Commit Graph

234 Commits

Author SHA1 Message Date
Charis 1987f19d0a feat(sql-editor): add manual save feature preview (#47745)
## What

Adds an opt-in **SQL Editor manual save** feature preview that switches
the SQL Editor from autosaving every edit to saving only on demand, and
hardens the tab-close flow so unsaved edits are handled correctly.

## Changes

**Feature preview**
- New `sqlEditorManualSave` flag + `UI_PREVIEW_SQL_EDITOR_MANUAL_SAVE`
local-storage toggle, wired into the Feature Preview modal with an
explanatory panel.
- `useIsSqlEditorManualSaveEnabled` gates behavior on both the flag and
the user's preview opt-in.

**Editor toolbar**
- Save button (with `Cmd+S`) next to Run, plus an autosave status
indicator showing dirty/saving/saved state and a shortcut to disable
autosave (emits a `sql_editor_autosave_disable_clicked` telemetry
event).

**Discard on close**
- Closing a snippet tab with unsaved edits prompts for confirmation and,
on confirm, actually discards the local edits and evicts the cached
server copy so the snippet reopens clean.

**Decouple tab layout from SQL specifics**
- Tabs store gains a generic per-type close-handler registry
(`registerTabCloseHandler` / `getCloseConfirmation` / `closeTabs`). The
SQL editor registers its discard + confirmation behavior from the save
coordinator.
- Low-level `removeTab`/`removeTabs` (rename/move re-keying, stale
cleanup) intentionally do **not** trigger discard.
- Adds `statusOnDiscard` lifecycle transition and `clearSnippetContent`
store action.

## Testing
- `pnpm --filter=studio typecheck` — clean.
- Added unit tests for the close-handler registry (fires on single/multi
close, skips re-keying/cleanup removals, respects tab type, selects
confirmation copy, unregisters cleanly).

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Added a SQL editor manual-save preview with a “Save” button and
`Cmd+S`, plus a modal option to disable manual-save/preview.
* Added “unsaved changes” tab status indication when manual-save is
enabled.
* Introduced tab-type-specific close confirmations (shown only when
needed).
* **Bug Fixes**
* In manual-save mode, closing a SQL tab with unsaved edits now clears
local snippet content and refreshes it on reopen.
* **Tests**
  * Added coverage for tab close handlers and confirmation behavior.
* **Chores**
* Added a persisted setting allowlist entry and tracked autosave-disable
clicks via telemetry.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-07-09 08:37:38 -04:00
Joshen Lim 3521ff06e1 Joshen/fe 3778 rls tester to support insert queries (#47554)
## Context

Back to working on the [RLS
Tester](https://github.com/orgs/supabase/discussions/45233), slowly
adding support for mutation queries. First part here will be to add
support for testing `INSERT` based queries (Note that there's no changes
to the sandbox stuff in this PR)

## Changes involved
- If testing an `INSERT` query, we show a big warning first that the
query will be ran on the actual DB
  - Note that we skip the warning if the sandbox is used
<img width="534" height="231" alt="image"
src="https://github.com/user-attachments/assets/ef75a0c9-61e4-49b0-9d78-458e8e5f7f4f"
/>
- If the testing as an anon user + RLS enabled
<img width="601" height="386" alt="image"
src="https://github.com/user-attachments/assets/b21f048d-bac1-4ddd-b84b-c231ae9f9e3e"
/>
- If testing as an auth-ed user + RLS enabled, but the INSERT violates
RLS (conditions don't meet)
<img width="604" height="489" alt="image"
src="https://github.com/user-attachments/assets/41c40486-48d5-4eee-b7cd-8f993edc47be"
/>
- Else if testing as an auth-ed user + RLS enabled and INSERT matches
RLS
<img width="612" height="402" alt="image"
src="https://github.com/user-attachments/assets/41854b40-b351-408b-8d23-cc5e0fa40813"
/>
- Minor cosmetic layout change here
  - Use layout horizontal
- Also added the user ID below the dropdown with click to copy action
for convenience
<img width="615" height="528" alt="image"
src="https://github.com/user-attachments/assets/b9c04395-5435-474a-b3c5-640143faa782"
/>
- Added inline guard againsts some conditions
  - Should not be able to run UPDATE or DELETE queries
<img width="622" height="319" alt="image"
src="https://github.com/user-attachments/assets/351af7c6-8f1e-47ae-8651-3b9b0b512490"
/>
  - Should not be able to run multiple queries
<img width="612" height="317" alt="image"
src="https://github.com/user-attachments/assets/603d9a1f-1d1f-40f2-806d-93aea6b6cf8e"
/>

## To test
- [ ] Verify that the RLS Tester works as expected for an insert query
  - Against actual DB
  - Against sandbox (only available on staging)
- [ ] Verify that inline guards are all working as expected
- Let me know if there's any edge cases I might have missed!





<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* RLS Tester results are now operation-aware (SELECT vs mutations), with
clearer “no rows/all rows” and policy evaluation explanations.
  * Added copy-to-clipboard for the impersonated user ID.
* Query parsing now surfaces richer context, including WHERE clause
details and statement count, and SELECT-only previews.

* **Bug Fixes**
* Improved handling of blocked mutation queries and RLS-related error
messaging.
  * Updated RLS Tester navigation to the correct policies page.
  * Refined sandbox-assisted execution flow and empty/error states.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-07-03 17:58:08 +08:00
Joshen Lim 7203a97a90 Chore/clean up feature flags 300626 (#47429)
## Context

Cleans up a number of stale feature flags that have been enabled for all
users for more than 3 months
- enableSmartRegion
- SentryLogDrain
- axiomLogDrain
- S3logdrain
- Last9LogDrain
- otlpLogDrain 
- ShowPrettyExplain
- pgdeltaDiff
- CustomOauthProviders
- timezonePicker

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
  * Timezone selector is now always available in the user menu.
  * Log drain “Type” options are expanded in the creation flow.
* Custom auth providers now appear when the custom providers setting is
enabled.
* **Bug Fixes**
* Smart region selection and related queries now follow the selected
cloud provider.
* PG Delta Diff preview availability and SQL editor “EXPLAIN” routing
now follow the latest enabled settings (including platform-only preview
behavior).
* **Changes**
* Removed the Storage List-V2 migration callout from the Storage
settings page.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-07-01 14:42:08 +08:00
Joshen Lim 1de298ff31 Reinstate https://github.com/supabase/supabase/pull/45143 into latest master (#47433)
## Context

Previous PR was [here](https://github.com/supabase/supabase/pull/45143)
but it got stale with lots of conflicts so figured it'll be easier redo
it off the latest master

Moves policies page from Auth to Database under an Access Control
section along with Roles. This moves all existing files, applies
redirects, and updates urls to point to the new route

