img width="1167" height="690" alt="colors Table Editor Chisel
Toolshed Supabase-7BFFFBC0-8F9A-4895-B141-275AFF206CAB"
src="https://github.com/user-attachments/assets/faa50426-7547-4986-bf25-5c1c39199b72"
/> | <img width="1167" height="690" alt="colors Table Editor Chisel
Toolshed Supabase-C179A558-89BA-4913-993B-1C7DFDBC5299"
src="https://github.com/user-attachments/assets/a6f8bf17-b061-4079-b471-ad26be277470"
/> |
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Style**
* Enhanced the visual appearance of frozen grid columns with refined
border styling for the last frozen column, ensuring improved consistency
across both light and dark themes.
* Optimized frozen column header and cell styling for better visual
presentation across all color schemes, delivering a more polished and
cohesive user interface experience.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Summary
- Converts ~27 `executeSql` call sites in `apps/studio/data/**` to build
SQL through `safeSql` / `ident` / `literal` / `keyword` /
`joinSqlFragments` instead of raw template-string interpolation.
- Tightens the `useDatabaseCronJobCreateMutation` and
`useDatabaseEventTriggerCreateMutation` `sql`/`query` parameter types
from `string` to `SafeSqlFragment` (callers already produce one).
- Updates `getDeleteEnumeratedTypeSQL` in `packages/pg-meta` to return
`SafeSqlFragment`.
- Fixes a bug noticed while testing where Queues integration does not
correctly handle queues with uppercase names.
## Pages to manually test
- Integrations > Cron Jobs
- Integrations > Queues
- Database > Triggers > Event Triggers
- Database > Indexes
- Reports > Query Performance
- Storage
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Release Notes
* **Bug Fixes**
* Queue lookups now correctly handle case-insensitive queue names.
* Queue table references are now properly managed and consistently
applied throughout the queue management interface.
* Improved queue name display normalization in the user interface.
* **Chores**
* Enhanced SQL query safety across the database layer through
parameterized query construction and safer templating approaches.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
The connect button was missing its text
Before:
<img width="833" height="244" alt="Screenshot 2026-05-06 at 17 46 23"
src="https://github.com/user-attachments/assets/c03e972f-bef6-4bd7-8819-dd51509c58eb"
/>
After:
<img width="678" height="208" alt="Screenshot 2026-05-06 at 17 46 58"
src="https://github.com/user-attachments/assets/5b020017-133e-47c3-8138-925c27299665"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Improved screen reader accessibility in the Connect button by refining
how text visibility is handled based on button display mode.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Problem
Clicking button does nothing. toggling back to enable shows error
related to pool size
## Solution
Fix the form validation schema
## How to test
- Go to Realtime Settings `/realtime/settings`
- Try disabling it
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Two-step save: clicking Save opens a confirmation before changes are
applied.
* Warning displayed when database pool size exceeds 50% of max
connections (max shown dynamically).
* **Improvements**
* Form adapts to suspended vs. active realtime states with fewer
required fields when suspended.
* Better field labeling and accessibility; form resets and consistent
feedback after successful updates.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context
As per PR title - just updates the NoticeBanner component for TOS update
information
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added a Terms of Service update notification banner to inform users
about recent policy changes.
* Notification includes a dialog/modal with full update details, links,
and effective date; it replaces the previous maintenance notification so
users receive clear, actionable information.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Tidying up the bottom panel in unified logs. Taking care of some visual
quirks etc. Also preparing this area to house some other future concepts
via tabs.
| Before | After |
|--------|--------|
| <img width="828" height="384" alt="Screenshot 2026-04-30 at 11 24 09"
src="https://github.com/user-attachments/assets/804bdf1c-7cdb-4dd8-bf1e-31c434ef1436"
/> | <img width="830" height="407" alt="Screenshot 2026-04-30 at 11 22
53"
src="https://github.com/user-attachments/assets/28555efe-f893-4bae-bcb0-284e6db733e6"
/> |
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Redesigned service flow panel with Overview and Raw JSON tabs
* Added Previous/Next navigation controls with Arrow Up/Down keyboard
support
* New detail components and section headers with icons for clearer
organization
* Improved Postgres detail view and message/session display
* **Bug Fixes / Changes**
* Removed legacy header UI and related controls
* **UI / Style**
* Enhanced copy-to-clipboard feedback animation
* Updated "Load more" button styling
* Adjusted panel sizing for improved resizing behavior
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Ali Waseem <waseema393@gmail.com>
Prevents the AI assistant from helping with local git/filesystem
operations, and adds explicit warnings before irreversible database
operations (DROP TABLE, DELETE without WHERE, etc.).
Adds a `safetyScorer` and eval cases to cover these behaviours.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added a Safety metric to evaluations so assistant responses are scored
for safe handling of destructive or risky requests
* Assistant guidance updated to refuse destructive local VCS/filesystem
actions and require clear warnings for irreversible database operations
* **Tests**
* Added evaluation cases covering safe refusals, clear warnings, and
correct handling of destructive or risky prompts
* **Chores**
* Enabled Safety metric in online evaluation manifests/handlers
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Logo field now accepts/editable logo URL, plus a new storage-based
Logo Picker to select or remove images from project storage.
* Full storage picker: browse buckets, columns/list views, search,
drag‑and‑drop uploads, file previews (image/audio/video), and
single-file selection with responsive mobile/desktop layouts.
* **Refactor**
* Logo submission streamlined to send the provided URL directly (legacy
file-read/upload flow removed).
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## TL;DR
The edge function tester was sending service role tokens even when
anonymous was selected,
Fixed by moving the role context provider to wrap both the selector and
the submit handler
## sol:
| Before | After |
|--------|-------|
| <img width="589" alt="Service role JWT sent when Anonymous selected"
src="https://github.com/user-attachments/assets/f4072838-4031-4325-9fd6-7519e50bd080"
/> | <img width="471" alt="Anon JWT correctly sent when Anonymous
selected"
src="https://github.com/user-attachments/assets/86160946-398e-456e-9585-66e3e49f16ed"
/> |
| Selecting "Anonymous" had no effect, always sent `service_role` |
Selecting "Anonymous" correctly sends it now |
## ref:
- Closes https://github.com/supabase/supabase/issues/45619
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Refactor**
* Internal code structure improvements to enhance maintainability and
component organization.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Problem
The dashboard renders all timestamps in the browser's local timezone.
When debugging app issues, users often want to see logs and timestamps
in a different timezone (e.g. their app's deployment region) without
changing their OS clock.
## Fix
- New Timezone submenu in the user-avatar dropdown, sitting next to the
existing Theme picker. Search-as-you-type combobox over the full IANA
catalog plus an Auto detect option.
- Selection persists in localStorage (`supabase-ui-timezone`) and
survives `clearLocalStorage()`. No backend schema change.
- New `lib/datetime.tsx` exposes pure timezone-aware formatters
(`formatDateTime`, `formatDate`, `formatTime`, `formatFromNow`,
`toTimezone`) plus a `TimezoneProvider` and matching React hooks
(`useTimezone`, `useFormatDateTime`, ...). The pure functions take `tz`
explicitly so they're easy to unit test (17 vitest cases covering DST
transitions, multi-tz formatting, unix-micro/Date inputs, invalid-tz
fallback).
- The selected timezone propagates to every existing `<TimestampInfo>`
in Studio via a new `TimestampInfoProvider` context exported from
`ui-patterns`. No per-callsite changes needed for those ~20+ surfaces.
- The `UnifiedLogs` date column migrates off `date-fns` to the new
`useFormatDateTime` hook (the rest of the date-fns callers stay as-is,
since they're either internal range math or non-display).
- `ALL_TIMEZONES` (~600 entries) moves out of `PITR.constants.ts` into a
shared `lib/constants/timezones.ts`. PITR keeps a re-export shim so its
callers don't move. New `TIMEZONES_BY_IANA` dedupes the catalog by
primary IANA name (the original list contains both PDT and PST rows for
`America/Los_Angeles`, etc.) and `findTimezoneByIana` provides reverse
lookup.
- Telemetry: `timezone_picker_clicked` PostHog event with
`previousTimezone`, `nextTimezone`, `isAutoDetected` properties.
Notes for reviewers:
- Bare `dayjs(x).format(...)` calls (~157 files) intentionally still
render in browser-local time. Surfaces opt in by switching to the new
wrappers, so this PR is the abstraction plus logs adoption; broader
migration is a follow-up.
- Two `// prettier-ignore` lines (`apps/studio/pages/_app.tsx`,
`apps/studio/components/interfaces/UnifiedLogs/UnifiedLogs.fields.tsx`)
work around a pre-existing local-tooling issue where
`prettier-plugin-sql-cst` strips angle-bracket type arguments under
certain conditions. Project's pinned prettier (3.8.1) does not strip;
the issue surfaces with a globally-installed prettier. Worth tracking
separately.
- Hydration: `guessLocalTimezone()` and `useLocalStorageQuery` are
client-only. Studio is mostly CSR via the Pages Router, but any SSR'd
`<TimestampInfo>` may briefly render in the server's tz before client
hydration. Existing behavior already had this mismatch with `.local()`;
this PR does not regress it.
- Backend timestamps round-tripped through query params and mutations
stay UTC. The picker is display-only.
## How to test
- Run `pnpm dev:studio`, sign in.
- Open the user avatar dropdown (top right). Hover Timezone.
- Search for "tokyo", pick `(UTC+09:00) Osaka, Sapporo, Tokyo`.
- Open any project, navigate to Logs (e.g. `Project > Logs > Edge
Functions`). Hover a log row's timestamp; the popover should show UTC,
the chosen tz (`Asia/Tokyo`), and the relative time. Visible cell text
should be in JST.
- Visit any page that uses `<TimestampInfo>` (Database > Backups,
Project Pause state, Edge Function details). Same tooltip should reflect
Asia/Tokyo.
- Refresh the page; timezone is still Asia/Tokyo.
- Reopen the picker, choose Auto detect; timestamps revert to browser
local.