<img width="274" height="412" alt="image"
src="https://github.com/user-attachments/assets/7952c185-64ae-4355-ba36-45397efe1787"
/>

<img width="453" height="471" alt="image"
src="https://github.com/user-attachments/assets/04b3dcb3-48a5-4049-9893-d01109fb46a9"
/>


## To test
- [ ] Verify that policies now live under Database correctly

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Added a quick navigation shortcut to open **Database > Policies
(RLS)**.
* **Bug Fixes**
* Updated Policies and RLS-related links across the product to open the
**Database policies** area (menus, command palette, context actions,
alerts, and link-outs).
* Added a permanent redirect from the old **auth policies** URL to the
new **database policies** URL.
* **Documentation**
* Updated RLS Dashboard and security checklist instructions to reference
**Database > Policies**.
* **Tests**
  * Adjusted automated tests to validate the new Policies route.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-30 18:49:33 +08:00
Gildas Garcia b30db91d71 chore: cleanup UI patterns exports (#47406)
## Problem

We now export components under a subpath in ui-patterns to avoid barrel
files as they slow down every tools (from IDE to linters, etc.) and may
also affect bundles our users have to download.

## Solution

- Remove the UI patterns index file
- Fix invalid impors
2026-06-30 09:23:17 +02:00
Gildas Garcia c6fc456910 chore: cleanup duplicate exports studio (#47387)
## Problem

Knip reports many duplicate exports (both named and default). Besides,
we're moving away from default exports and even have an eslint rule to
enforce it on new code.

## Solution

- Cleanup those exports
- Update imports when necessary

No functional changes. If it builds, it's fine
2026-06-29 15:46:16 +02:00
hallidayo 7cbd540681 fix: self hosted cmdk organizations (#47308)
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.

YES

## What kind of change does this PR introduce?

Supabase Studio > CMD K

## What is the current behavior?

When on self hosted and using CMD K the organization options are
available.

## What is the new behavior?

Organization options now hidden on self hosted/local

## Additional context

Closes #40106 


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Bug Fixes**
* Updated the organization switcher and related command entry to appear
only when the platform-specific conditions are met, helping prevent it
from showing up in unsupported environments.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-26 07:13:22 -06:00
Joshen Lim 0038f303f2 Track is initialized in feature preview context (#47309)
## Context

Noticed that while default opted into unified logs, if you refresh while
on the page, you'll get redirected back to the old logs URL
(logs/explorer)

Happening due to a inconsistent tracking of loading states for feature
flags and feature previews. Just need to track whether the feature
previews have been initialized

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Bug Fixes**
* Improved the loading behavior for unified logs preview so it only
finishes loading after preview settings are fully initialized.
* Added a more reliable initialization state to better reflect when
feature-based defaults are ready.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-25 15:13:25 +00:00
Joshen Lim 2bac064adf Joshen/fe 3697 progressively default opt in to unified logs (#47296)
## Context

We're progressively opting in users to use the new Unified Logs UI 🙂🙏

## Changes involved

- [ ] Removed flag for controlling visibility of unified logs feature
preview
- [ ] Added flag for controlling default opt in behaviour of unified
logs
- [ ] Small tweak to Unified Logs banner is default opted in (Just show
"New" and more info CTA)
- Disabling, then enabling again will thereafter show the existing "Go
back to old logs CTA"
<img width="290" height="166" alt="image"
src="https://github.com/user-attachments/assets/a2c46ce1-63c3-490c-bc7d-fc1254982dbe"
/>


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Unified Logs preview now derives default opt-in state from a new
default-opt-in flag and exposes `isDefaultOptIn`.

* **Bug Fixes**
* Removed eligibility-based gating so the “Beta” badge and Unified Logs
banner render consistently across logs screens.
* Unified Logs banner was refactored to handle enable/disable and
navigation internally, while remaining shown unconditionally.

* **Tests**
* Updated mocks and assertions to reflect the revised preview/banner
enablement and dismissal logic.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Alaister Young <10985857+alaister@users.noreply.github.com>
2026-06-25 21:45:40 +08:00
Ali Waseem 50989ac999 chore: update org not found message to not collide w/ auth.js (#47192)
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.

YES

## What kind of change does this PR introduce?

Error messages were failing due to a error code collision with Auth.js
in supabase + gotrue, fix that so the error is not suppressed

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

## Release Notes

* **Bug Fixes**
* Removed the "Organization not found" error message that appeared when
navigating to invalid organization slugs.
  * Streamlined redirect behavior for empty organization lists.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-24 09:10:19 -06:00
Joshen Lim acd9ddabc5 Fix feature preview URL for disable advisor rules (#47213)
## Context

Tiny one - just fixes the URL for the disable advisor rules feature
preview

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Bug Fixes**
* Improved navigation in the Advisor feature to direct users to the
security rules section more accurately.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-23 19:59:32 +08:00
Jordi Enric 59743caa7e fix(studio): remove Enterprise-only notice from unified logs preview (#47211)
## Problem

The unified logs feature preview displayed a message saying the
interface was only available for Enterprise plan organizations. The
feature is now available to all plans, making this notice inaccurate and
potentially confusing.

## Fix

Removed the paragraph containing the Enterprise-only restriction notice
from the unified logs preview component.

## How to test

1. Open Studio and navigate to any project
2. Open the Feature Previews panel
3. Find the "Unified Logs" preview entry
4. Confirm the Enterprise restriction notice is no longer shown
5. Expected result: only the description and screenshot are visible,
with no plan restriction text

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Documentation**
* Refreshed Unified Logs interface description to emphasize enhanced
capabilities including improved filtering, real-time updates, and a
unified view across services.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-23 08:10:39 +00:00
Gildas Garcia 7f1298e35e chore: dead code cleanup (#47129)
## Problem

We have many unused files, left overs from features refactoring

## Solution

- Remove unused files
- Move some files closer to their usage

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Refactor**
* Removed multiple legacy Studio UI components and placeholders to
streamline the interface (including onboarding panels, navigation
elements, docs layout helpers, and various UI building blocks).
* **UI Updates**
* Updated the layout’s API keys section to use the Project-specific
presentation.
* **Maintenance**
* Adjusted internal sourcing for documentation tab menu logic without
changing visible behavior.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-22 10:36:21 +02:00
Joshen Lim fd0f2dd459 Scope last visited organization local storage to profile (#47071)
## Context

If a user switches account without an explicit log out via the
dashboard, landing back on `/org` will redirect users to the last
visited organization as stored in local storage, in which it can result
in the following state if the last visited organization does not exist
in the current account
<img width="2538" height="1060" alt="image"
src="https://github.com/user-attachments/assets/270e482a-3515-48ef-898b-87e76fce80d6"
/>

## Changes involved
Am opting to scope the last visited organization to the user profile
instead - this would be a bit more cleaner than trying to actively clear
the last visited org slug from local storage with implicit account
changes as there's no deterministic way to track that (afaik) from FE
side of things

## To test
Can reproduce the problem as such
- Ensure that you have 2 accounts to log in with, and one account has an
org that the other is not a part of
- For the organization that has the "extra" org, ensure that you click
into it so that the last visited org slug is saved in local storage
- Mimic changing accounts by visiting
`/auth/v1/authorize?provider=github` (using the domain for the env that
you're testing on - e.g localhost:8000 for local, or green for staging
preview)

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Unified “last visited organization” handling across the Studio UI with
a shared hook, improving consistency for home/dashboard return,
cancel/back navigation, and account routing.