- Run `pnpm --filter studio test lib/datetime.test.ts`. 17 tests should
pass.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Timezone selector added to the user menu with auto-detect and manual
override
* App-wide timezone provider and hooks plus a shared timezone catalog
for consistent timezone-aware display
* Timestamp components accept an optional timezone prop and respect user
preference (persisted)
* **Bug Fixes / Improvements**
* Logs and timestamp displays now use the new timezone formatting hooks
* **Tests**
* Added comprehensive datetime and timezone catalog tests
* **Telemetry**
* Telemetry event added for timezone picker interactions
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Problem
Two visual regressions surfaced after the Tailwind v4 migration
(#45318):
1. The Postgres upgrade-failed banner used the deprecated `Alert`
component, whose `warning` variant relies on custom `amber-1100` /
`amber-1200` color tokens that no longer resolve. The title rendered as
near-white on the yellow background.
2. The sonner toast close button forced `bg-transparent!
hover:bg-transparent!`, letting the library's default translucent circle
bleed through against the toast's overlay background on hover.
## Fix
- Migrate `ProjectUpgradeFailedBanner` to `Admonition` (the recommended
replacement per the deprecation note on `Alert`), which uses semantic
`warning-*` tokens defined in the theme.
- Drop the transparent-bg overrides on the sonner close button and give
it a proper `hover:bg-surface-200` with a fixed `size-6` hit area so the
X has a clean hover target.
## Before
<img width="2940" height="338" alt="image"
src="https://github.com/user-attachments/assets/2cf2cf52-cdf2-429d-b50c-5dc4e5b9c84b"
/>
## After
<img width="1642" height="506" alt="CleanShot 2026-05-06 at 11 14 03@2x"
src="https://github.com/user-attachments/assets/b6c9b3e2-9d3e-437d-92a6-95d12730e842"
/>
## Testing
- [ ] Trigger a failed Postgres upgrade state and confirm the banner
title/description/actions are all readable on the amber background.
- [ ] Fire a toast and hover the close button — the hover should show a
subtle square background, not a translucent circle.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fix**
* Project upgrade failure banner now only appears when an upgrade has
failed and no longer supports dismissing.
* **Style**
* Replaced the warning banner UI with a streamlined admonition that
shows only a “Contact support” action.
* Improved toast close-button styling for clearer sizing, color, and
interaction states.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated core SDK dependencies to latest compatible versions for
improved system stability and security.
* Enhanced workspace dependency configuration management by expanding
and reorganizing package constraints to optimize compatibility across
all modules and reduce potential build conflicts.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Problem
The new-logs counter badge on the Logs refresh button became hard to
read. The number rendered as 0.6rem white text positioned absolutely
over two stacked semi-transparent green circles (`bg-green-800
opacity-60` ping plus `bg-green-900 opacity-80` solid). After the
Tailwind v4 upgrade shifted the default palette to OKLCH, the greens
rendered darker and the digit was nearly invisible.
## Fix
Replace the stacked opacity layers with a single solid `bg-brand-500`
pill, with a sized container (`h-4 min-w-4`), centered `text-[10px]
text-white`, and the ping animation rendered behind it instead of
layered on top. Same change applied to both `PreviewFilterPanel` and
`PreviewFilterPanelWithUniversal`.
## Before
<img width="274" height="194" alt="CleanShot 2026-05-05 at 13 55 53@2x"
src="https://github.com/user-attachments/assets/a5967091-b60f-42a9-9394-890c41df544c"
/>
## After
<img width="384" height="198" alt="CleanShot 2026-05-05 at 13 57 22@2x"
src="https://github.com/user-attachments/assets/30c440ce-f46f-4fda-8b96-08b068552da2"
/>
## How to test
- Open Studio and navigate to any Logs page (e.g. Logs > API Gateway).
- Wait for new log events to arrive, or trigger some traffic against the
project.
- Look at the refresh icon button in the filter bar.
- Expected result: the green badge in the top-right of the refresh icon
shows the new-event count clearly readable in white text, with a subtle
ping animation behind it.
- Verify counts in the 1, 10, 100, and 1000+ ranges (the 1000+ formats
as e.g. `1.2K`).
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Style**
* Refined the "new logs" count badge: simplified markup, adjusted
positioning, color and opacity for a cleaner look.
* Updated refresh button badge to a brand-colored design with an
animated ping ring; count formatting and visibility rules (including
K-format for >1000) remain unchanged.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## What kind of change does this PR introduce?
UI polish.
## What is the current behavior?
- A few product sidebar areas render menu rows outside the shared
ProductMenu/Menu.Item styling path, so their hover and selected states
differ from the rest of Studio.
- Database product menu shortcut tooltips are also scoped to the text
label instead of the full hoverable row.
## What is the new behavior?
- Integrations Explore/Installed, Observability, and Reports sidebar
rows now use the shared ProductMenu or Menu.Item pill styling.
- Observability spacing is tightened after the ProductMenu conversion.
- Product menu shortcut tooltips now wrap the full row trigger, so the
entire Database sidebar row opens the tooltip.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Refactor**
* Enhanced navigation menu components with improved loading and error
state handling across the dashboard.
* Streamlined menu structure and styling consistency for integrations,
reports, and observability sections.
* Added enhanced tooltip support for navigation items.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Consolidate Table Editor grid header actions into a single row
https://github.com/user-attachments/assets/1020c385-8fa9-4ef1-b5e7-03983111508b
## Changes involved
- Index advisor, Realtime, and API docs are now behind a dropdown menu
button (Treated as secondary actions)
- Grid header actions shifted into the same row as filter bar (more
space for data grid)
- Header actions will hide while filter bar is in focus (remove
distractions, more space for filter bar)
## Changes to filter bar
- Filter bar will refocus when deleting a filter
- Clicking on the search icon will focus on the free form input of the
filter bar
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added a “More” dropdown in grid actions to access Realtime, API docs,
and Index Advisor.
* New dialogs for enabling Index Advisor and toggling Realtime are now
consistently managed.
* **Improvements**
* Improved filter focus handling with auto-refocus when conditions
change and responsive header behavior.
* Adjusted popover alignment, separator visuals,
header/footer/pagination layout and sizing.
* Filter bar now supports programmatic focus; Connect button supports
icon-only mode.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Gildas Garcia <1122076+djhi@users.noreply.github.com>
## Summary
- Adds a hover-revealed expand button to SQL result cells whose value is
unlikely to fit on one line (objects, arrays, strings >60 chars, or
strings with newlines). Clicking opens the existing `CellDetailPanel`
for that cell.
- Switches the expand state from a boolean tied to the selected cell to
a direct `{ column, value }` reference, so the context menu and the new
button both target the right-clicked / clicked cell.
- Extracts the per-cell renderer into its own `ResultCell` component to
keep `Results.tsx` digestible and the new affordance isolated.
- Covers the new logic with exhaustive `isLargeValue` unit tests and a
`ResultCell` component test (visibility, click, right-click).
Linear: [FE-3130](https://linear.app/supabase/issue/FE-3130)
## Test plan
- [x] Run a SQL query that returns mixed cell types (short strings, long
strings, JSON objects, arrays, nulls) and confirm the expand button
appears only on cells where content is likely truncated.
- [x] Hover a large cell and click the expand button — `CellDetailPanel`
opens with the correct column + value.
- [x] Right-click a large cell and choose "View cell content" — same
panel opens with the right cell.
- [x] Right-click a small cell and "Copy cell content" — clipboard
contains the raw value.
- [x] Resize a column wider than its content and confirm the button
still positions correctly.
- [x] `pnpm vitest` for `Results.utils.test.ts`, `Results.test.tsx`,
`ResultCell.test.tsx` — all green.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Enhanced SQL result cells with automatic detection and expansion
functionality for large values (exceeding 60 characters or containing
line breaks)
* Added expand button to view full cell content directly in results
* Integrated right-click context menu for cell content options
* Improved display of null values in query results
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Refactor / security improvement
## What is the current behavior?
SQL fragments across Studio are built from plain `string` values with no
type-level distinction between developer-authored SQL, DB-sourced
identifiers, and user-typed or externally-influenced content.
## What is the new behavior?
Extends the safe SQL model to additional Studio interfaces, using
`SafeSqlFragment`, `safeSql`, `ident()`, `literal()`, `untrustedSql()`,
and `acceptUntrustedSql()` from `@supabase/pg-meta/src/pg-format`:
- **Policy editor**: template constants typed as `SafeSqlFragment` via
`safeSql` tagged literals; Monaco editor `onInputChange` emits
`untrustedSql()`; `acceptUntrustedSql()` called only at the Save
gesture; roles selector emits a composed `SafeSqlFragment` via `ident()`
+ `joinSqlFragments()`
- **Auth hooks**: grant/revoke SQL statements use `ident()` for schema
and function names
- **Docs description editor**: `COMMENT ON` queries use `ident()` and
`literal()` for table/column/function names and values
- **Cron jobs**: `cron.schedule()` call and HTTP request builder use
`literal()` for all user-provided values
- **GraphQL linter CTA**: `REVOKE` statement uses `ident()` for schema,
table, and role
- **Storage public bucket warning**: `DROP POLICY` uses `ident()` for
policy name
- **View security autofix modal**: `ALTER VIEW` uses `ident()` for
schema and view name
- **API settings**: `CREATE SCHEMA` mutation uses `safeSql` tagged
literal
- **Database event trigger delete**: `DROP EVENT TRIGGER` uses `ident()`
for trigger name
- **Database queues query**: queue list query uses `safeSql` tagged
literal
- **Role impersonation**: function invocation SQL uses `ident()` and
`literal()`
## Manual testing checklist
- Authentication > Policies
- Authentication > Hooks
- Integrations > Queues
- Database > Event Triggers
- Integrations > Cron Jobs
- Table Editor > View entity security autofix
- API Settings > expose schema
- Linter > GraphQL exposure CTA
- Docs > table/column description editor
- Role impersonation (user impersonation panel)
## Additional context
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Refactor**
* Replaced ad-hoc SQL string building with a safer, fragment-based SQL
construction across auth, policies, integrations, storage, and DB
operations to improve SQL safety while preserving behavior.