* **Bug Fixes**
* Updated redirects to only route to an organization when a valid
last-visited value is available; otherwise users go to the general
organizations page.
* Kept MFA enrollment and factor delete/leave flows aligned to the
unified last-visited organization value.

* **Tests**
* Updated onboarding and layout tests to match the new last-visited
organization storage key format and hook/query success behavior.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-18 17:42:18 +08:00
Joshen Lim 4120ceb802 Chore/marketplace feature preview to show only if flag true (#47065)
## Context

Marketplace integrations feature preview is currently showing up in the
feature preview modal irregardless - it should be flagged against the
config cat flag

Also added the `getRoute` param for it, and also set `isPlatformOnly` to
true and `isDefaultOptIn` to false

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **New Features**
* Added a new "Integrations layout" feature preview controlled by a
feature flag. Users can now access integrations functionality through
this dedicated preview item. The feature is marked as new,
platform-exclusive, and available for user opt-in, directing users to
their project's integrations page.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-18 12:43:54 +08:00
kemal.earth d702d145a1 feat(studio): add redirect and toasts to feature previews (#47030)
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.

YES

## What kind of change does this PR introduce?

Adds a redirect and/or toast depending if there is one for when a
feature is enabled via the Feature Preview dialog.


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Feature previews now support route-aware enabling: when a dedicated
configuration page exists, enabling a feature preview automatically
navigates there; otherwise it keeps the standard dashboard activation
flow.
* Feature preview controls now show contextual tooltips (including
guidance based on availability), making it clearer when and how a
preview can be enabled or disabled.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Gildas Garcia <1122076+djhi@users.noreply.github.com>
2026-06-17 15:04:57 +01:00
Gildas Garcia 96d43099bb chore: refactor Button API so that it can be used a standard button (#46880)
## Problem

Our `<Button>` component breaks the default `button` contract by
redefining the `type` prop to set its variant (`primary`, `default`,
etc) instead of the button type (`submit`, `button`, etc).
This is confusing and forces to write more code when using it with
shadcn components that expect/inject the standard button props.

## Solution

- rename the `type` prop to `variant`
- rename the `htmlType` prop to `type`
- propagate the changes where necessary
- format code

## How to test

As this is just prop renaming, if it builds it's ok

---------

Co-authored-by: Ivan Vasilov <vasilov.ivan@gmail.com>
2026-06-16 23:59:58 +02:00
Joshen Lim aba4e147eb Joshen/fe 3613 database tables query should have schema filter wherever appropriate (#46935)
## Context

There's certain areas in the dashboard where we're calling
`useTablesQuery` without a schema filter, in which case the dashboard
then fires a query against the project's database to fetch _all_ tables
across _all_ schemas - this could easily be a heavy query if there's a
large number of relations in the project's database.

Am hence opting to either add a schema filter if appropriate, or
otherwise opt to use the infinite loading behaviour

## Changes involved
- Add schema filter to `useTablesQuery` in database triggers and
publications
- Use infinite loading for tables in Cmd K for "Run query on table" and
"Search database tables"

## To test
- [x] Verify that database triggers + publications still function as
expected
- [x] Verify that CMD K "Run query on table" and "Search database
tables" still function as expected (including search)

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Implemented debounced infinite-scrolling table search in the command
menu and SQL editor command flow.
* Added a schema selector dropdown to publications management for easier
navigation.
* **Improvements**
  * Removed the “Schema” column from the publications tables UI.
* Updated search guidance and table-picker status (counts/loading)
during infinite browsing.
  * Trigger table listings now follow the selected schema context.
* Refined command menu list height and improved the database-tables
placeholder text.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-16 15:45:39 +08:00
Gildas Garcia 43300d43ce chore: consolidate useAPIKeysQuery + getKeys into a single useAPIKeys hook (#46761)
## Problem

- API may return a non-array shape that can crash `getKeys` because of
an hard coded cast
- getting API keys is cumbersome as consumers have to call two functions

## Solution

- consolidate `useAPIKeysQuery` + `getKeys` into a single `useAPIKeys`
hook
- guard `getKeys` so that it doesn't crash if passed a non array value
- update usages

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Refactor**
* Unified how project API keys are retrieved across the studio,
resulting in more consistent loading/error handling and slight
responsiveness improvements when showing keys and related command
snippets. UI and permissions behavior remain unchanged for end users.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-09 15:49:10 +02:00
Francesco Sansalvadore f622bc6ea0 feat(studio): dashboard integrations update (#46671)
- remove "Marketplace" branding and naming from integrations section
- remove "featured partners" hero with multiple partners
- keep only _one_ featured partner to start with (Grafana)
- gate each partner integration with separate flags to enable
testing/releasing them separately

## Before
<img width="1487" height="834" alt="Screenshot 2026-06-08 at 11 00 19"
src="https://github.com/user-attachments/assets/9359a98f-18f8-4b1e-be23-63646cf66106"
/>

## After
<img width="1494" height="849" alt="Screenshot 2026-06-08 at 11 03 57"
src="https://github.com/user-attachments/assets/2c28cf36-97f0-4bbd-8c97-7998768e6ce6"
/>
2026-06-09 15:30:42 +02:00
Ali Waseem 1c2d28d5b3 chore: wrap local storage into helper methods that are safer (#46628)
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.

YES

## What kind of change does this PR introduce?

- Noticing our code we have many patterns of calling localstorage and
handling those errors
- We should add those in a single well tested file
- Handle those errors in the singleton which makes it easier for us to
debug customer issues. Logger is outputing local storage warnings for
feature we expose
- Side effect of this is random crashes on studio when local storage
isn't available or handled correctly

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Refactor**
* Improved browser storage handling across the app for more reliable
persistence and graceful behavior in restricted or non-browser
environments (settings, previews, charts, tabs, sign-in/session flows,
integrations, and UI state).

* **New Features**
* Introduced a safe storage layer to standardize and harden
local/session persistence.

* **Tests**
  * Added comprehensive tests covering the new safe storage behavior.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-04 07:41:28 -06:00
Pamela Chia 7f5e3cab93 chore(studio): remove expired Fly.io deprecation banner (#46535) 2026-06-01 19:35:14 +08:00
Alaister Young 7e9badc6b8 chore(studio): migrate useStaticEffectEvent to React 19 useEffectEvent (#46415)
Studio is on `react@^19.2.6`, and `useEffectEvent` shipped stable in
React 19.2 with the same signature as the userland polyfill. This drops
the local hook in `apps/studio` and `apps/www` in favor of the built-in.

**Removed:**
- `apps/studio/hooks/useStaticEffectEvent.ts`
- `apps/www/hooks/useStaticEffectEvent.ts`
- `.claude/skills/use-static-effect-event/` — skill is obsolete

**Changed:**
- 26 call sites: dropped the `useStaticEffectEvent` import, added
`useEffectEvent` to the existing `react` import, renamed call sites
- `.claude/CLAUDE.md`: `apps/studio` row updated React 18 → React 19
- `.claude/skills/vercel-composition-patterns/SKILL.md`: removed stale
"Studio uses React 18, skip these patterns" warning

## To test

- `pnpm typecheck --filter=studio` — passes locally
- `pnpm typecheck --filter=www` — passes locally
- `grep -rn "useStaticEffectEvent"` returns nothing outside
`node_modules`
- Smoke-test areas that use the hook: schema visualizer edges
(intersection check), spreadsheet import, sign-in/CLI login flows, side
panels with unsaved-changes prompts

**Out of scope:** pre-existing Tailwind lint warning on
`DefaultEdge.tsx:141` (`outline` + `outline-1` conflict) — unrelated to
this migration

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Refactor**
* Internal event handling migrated to React’s built-in event hooks
across the Studio app; no user-facing changes.

* **Documentation**
* Clarified React 19 compatibility and noted Studio now targets React
19.
  * Removed obsolete documentation for a deprecated internal hook.

<!-- review_stack_entry_start -->

[![Review Change
Stack](https://storage.googleapis.com/coderabbit_public_assets/review-stack-in-coderabbit-ui.svg)](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46415?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)

<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Alaister Young <10985857+alaister@users.noreply.github.com>
2026-05-28 23:30:42 +08:00
Pamela Chia 47c084e51d refactor(studio): migrate telemetry to useTrack (#46140)
## Summary

I migrated every `useSendEventMutation` call site in `apps/studio` to
`useTrack`, deleted the legacy hook, and added a lint guardrail so it
can't return. `useTrack` is the type-safe replacement: it auto-injects
`groups: { project, organization }` from the selected project/org and
types `action` + `properties` against `TelemetryEvent`. Existing call
sites built groups manually and were not type-checked at the action
level. The migration covers 81 files (60 trivial swaps, 9 org-only, 3
pre-auth, 5 bespoke, 4 test mocks).

## Changes

- Migrated trivial call sites across `pages/project/[ref]`,
`components/interfaces/*` (Reports, Storage, Realtime/Inspector,
SQLEditor, Functions, EdgeFunctions, Integrations, ProjectAPIDocs,
Branching/BranchManagement, TableGridEditor, Connect, Docs, Auth,
Support, Home, ProjectHome, App), `components/layouts/*`, and
`components/ui/*`.
- Migrated org-only sites (`Organization/Documents/*`,
`Organization/BillingSettings/Subscription/*`,
`Organization/SecuritySettings.tsx`,
`Account/Preferences/DashboardSettingsToggles.tsx`) by dropping the
manual `groups: { organization: ... }` and letting `useTrack`
auto-inject. Verified `useSelectedProjectQuery` is disabled on org
routes (gates on URL `[ref]`).
- Migrated pre-auth sites (`SignInForm.tsx`, `sign-in-mfa.tsx`,
`profile.tsx`) where neither project nor org is resolved.
- Bespoke handling:
- `execute-sql-mutation.ts` and `table-row-create-mutation.ts`: pass `{
project: projectRef }` via `groupOverrides` since the mutation can
target a non-selected project ref.
- `useStudioCommandMenuTelemetry.ts`: kept a direct `sendTelemetryEvent`
call because studio groups must override pre-built event groups
(opposite of `useTrack`'s override direction).
- `AIAssistantOption.tsx`: passes sentinel-aware `groupOverrides` so
`NO_PROJECT_MARKER`/`NO_ORG_MARKER` continue to suppress group emission.
- `SidePanelEditor.utils.tsx`: utility functions `createTable` and
`updateTable` now take a `track: Track` parameter (threaded from
`SidePanelEditor.tsx`); dropped the `organizationSlug` arg since groups
are no longer assembled manually.
- Branch-event attribution: preserved `parentProjectRef` overrides on
`branch_updated`, `branch_merge_completed`, `branch_merge_failed`,
`branch_merge_submitted`, `branch_delete_button_clicked`,
`branch_review_with_assistant_clicked`, and
`branch_*_merge_request_button_clicked`. Original code grouped these
under the parent (production) project, not the branch ref;
auto-injection would have shifted them onto the branch.
- Switched 4 test mocks from `@/data/telemetry/send-event-mutation` to
`@/lib/telemetry/track`. Removed obsolete tests around manual groups and
`try/catch` on telemetry rejection.
- Deleted `apps/studio/data/telemetry/send-event-mutation.ts`. The
deleted module is its own guardrail: any reintroduction of the import
fails at TypeScript module resolution before lint runs.

## Testing

Tested on preview deploy:

- [x] SQL editor `CREATE TABLE` fires `table_created` with method
`sql_editor` and `groups.project` set to the mutation's `projectRef`.
- [x] Table editor creates a table from the side panel; `table_created`
fires from `SidePanelEditor.utils` via threaded `track`.
- [x] Help button (`/project/[ref]/...`) fires `help_button_clicked`
with auto-injected project + org groups.
- [x] Sign-in form fires `sign_in` with empty groups (pre-auth,
expected).
- [x] Org documents page (`/org/[slug]/documents`) fires
`document_view_button_clicked` with org group only, no stale project
ref.
- [x] Command menu (`Cmd+K`) inside a project still fires
`command_menu_opened` with studio's project/org overriding any
event-supplied groups.
- [x] Support form "Ask the Assistant" without selected org fires
`ai_assistant_in_support_form_clicked` with no project/org groups
(sentinels suppress).
- [x] On a branch, "Update branch" / "Merge branch" / "Close merge
request" events fire with `groups.project` set to the parent project
ref, not the branch ref.

Local checks:
- [x] 22/22 tests pass across the 4 updated test files
(`SidePanelEditor.utils.createTable`, `EdgeFunctionRenderer`,
`LayoutSidebar`, `PlanUpdateSidePanel`).
- [x] `rg useSendEventMutation apps/studio` returns 0 hits.

## Linear
- fixes GROWTH-860


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Chores**
* Standardized telemetry across the Studio to a unified tracking system;
events now send simplified payloads with less contextual/grouping data.
* No user-facing flows changed; UI behavior, permissions, and
interactions remain the same.
* **Tests**
* Updated telemetry mocks and tests to align with the new tracking
approach.