* **Bug Fixes / UX**
* Policy editor and code editor now propagate role and input changes
more reliably, improving editor responsiveness and policy handling
without UI changes.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Summary
Adds a contextual `D + <letter>` chord pattern for jumping between
Database sub-pages, mounted only while `DatabaseLayout` is active.
Establishes the pattern we can repeat for other sections (Auth, Storage,
Functions, etc.).
Linear:
[FE-3140](https://linear.app/supabase/issue/FE-3140/define-subnavigation-pattern-for-database-management-page)
## Pattern
- Chords are 2-key sequences (`D`, `<letter>`) — no global leader, no
`G` prefix.
- Registration is contextual: `<DatabaseNavShortcuts />` lives inside
`DatabaseLayout`, so the leading `D` is only "owned" while the user is
under `/project/<ref>/database/*`. Doesn't burn a global key.
- Hover tooltips on each sub-menu item show the chord, anchored to the
label text (Linear-style). Powered by `<ShortcutTooltip>` already used
in the main nav.
- Items hidden by feature flags (Roles, Column Privileges, Replication)
auto-disable the chord — no muscle-memory navigating to a 404.
## Shortcuts added
| Sub-page | Chord | Notes |
|---|---|---|
| Tables | `D T` | |
| Functions | `D F` | |
| Triggers | `D R` | t**R**iggers — `T` taken by Tables |
| Indexes | `D I` | |
| Extensions | `D X` | e**X**tensions |
| Schema Visualizer | `D V` | |
| Enumerated Types | `D E` | |
| Publications | `D U` | p**U**blications — avoids collision with Schema
Visualizer's `D P` (Download as PNG) |
| Column Privileges | `D C` | flag-gated |
| Settings | `D ,` | mirrors global `G ,` for project settings — avoids
collision with Schema Visualizer's `D S` (Download as SVG) |
| Replication | `D L` | rep**L**ication — flag-gated |
| Roles | `D O` | r**O**les — flag-gated |
| Backups | `D B` | platform-only |
| Migrations | `D M` | |
External-link sub-menu items (Policies, Wrappers, Webhooks, Security
Advisor, Performance Advisor, Query Performance) are intentionally not
chorded — they route out of `/database/*` and don't belong to the
section's namespace.
## Collision audit
Other shortcuts active on database pages (table-list, schema-visualizer)
were checked against the new chords:
- **Schema Visualizer** (`/database/schemas`): `D P` (Download PNG), `D
S` (Download SVG), `O A`, `O S`. Publications and Settings were remapped
to `D U` and `D ,` to avoid the `D P` / `D S` clashes.
- **List pages** (`/database/tables`, etc.): `Shift+F`, `Shift+N`, `O
S`, `F C` — no overlap with `D + <letter>`.
## Files
- `state/shortcuts/registry/database-nav.ts` — new registry module with
the 14 chord definitions.
- `state/shortcuts/registry.ts` — spreads the new IDs/definitions into
the canonical registry.
- `components/interfaces/DatabaseNavShortcuts.tsx` — null-rendering hook
component that wires `useShortcut` for each chord, keyed off
`useGenerateDatabaseMenu` so URLs and feature gating stay in sync with
the sidebar.
- `components/layouts/DatabaseLayout/DatabaseLayout.tsx` — mounts the
component.
- `components/layouts/DatabaseLayout/DatabaseMenu.utils.tsx` — tags each
menu item with its `shortcutId`.
- `components/ui/ProductMenu/ProductMenu.types.ts` — adds optional
`shortcutId?: ShortcutId` field.
- `components/ui/ProductMenu/ProductMenuItem.tsx` — renders the hover
tooltip when an item has a `shortcutId`, anchored to the label span.
## Test plan
- [ ] On `/project/<ref>/database/tables`, press `D F` — navigates to
`/database/functions`.
- [ ] On `/project/<ref>/database/schemas`, press `D P` — downloads the
PNG (Schema Visualizer wins, no nav conflict).
- [ ] On `/project/<ref>/database/schemas`, press `D U` — navigates to
`/database/publications`.
- [ ] On `/project/<ref>/database/tables`, press `D ,` — navigates to
`/database/settings`.
- [ ] Hover any sub-menu item with a chord — pill appears next to the
label after ~1s.
- [ ] On a project with the Replication flag off — `D L` does nothing.
- [ ] Navigate to `/auth` — pressing `D F` does nothing (chord unmounts
with the layout).
- [ ] Type `D` then `F` slowly inside an input — does not navigate
(input-focus guard).
This PR fixes a bug where a user might choose `classic-dark` as a theme
in `studio` but then `docs` and `marketing` apps will look weird.
To test:
- Change the localStorage value of `theme` to `classic-dark`
- Open `www` and `docs` apps, they should look ok
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added a new "classic-dark" theme option for enhanced visual
customization.
* **Improvements**
* Unified and simplified theme handling across apps for more consistent
behavior.
* Improved system-theme detection and smoother transitions when
switching themes.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## What kind of change does this PR introduce?
UI polish. Updates sidebar and submenu navigation hover and active
styling.
## What is the current behavior?
Product submenu navigation items either lack a hover fill or use a hover
fill that visually matches the active state. Adjacent hovered and
selected rows can appear to touch.