<!-- review_stack_entry_start -->

[![Review Change
Stack](https://storage.googleapis.com/coderabbit_public_assets/review-stack-in-coderabbit-ui.svg)](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46140?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)

<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-05-27 15:19:54 +08:00
Joshen Lim 24f62c4402 Joshen/fe 3432 show maintenance banners only for affected project regions (#46191)
## Context

There'll be an upcoming shared pooler maintenance for specific regions -
so the PR here informs users about that via the following changes

- Shift Terms of Service update into a float banner
- Same local storage key is used for dismissal so users who already
dismissed it won't see this again
  - This is to prevent 2 notice banners scenario
<img width="342" height="235" alt="image"
src="https://github.com/user-attachments/assets/0a10fa53-46a0-4c71-beef-d66e006503fd"
/>

- Updated NoticeBanner to inform users of the upcoming maintenance
- Only projects in specific regions will be affected, so not all
projects will see this
<img width="658" height="75" alt="image"
src="https://github.com/user-attachments/assets/83aabda5-a774-4118-a945-08052b7c6b3e"
/>
<img width="496" height="152" alt="image"
src="https://github.com/user-attachments/assets/a1ccc440-5179-4a4b-919f-208844bb2227"
/>

- Cleaned up unused local storage keys

### To test

- Can be tested on preview as the notice applies for eu-central-1 and
us-east-1


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Dismissible Terms of Service update banner with “Learn more” dialog so
users can review and acknowledge changes.
* Enhanced maintenance notices showing region-specific maintenance
windows, a status link per region, and formatted UTC timestamps tied to
the selected project.

<!-- review_stack_entry_start -->

[![Review Change
Stack](https://storage.googleapis.com/coderabbit_public_assets/review-stack-in-coderabbit-ui.svg)](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46191?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)

<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-05-22 17:40:12 +07:00
Kanishk Dudeja ba77d15d41 chore(billing): remove billing address modal and tax id banner (#46210)
This PR removes the billing address modal and tax id banner code
completely since we no longer need it.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Removed Features**
  * Billing address update modal is no longer accessible.
  * Tax ID banner has been removed from the app UI.
  * Placeholder banner block disabled.

* **Tests**
  * Automated tests for the billing address modal were removed.

* **Chores**
  * Associated local-storage key for the tax ID banner was removed.

<!-- review_stack_entry_start -->

[![Review Change
Stack](https://storage.googleapis.com/coderabbit_public_assets/review-stack-in-coderabbit-ui.svg)](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46210?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)

<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-05-21 18:30:18 +05:30
Gildas Garcia 243e079a2c chore: remove _Shadcn_ suffix from Command components (#46153)
## Problem

The `_Shadcn_` suffix isn't needed anymore on `Command` components

## Solution

- Remove the `_Shadcn_` suffix
- Simplify UI package exports
- Apply prettier

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Refactor**
* Simplified command component imports and exports across the UI library
by removing internal naming aliases and adopting direct component
references. Updated the public UI package barrel export to use wildcard
re-exports for cleaner API surface.

<!-- review_stack_entry_start -->

[![Review Change
Stack](https://storage.googleapis.com/coderabbit_public_assets/review-stack-in-coderabbit-ui.svg)](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46153?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)

<!-- review_stack_entry_end -->

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-05-20 15:45:32 +02:00
Gildas Garcia 224dbb09bb chore: rename CommandMenu internal components to avoid conflicts with base shadcn ones (#45996)
## Problem

The `ui-patterns/CommandMenu` exposes internal components that have the
same names as the base shadcn components they wrap. This create
confusion about which one to use and forces us to expose the base ones
with the `_Shadcn_` suffix.

## Solution

Rename those internal components to have `CommandMenu` in their names to
make it clearer they are meant to be used with `CommandMenu`. We will
then rename the shadcn base ones to remove the suffix.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

## Refactor
* Standardized Command Menu component naming across the design system
for improved consistency and clarity. Updated component names:
`CommandInput` → `CommandMenuInput`, `CommandList` → `CommandMenuList`,
`CommandItem` → `CommandMenuItem`, `CommandEmpty` → `CommandMenuEmpty`,
and `CommandGroup` → `CommandMenuGroup`. Updated public API exports,
internal subpath references, all examples within the registry, and
implementations across documentation, studio, and application
interfaces.

<!-- review_stack_entry_start -->

[![Review Change
Stack](https://storage.googleapis.com/coderabbit_public_assets/review-stack-in-coderabbit-ui.svg)](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/45996)

<!-- review_stack_entry_end -->

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-05-20 14:05:59 +02:00
Francesco Sansalvadore dc986674d9 chore(studio): integrations Marketplace layout (#45856)
Introducing a new Integrations Marketplace layout
- behind feature flag
- behind opt-out feature preview (default to true) to easily toggle
before and after

Doesn't introduce new functionality, only layout change behind ff.

## What changed

Nothing if `marketplaceIntegrations` flag is off.

### With flag

- New Marketplace index layout
  - filter via text or by `category`, `integration type` and `source`
- Featured Partners Integrations hero (hidden when any filter is active)
  - toggle between `grid` and `list` view
- new integration detail page layout
  - with top action bar
  - more consistent fullWidth or narrow content layouts
- can access Feature Preview toggle under Account Dropdown > Feature
Previews > Marketplace

## How to review and what to test

I recommend reviewing file changes from bottom to top in
https://github.com/supabase/supabase/pull/45856/changes because it makes
more sense from a pr-logic perspective.

- [ ] Visit
https://studio-staging-git-chore-integrations-ui-refine-fs-supabase.vercel.app/dashboard/project/_/integrations
- [ ] Check if new layout doesn't have big layout issues like weird
paddings or margins mostly. (We can iterate in upcoming PRs for
additional features/fixes)
- [ ] Toggle "Marketplace" feature preview to `FALSE` and check that the
Integrations layout looks like in prod
https://supabase.com/dashboard/project/_/integrations
- [ ] Also check individual integration pages and toggle the feature
preview on and off to see before and after and check if everything looks
good

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Full Marketplace experience: explorer with featured hero,
filters/search, list & grid views, cards, sidebar, detailed integration
pages, install flows, badges, and a preview toggle.

* **Bug Fixes**
  * Prevented stale markdown from showing when switching integrations.

* **Style**
* Improved responsive layouts, loading placeholders, and header/nav
full-width behavior.

<!-- review_stack_entry_start -->

[![Review Change
Stack](https://storage.googleapis.com/coderabbit_public_assets/review-stack-in-coderabbit-ui.svg)](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/45856)

<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Saxon Fletcher <saxonafletcher@gmail.com>
Co-authored-by: Raminder Singh <romi_ssk@yahoo.co.in>
2026-05-20 11:01:32 +02:00
Jordi Enric df61856936 feat(feature-preview): remove hardcoded plan check for unified logs (#46114)
Removes `useIsEnterpriseOrSupabaseOrg` and replaces it with the
`unifiedLogs` ConfigCat flag. ConfigCat now handles tier targeting
directly, so the hardcoded enterprise/internal org check is redundant.

Also eliminates three queries (project detail, org, subscription) that
were firing on every page load just to gate the feature preview.

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-20 10:17:07 +02:00
Charis 47dc3d8478 chore: remove NoticeBanner2 (#46074)
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.

YES

## What kind of change does this PR introduce?

Chore / cleanup.

## What is the current behavior?

`NoticeBanner2` displayed a maintenance notice for `ap-southeast-1` and
`sa-east-1` on May 13-14. The window has passed and the banner is no
longer needed.

## What is the new behavior?

`NoticeBanner2`, its `showNoticeBanner2` flag wiring in
`AppBannerWrapper`, and its now-unused imports (`useQueries`,
`useOrganizationsQuery`, `projectKeys`, `getOrganizationProjects`,
`OrgProject`, `MAINTENANCE_REGIONS`) are removed. Shared utilities still
used elsewhere (`projectKeys.bannerProjectsByOrg`,
`getOrganizationProjects`/`OrgProject`,
`LOCAL_STORAGE_KEYS.MAINTENANCE_BANNER_DISMISSED`) are kept.

## Additional context

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **New Features**
* Added Terms of Service update notification banner that expires on July
4, 2026, with options to view details or dismiss.

* **Chores**
  * Removed deprecated maintenance banner notification.

<!-- review_stack_entry_start -->

[![Review Change
Stack](https://storage.googleapis.com/coderabbit_public_assets/review-stack-in-coderabbit-ui.svg)](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46074?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)

<!-- review_stack_entry_end -->

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-05-18 15:46:02 -04:00
kemal.earth d051fa5188 feat(studio): add new badge to feature preview for logs (#45171)
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.

YES

## What kind of change does this PR introduce?

We were missing the "New" badge as pointed out by @peekknuf. Though we
already mention "New" in the feature name here. Thoughts
@supabase/dashboard ?

| Before | After |
|--------|--------|
| <img width="287" height="98" alt="Screenshot 2026-04-23 at 17 33 56"
src="https://github.com/user-attachments/assets/06e32cd6-55da-4bd1-a79b-9305ff1aa938"
/> | <img width="284" height="148" alt="Screenshot 2026-05-18 at 12 01
33"
src="https://github.com/user-attachments/assets/e7721e80-6aa9-4c58-ab64-fc13bc346bf8"
/> |
2026-05-18 12:27:04 +01:00
Etienne Stalmans 85743d7215 feat: branching support for temporary access (#45411)
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.

YES

## What kind of change does this PR introduce?

feature


## Additional context

Needs API deployment, adds a toggle to allow roles to only be available
on branch projects


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Added a "Branches only" option for JIT database access grants;
included when grants are submitted.

* **UI**
* Configuration UI shows an informational notice and hides
temporary-access controls when preview branches are managed from the
main branch.
* Feature preview label changed to "Temporary access"; badge text now
reads "Preview".

* **Tests**
  * Unit test updated to cover branches-only serialization.

<!-- review_stack_entry_start -->

[![Review Change
Stack](https://storage.googleapis.com/coderabbit_public_assets/review-stack-in-coderabbit-ui.svg)](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/45411?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)

<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Danny White <3104761+dnywh@users.noreply.github.com>
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
2026-05-18 09:47:59 +02:00
Gildas Garcia 0713a1efc1 chore: remove shadcn suffix for Input, Textarea, Alert and Collapsible (#45867)
## Problem

Now that we migrated old components to their new shadcn alternatives, we
don't need the `_Shadcn_` suffix anymore.

## Solution

Remove it

<img width="659" height="609" alt="image"
src="https://github.com/user-attachments/assets/2d7271a9-066a-4dcc-92fe-729b106d2c2f"
/>
2026-05-15 14:55:37 +02:00
Jordi Enric 5a067d0937 feat(unified-logs): show feature preview for flag or team/enterprise plan (#45937)
## Problem

The unified logs feature preview was only shown to users with the
\`unifiedLogs\` LaunchDarkly flag enabled AND who were either on an
enterprise plan or on staging/local. Team plan users were excluded, and
the staging escape hatch added noise.

## Fix

Updated the eligibility check to use an OR condition: show the feature
preview if the \`unifiedLogs\` flag is on OR the org is on a team or
enterprise plan. Also added \`team\` to the
\`useIsEnterpriseOrSupabaseOrg\` hook and removed the
\`IS_STAGING_OR_LOCAL\` bypass.

## How to test

- Log in as a user on a team plan and verify the "New Logs interface"
option appears in the Feature Previews modal
- Log in as a user on an enterprise plan and verify the same
- Log in as a user on a free or pro plan without the \`unifiedLogs\`
flag enabled and verify the option does not appear
- Enable the \`unifiedLogs\` LaunchDarkly flag for a free/pro user and
verify the option appears

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **New Features**
* Unified logs preview is now more accessible for enterprise and
Supabase organizations without requiring additional staging conditions.

<!-- review_stack_entry_start -->

[![Review Change
Stack](https://storage.googleapis.com/coderabbit_public_assets/review-stack-in-coderabbit-ui.svg)](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/45937)

<!-- review_stack_entry_end -->

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-14 18:01:59 +02:00
Jordi Enric 19e0b36650 feat(logs): migrate unified logs queries to OTEL endpoint DEBUG-71 (#45642) 2026-05-14 08:56:32 +02:00
Pamela Chia e55411da5e feat(studio): Fly.io deprecation banner (#45778)
## Summary

Adding an in-dashboard banner for the Fly.io May 31 suspension. Banner
targets users on a Fly project (or with a Fly project in their
currently-selected org) and surfaces a per-project breakdown of what's
affected in a dialog. Detection is self-correcting: as soon as the user
migrates off Fly, the banner disappears with no follow-up.