## What is the new behavior?
Primary sidebar buttons, sidebar sub-buttons, and product submenu pills
now share a muted hover fill while preserving the full accent fill for
active/selected states. Product submenu rows also get a small visual gap
with slightly reduced vertical padding to keep the overall spacing
compact.
| After |
| --- |
| <img width="988" height="408" alt="CleanShot 2026-05-05 at 11 53
05@2x"
src="https://github.com/user-attachments/assets/560ac8a5-1262-41af-a196-618c86580150"
/> |
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Style**
* Refined sidebar hover/active states with subtle accent alpha colors
for a more polished visual experience.
* Updated sidebar menu spacing and rounded corners for improved touch
and visual clarity.
* **UI Improvements**
* Sidebar now only displays when sections exist and uses a streamlined
submenu flow for more consistent, predictable navigation.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
## Problem
After the Tailwind v4 upgrade, the 3xx/4xx HTTP status badge in the Logs
explorer rendered with a saturated yellow background and washed-out
text, because `bg-amber-300`/`text-amber-1100` no longer resolve as they
did under v3.
## Fix
Switch the 3xx/4xx case in `ResponseCodeFormatter` to the existing
`bg-warning/10 text-warning` semantic tokens, matching the pattern used
by the shared `Badge` warning variant.
## Before
<img width="798" height="722" alt="CleanShot 2026-05-05 at 12 13 23@2x"
src="https://github.com/user-attachments/assets/a2d37f37-4260-4ec6-bf1c-ff96b6f51be0"
/>
## After
<img width="642" height="530" alt="CleanShot 2026-05-05 at 12 12 55@2x"
src="https://github.com/user-attachments/assets/7c82aee2-0d40-4213-8533-14ffb04fb5de"
/>
## How to test
- Run `pnpm dev:studio`
- Open any project's Logs explorer (API, Edge Functions, Auth, etc.)
- Find a row with a 3xx or 4xx status code
- Expected: faint yellow background with a darker amber/yellow text,
consistent with other warning badges in the app
- Confirm 2xx (brand) and 5xx (red) badges still render as before
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Style**
* Updated the visual styling of response codes in the logs display for
improved consistency.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## Summary
- Added token_endpoint_auth_method field to the OAuth app create/update
sheet, visible only when client type is set to "Confidential"
- Supports client_secret_basic (HTTP Basic Auth header) and
client_secret_post (request body) options; public clients automatically
use none
- Wired the field into both create and update API payloads
## Test plan
- Create a confidential OAuth app -> Token Endpoint Auth Method selector
should appear and submit correctly for both options
- Create a public OAuth app -> selector should not appear; none is sent
in the payload
- Edit an existing confidential app -> selector should pre-populate from
the saved value
## What is the new behavior?
<img width="1244" height="1660" alt="image-KvVBmAG6@2x"
src="https://github.com/user-attachments/assets/76ab2687-6be4-4b74-a830-e670a2bb4be2"
/>
<img width="1264" height="1652" alt="image-gLARAPwt@2x"
src="https://github.com/user-attachments/assets/fd5770d5-acfd-4edb-bd5e-af582108f092"
/>
related: https://github.com/supabase/supabase/pull/43128
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added token endpoint authentication method configuration for OAuth app
creation and updates
* Authentication method automatically adjusts based on client type
(public clients use 'none')
* Token endpoint auth method field conditionally displayed for
confidential clients only
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context
It isn't clear that the project status on the project home page is
clickable to show the status of each service of the project
<img width="283" height="454" alt="image"
src="https://github.com/user-attachments/assets/c91ade86-b16d-4ea5-9046-5e8f71e7dd6e"
/>
Which can cause confusion, especially when starting branches - that the
project status is just "Coming up" with no additional information.
Opting to use a hover card instead of a popover to hopefully mitigate
this gap
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Release Notes
* **UI Improvements**
* Enhanced status tooltip interactions with improved hover behavior and
customizable delay controls for a better user experience.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context
For a table that has RLS enabled, but a policy with just `true` for the
role `public`
The RLS tester was incorrectly reporting that `anon` doesn't have access
Was happening as we weren't considering policies that apply to the
`public` role (which applies to _all_ roles)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* RLS tester now treats explicitly-public policies as applicable
regardless of the impersonated role, improving policy coverage accuracy.
* **Refactor**
* Consolidated RLS test state computation to improve consistency of
access badges and policy messaging.
* **Tests**
* Added comprehensive tests validating RLS scenarios, badge states, and
policy/role messaging.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
This change updates the handler for simple GET installations to
correctly appending the organization_slug and project_ref parameters as
documented in our Partner Integrations Guide.
Fixes INT-111
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Integration installs now open in a new browser tab instead of
replacing the current page.
* Organization and project context are appended to integration
installation links so setups receive correct context.