<img width="557" height="502" alt="Screenshot 2026-05-11 at 5 08 22 PM"
src="https://github.com/user-attachments/assets/7bafb712-3490-4555-9667-66e9909f1b1a"
/>
<img width="1675" height="536" alt="Screenshot 2026-05-11 at 3 55 06 PM"
src="https://github.com/user-attachments/assets/6c1bf9d1-4dcc-4aac-a679-2ed477d2ed1c"
/>


## Changes

- **Detection hook** (`useFlyDeprecationProjects`): reads only from
already-cached data — `useSelectedProjectQuery` for the current project,
plus `useOrgProjectsInfiniteQuery` scoped to the selected org. Zero
cross-org fan-out: worst case is one paginated query per session (the
same one the project list page already makes).
- **Banner component** (`FlyDeprecationBanner.tsx`): mounted in
`AppBannerWrapper`. Dynamic title (primaries / branches / both), dialog
lists affected projects with org name, numbered migration steps, links
to backup/restore CLI + Dashboard backup + branching docs. List
truncates to 5 entries with "…and N more." tail when more are affected.
- **Telemetry**: `fly_deprecation_banner_exposed` and
`fly_deprecation_banner_dismissed` events emitted via `useTrack`
(auto-injects project + org groups). Properties: `primaryCount`,
`branchCount`. CTA click tracking intentionally omitted — migration
outcome is measured via warehouse `cloud_provider = 'FLY'` decay.
- **LocalStorage**: dated dismissal key `FLY_DEPRECATION_2026_05_31`;
orphan `FLY_POSTGRES_DEPRECATION_WARNING` from PR #33510 removed in the
same change so users who dismissed the Feb 2025 banner still see this
one.
- **Support contact**: email `success@supabase.io` only (no support
ticket link), per Brian's outreach copy in the Linear issues.

## Coverage trade-off

Banner renders on project pages (selected-project check) and pages where
the selected org's projects list is cached (org overview, project list).
It does **not** render on `/dashboard` home or other pages without org
context. Email outreach from GROWTH-817 / GROWTH-819 handles those
users. This was a deliberate trade-off to avoid cross-org fan-out load.

## Lifecycle

Banner expires `2026-06-01T00:00:00Z` (right after the May 31 deadline).
Stale client bundles stop rendering it without a redeploy. Cleanup PR
planned post-deadline to remove the component, hook, localStorage key,
and telemetry events.

## Testing

Tested on the Vercel preview with React Query cache overrides to mock a
Fly project:

- [x] Banner renders for a user with at least one project where
`cloud_provider === 'FLY'`
- [x] Banner does **not** render for a user with no Fly projects
- [x] Banner does **not** render on `/sign-in`
- [x] Title varies by primaries-only / branches-only / both
- [x] Dialog lists affected projects with org name in parens
- [x] Dialog list truncates to 5 with "…and N more." for larger sets
- [x] Migration guide / Dashboard backup / branching links open in a new
tab
- [x] Dismiss (×) closes the banner and persists across hard reload
(localStorage `fly-deprecation-2026-05-31-dismissed`)
- [x] PostHog receives one `fly_deprecation_banner_exposed` per mount
with `primaryCount` + `branchCount` and `$groups.organization` populated
- [x] PostHog receives one `fly_deprecation_banner_dismissed` on close
with the same property shape

## Linear

- fixes GROWTH-817
- fixes GROWTH-819
2026-05-12 02:24:47 +08:00
Charis d3d6dd0eda Revert "studio: debug logging for notice banner 2" (#45727)
Reverts supabase/supabase#45724
2026-05-08 17:32:19 +00:00
Charis cce46e15ab studio: debug logging for notice banner 2 (#45724)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Chores**
* Added diagnostic logging to banner components for internal monitoring
purposes.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-05-08 12:45:47 -04:00
Charis cf1e95dcd7 studio: maintenance banner for shared pooler 2026-05-13 (#45695)
Add a second notice banner (because we need the first one to show the
current ToS update). Scoped to ap-southeast-1 and sa-east-1.

Haven't linked to the StatusPage maintenance entry yet as it's not up;
the placeholder link is just to the generic StatusPage.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Added a second notice banner that alerts users to upcoming maintenance
for affected databases in specific regions; it appears conditionally
(based on affected projects) and can be dismissed—dismissal prevents it
from reappearing.
* The existing “Updated Terms of Service” notice remains unchanged and
continues to display on non–sign-in routes until acknowledged.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-05-08 15:35:32 +00:00
Alaister Young f8cc6c21bd [FE-2075] feat(studio): bump graphiql to v5 and use prebuilt component (#45404)
Adds `graphiql@5.2.2` and switches from our heavily-customised rebuild
(which used `@graphiql/react` + `@graphiql/toolkit` directly) to the
prebuilt component, restyled to match the dashboard. Role impersonation
re-added as a sidebar plugin.

This is a deliberately simpler setup than what we had – we lose some
layout customisation (sidebar is forced to the left, role impersonation
moves into the sidebar) but future upgrades become much easier since
we're no longer maintaining a fork-by-rewrite.

**Removed:**
- `apps/studio/components/interfaces/GraphQL/GraphiQL.tsx` – custom
rebuild
- `apps/studio/components/interfaces/GraphQL/graphiql.module.css` –
custom styles

**Changed:**
- Added `graphiql` ^5.2.2 (we previously didn't have the top-level
package, just the subpackages)
- `@graphiql/react` ^0.19.4 → ^0.37.3 (now Monaco-based; v0.19 was still
on CodeMirror 5)
- `@graphiql/toolkit` ^0.9.1 → ^0.11.3
- `GraphiQLTab.tsx` now wires up the prebuilt `<GraphiQL />` with worker
setup, theme bridge, and plugins
- New `graphiql.module.css` scopes restyling via `:global(...)` since we
can't add hashed classes to the library's DOM
- `RoleImpersonationSelector` gained an `orientation: 'horizontal' |
'vertical'` prop (default `horizontal`) so it fits in the sidebar pane –
all existing call sites unchanged
- `MonacoThemeProvider` exports `getTheme` so the GraphQL Monaco
instance can reuse Studio's theme

**Added:**
- Theme bridge: `supabase-graphql-dark` / `supabase-graphql-light`
Monaco themes synced with `next-themes` via `forcedTheme`
- Role impersonation sidebar plugin (gated on `field.jwt_secret` read
permission, same as before)

### Notes / tradeoffs

- We don't share Studio's monaco instance – Studio loads it via AMD/CDN,
GraphiQL bundles it as ESM. Both end up on `monaco-editor@0.52.2` but in
different module systems. Sharing would require ripping out Studio's CDN
loader (Studio-wide refactor, out of scope). GraphiQL's monaco is
dynamically imported and only loads when the GraphQL tab opens.
- The dark/light response panel uses different `--graphiql-response-bg`
tokens because the editor sits at very different baseline lightness in
each theme; a single token can't lift it meaningfully in both
directions.
- Session header (tabs row) is hidden – we don't expose multi-tab
workflows.

## To test

- Open `/project/<ref>/api/graphiql` in both light and dark themes –
editor + response panel backgrounds, sidebar borders, button radii
should all match the dashboard
- Run a query and confirm syntax highlighting works (GraphQL-specific
token `argument.identifier.gql` is purple)
- Open the doc explorer and history sidebar plugins
- As a user with `field.jwt_secret` read permission: open the Role
Impersonation sidebar plugin, pick a role, confirm subsequent queries
hit the API with the impersonated JWT
- As a user without that permission: confirm the Role Impersonation
plugin doesn't appear, history still does
- Toggle theme while GraphiQL is open – Monaco theme should swap without
a reload

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Vertical layout option for the role impersonation selector; radios can
expand to full width.