* Missing or invalid installation links now fall back to the home page
to avoid navigation errors.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
## Context
Main fix is actually just the disabled check on the "Merge branch"
button
We're preventing merging of branches via the dashboard if the project
has GH integration + "Deploy to production" enabled (the latter we're
checking via if the `git_branch` property from the main branch exists,
from the GET branches API endpoint)
However, the `git_branch` property persists even after disabling the GH
integration (by design), and hence we were incorrectly disabling the
"Merge branch" button if the user removed the GH integration. Hence the
fix is to also check if the project has an active GH integration
## Other changes
- Refactored the merge page into smaller components
- Added an admonition to callout the "Deploy to production" + what steps
to take (otherwise it's not clear at all what to do in this scenario)
<img width="1451" height="524" alt="image"
src="https://github.com/user-attachments/assets/9df7d432-b220-4f71-b8f4-5ed0fd426afc"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Redesigned merge request page interface with dedicated components for
title, subtitle, and merge actions, improving user clarity and
experience.
* Added GitHub production deployment restriction messaging—users cannot
proceed with merge requests when this integration deployment method is
enabled.
* **Refactor**
* Enhanced GitHub integration connection query patterns and overall code
organization.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context
Realised that MultiSelector's content is not scrollable when rendered
within a sheet (e.g Auth policies, Database indexes)
### Explanation from Claude:
- The issue is that Radix Dialog (Sheet) adds
@radix-ui/react-remove-scroll which intercepts wheel events. The Popover
portal renders outside the Sheet's DOM tree, so the scroll lock blocks
wheel events on CommandList.
- The fix is to stop wheel event propagation on the CommandList so it
doesn't reach the RemoveScroll handler.
### To test
- [ ] Verify that MultiSelector can be scrollable within a sheet (e.g
Auth policies roles) and outside of a sheet (e.g Data API -> Exposed
schemas)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Fixed scroll wheel propagation in multi-select dropdown to prevent
unintended scrolling of parent elements.
* **Updates**
* Simplified filter component interface by removing an unused
configuration property.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context
Adds an admonition in the Connect sheet to inform users about the IPv4
addon if direct connection is selected and project doesn't have the IPv4
addon
Decided to place it below the copy prompt CTA since it's technically a
secondary action (users with IPv6 networks wouldn't need this)
<img width="755" height="707" alt="image"
src="https://github.com/user-attachments/assets/f1d29a56-db5f-4807-9545-a862434fea8f"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Displays contextual guidance in direct connection mode when the IPv4
add-on is not enabled, including quick-access links to configure IPv4
settings and to open IPv4 documentation.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Alaister Young <10985857+alaister@users.noreply.github.com>
## Context
Just refactors Database publications pages to use the `PageLayout`
component, otherwise was missing a header currently
Also fix search results empty state for publications pages
### Before
<img width="1144" height="550" alt="image"
src="https://github.com/user-attachments/assets/e178d31a-313e-48f3-a87c-bf26b13fef9e"
/>
### After
<img width="1145" height="396" alt="image"
src="https://github.com/user-attachments/assets/82a29529-46d8-40eb-ad25-9b424995e89e"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added a dedicated shimmering skeleton for publications table loading
states
* **Refactor**
* Restructured Publications interface for unified table rendering
* Unified loading, error, empty and "missing selection" states into the
table
* Moved empty-results to render inside the table
* Removed the back-navigation button
* Page layout and section structure refactored for clearer spacing and
navigation
* **Style**
* Improved loading visuals with skeleton rows
* Updated empty-results styling for a cleaner table appearance
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context
Main fix is to ensure that the tooltip here is scrollable - but also
adding some refactors
This is the org billing page when downgrading an org
### Before
<img width="400" alt="image"
src="https://github.com/user-attachments/assets/6094c2e6-c1bb-460f-a2d2-347c1d7d2e77"
/>
### After
<img width="400" alt="image"
src="https://github.com/user-attachments/assets/9d0ac9a6-6e89-4758-af14-8144a8a86469"
/>
## Changes involved
- Use HoverCard for invoice estimate in plan confirmation dialog
- Also nudge the UI a little, e.g use a separate column for the compute
prices + adjust text color to improve clarity
- Refactor usage of `any` for some of the TS declarations
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added an invoice estimate tooltip in subscription settings showing
monthly charges with plan fees, combined compute rows, per-project
compute costs, optional compute credits, and a total monthly estimate.
* **Refactor**
* Simplified the plan update flow by consolidating subscription preview
handling and extracting the invoice UI into the new tooltip component.
* **Chores**
* Improved internal type definitions for subscription preview data and
pricing tier identifiers.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Cleanup after shipping https://github.com/supabase/supabase/pull/45389,
the backend is now defaulting to the new v2 `format`, and made `format`
param optional.
So this:
- removes references to `v2` naming, as this is the only format
- removes the `format` query param from the audit logs API calls
## What is the current behavior?
Same audit log functionality shown in
https://github.com/supabase/supabase/pull/45389
## What is the new behavior?
Functionally the same behavior for audit logs.
- [x] Manual test in staging
## Additional context
⚠️ Will leave the `do-not-merge` tag on until:
- [ ] backend `format` optional PR lands in production.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Refactor**
* Consolidated audit log type definitions and updated internal API
request formatting for audit endpoints across Account and Organization
audit log components. No changes to user-facing functionality or audit
log display.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Closes#45179.
## Summary
`generateCreatePolicyQuery` in `PolicyEditorPanel.utils.ts` builds a
`CREATE POLICY` statement with raw double-quote interpolation for
name/schema/table, then executes it via `useExecuteSqlMutation` from
`PolicyEditorPanel/index.tsx:192`. Any of those values containing a `\"`
character breaks out of the identifier quoting in the executed
statement.
Applies `ident()` to the three identifier interpolations. Same pattern
as #44555 (queue), #44589 (index), #44721 (view autofix), #44723 (auth
hooks). The helper is already used at `Policies.utils.ts:319`.
## Scope
The preview-only SQL in `Policies.utils.ts`
(`createSQLStatementForCreatePolicy` /
`createSQLStatementForUpdatePolicy`) has the same pattern but is not
executed. That string is only rendered in the review modal while the
mutation uses a structured payload. Tracking separately.
## Test plan
- [ ] Create a policy with a name containing a double quote. Verify it
applies correctly with the fix (and produces broken SQL without).
- [ ] Create a policy on a table/schema name containing a double quote.
Same check.
- [ ] Regression: create a plain-named policy. Works as before.
## Summary
Wires the existing `list-page.*` shortcuts up to the Database →
Replication and Database → Migrations pages, so they get the same hotkey
behavior as Roles, Tables, Publications, etc. No new shortcut IDs were
added.
**Migrations page**
- Shift+F → focus the migration search input (label: "Search
migrations")
- F C → clear the search filter
**Replication / Destinations page**
- Shift+F → focus the destinations filter input (label: "Search
destinations")
- F C → clear the filter
- Shift+N → open the Add Destination panel. Wrapped with `<Shortcut>` so
the keybind tooltip shows on hover, and gated on
`!!newDestinationDefaultType` so it stays disabled when no destination
type is available.
Closes
[FE-3141](https://linear.app/supabase/issue/FE-3141/add-shortcuts-for-database-replication-and-migration-page).
## Test plan
- [x] On the Migrations page, press Shift+F → search input focuses &
selects existing text.
- [x] On the Migrations page, type a query then press F C → search
clears.
- [x] On the Replication page, press Shift+F → filter input focuses &
selects.
- [x] On the Replication page, press Shift+N → Add Destination panel
opens (when a destination type is available).
- [x] Hover the "Add destination" button → keybind tooltip shows
Shift+N.
- [x] On the Replication page, type a filter then press F C → filter
clears.
- [x] All four shortcuts appear in Cmd+K under "Shortcuts" while on the
respective page.
- [ ] Disabling list-page shortcuts in Preferences disables them on
these pages too.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added keyboard shortcuts for search field focus and filter reset in
Database Migrations and Destinations pages
* Added keyboard shortcut for "Add destination" action in Destinations
page
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Mark provenance of SQL via the branded types SafeSqlFragment and
UntrustedSqlFragment. Only SafeSqlFragment should be executed;
UntrustedSqlFragments require some kind of implicit user approval (show
on screen + user has to click something) before they are promoted to
SafeSqlFragment.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Editor and RLS tester show loading states for inferred/generated SQL
and include a dedicated user SQL editor for safer edits.
* **Refactor**
* Platform-wide SQL handling tightened: snippets and AI-generated SQL
are treated as untrusted/display-only until promoted, improving safety
and consistency.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Summary
- The Tailwind v4 migration left `bg-_secondary` unresolved, so the WAL
segment of the disk size breakdown bar (and its legend dot) rendered
transparent — visible as the gap between Database and System in the
screenshot on FE-3138.
- Switch both usages to `bg-[hsl(var(--secondary-default))]` to bypass
the broken utility while still pulling from the existing per-theme CSS
variable, restoring the original purple.
Closes
[FE-3138](https://linear.app/supabase/issue/FE-3138/adjust-tiiiny-v4-disk-size-breakdown-ui).
## Test plan
- [x] On a project's Settings → Compute and Disk page, the WAL slice in
the disk size bar renders in purple
- [x] The "WAL" legend dot below the bar matches that purple
- [x] Verify in light, dark, and classic-dark themes
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Style**
* Updated the visual styling of the WAL segment in the disk space
visualization to improve consistency with the design system's color
palette.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
The link builders in
`apps/studio/components/interfaces/Linter/Linter.utils.tsx` interpolate
`metadata.schema` and `metadata.name` directly into URL query strings. A
schema or table name with `&`, `=`, `+`, or `#` breaks the destination
filter on the linked page because `URLSearchParams` stops at the bare
`&` and decodes `+` to a space.
The `public_bucket_allows_listing` lint at line 338 already wraps
`bucket_id` in `encodeURIComponent`. The other 15 builders did not. This
wraps each `metadata?.schema` and `metadata?.name` interpolation with
`encodeURIComponent(value ?? '')` to match.
Added `Linter.utils.test.tsx` that constructs links with a schema
`a&b=c` and a name `d e+f` and asserts `URLSearchParams` round-trips
them. The bucket precedent is also covered.
Closes#45384
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Improved URL encoding for navigation links in the linter interface to
ensure proper handling of special characters in database, schema, and
table names.
* **Tests**
* Added test coverage for URL generation functionality in the linter
utility.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
pamelachia