* **Improvements**
* Revamped GraphiQL integration with updated upstream package, plugins,
and editor theming for improved consistency and UX.
* New GraphiQL styling and layout for clearer pane separation and
polished controls.
* Role selector radios now support a full-width mode for improved
responsiveness.

* **Chores**
  * Updated GraphiQL-related dependencies.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Alaister Young <10985857+alaister@users.noreply.github.com>
2026-05-01 16:16:26 +08:00
Kanishk Dudeja e311b70387 chore(billing): disable tax ID banner (#45405)
This PR disables the tax ID banner. I haven't removed the code just in
case we need to reintroduce it later.

Will follow up with removing the code entirely or introducing a feature
flag if we decide to keep it.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Chores**
* Disabled the tax identification banner display in the application
interface.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-30 20:50:04 +05:30
Ivan Vasilov 56de26fe22 chore: Migrate the monorepo to use Tailwind v4 (#45318)
This PR migrates the whole monorepo to use Tailwind v4:
- Removed `@tailwindcss/container-queries` plugin since it's included by
default in v4,
- Bump all instances of Tailwind to v4. Made minimal changes to the
shared config to remove non-supported features (`alpha` mentions),
- Migrate all apps to be compatible with v4 configs,
- Fix the `typography.css` import in 3 apps,
- Add missing rules which were included by default in v3,
- Run `pnpm dlx @tailwindcss/upgrade` on all apps, which renames a lot
of classes
- Rename all misnamed classes according to
https://tailwindcss.com/docs/upgrade-guide#renamed-utilities in all
apps.

---------

Co-authored-by: Jordi Enric <jordi.err@gmail.com>
2026-04-30 10:53:24 +00:00
Joshen Lim 89d08a2505 Remove feature flag for RLS tester (#45332)
## Context

As per PR title - will make the RLS tester available for CLI / self-host
(still as a feature preview)

## To test

- [x] Verify briefly locally that the RLS tester is available for use,
and works as expected

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Bug Fixes**
* Improved user search error handling to display appropriate failure
messages when search encounters issues.

* **Refactor**
* Simplified RLS Tester feature availability logic by consolidating
enablement checks across components and removing redundant feature flag
dependencies.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-28 16:32:10 +00:00
Francesco Sansalvadore 072006ba0f chore(studio): remove mobile toolbar flag (#45317) 2026-04-28 13:45:00 +00:00
Ivan Vasilov 308cd791a2 chore: Prep work for migrating to Tailwind v4 (#45285)
This PR preps the monorepo for a migration to Tailwind v4:
- Bump all Tailwind dependencies and libraries to the latest possible
version, while still compatible with Tailwind 3.
- Cleans up obsolete Tailwind 3 specific options and configs.
- Cleans up unused CSS files and fixes the CSS imports.
- Migrates all `important` uses in `@apply` lines to using the `!`
prefix.
- Move `typography.css` to the `config` package and import it from the
apps.
- Migrated all occurrences of `flex-grow`, `flex-shrink`,
`overflow-clip` and `overflow-ellipsis` since they're deprecated and
will be removed in Tailwind 4.
- Make the default theme object typesafe in the `ui` package.
- Migrate all `bg-opacity`, `border-opacity`, `ring-opacity` and
`divider-opacity` to the new format where they're declared as part of
the property color.
- Bump and unify all imports of `postcss` dependency.
2026-04-28 11:33:53 +02:00
Joshen Lim dab1512fe9 Add callout for feature preview rls tester (#45307)
## Context

Adds a banner on the auth policies page for the new RLS tester feature
preview
<img width="307" height="310" alt="image"
src="https://github.com/user-attachments/assets/6864c2cb-c3b8-4c1f-8dce-57411425e17d"
/>

Also adds a Give feedback button in the RLS Tester sheet footer
<img width="616" height="73" alt="image"
src="https://github.com/user-attachments/assets/64755f56-4e27-4b54-92b2-a894badc0b88"
/>


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* RLS Tester preview banner added to the policies page with animated
content and a locally persisted dismissed state.
* Enabling the RLS Tester via the preview also dismisses and records the
banner dismissal.
* New feedback link added to the RLS Tester UI that opens in a new tab.

* **Layout/Providers**
* Banner stack context moved so banner state is available more broadly
across the app.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-28 17:14:31 +08:00
Danny White bedb2efb87 chore(studio): JIT access UI improvements (#44161)
## What kind of change does this PR introduce?

UI and copywriting improvements for temporary access.

## What is the current behavior?

The temporary access UI still used older JIT/ephemeral naming in some
places, did not clearly explain the setup requirements, and had to infer
unavailable states from Platform error message text.

## What is the new behavior?

The settings UI now uses temporary access naming consistently, explains
that temporary access uses short-lived tokens for manual database
connections, and renders clearer unavailable states for projects that
require either a Postgres upgrade or a platform migration.

The Studio query now consumes Platform’s structured `unavailableReason`
contract instead of parsing human-readable error strings, so the UI owns
the copy while Platform owns the eligibility reason.

Validation:

- `pnpm eslint
components/interfaces/Settings/Database/JitDatabaseAccess/JitDbAccessConfiguration.tsx
data/jit-db-access/jit-db-access-query.ts`
- `pnpm tsc --noEmit --pretty false`

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* IP range input now supports one CIDR range per row with add/remove
rows and form integration.

* **Documentation**
* Replaced “JIT” wording with “Temporary” / “Ephemeral token-based”
access across UI, dialogs, toasts, and help links.
  * Added minimum PostgreSQL version requirement (17.6.1.081+).

* **Improvements**
  * Per-row CIDR validation with precise nested error messages.
* Refined layout spacing and moved the temporary-access configuration
earlier in Database settings.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Etienne Stalmans <etienne@supabase.io>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
2026-04-28 17:26:59 +10:00
Joshen Lim 5f867e5f6c Feature Preview: RLS Tester (#45121)
## Context

Resolves FE-3077
Related discussion: https://github.com/orgs/supabase/discussions/45233

Verifying the correctness of your RLS policies set up has always been a
gap, as highlighted by a number of GitHub discussions like
[here](https://github.com/orgs/supabase/discussions/12269) and
[here](https://github.com/orgs/supabase/discussions/14401). As such,
we're piloting a dedicated UI for RLS testing (using role impersonation
as the base), in which you'll be able to
- Run a SQL query as a user (not logged in / logged in - this is the
role impersonation part)
- See which RLS policies are being evaluated as part of the query
- And hopefully be able to debug which policies are not set up correctly

Changes are currently set as a feature preview - and we'll iterate as we
get feedback from everyone 🙂 🙏

<img width="613" height="957" alt="image"
src="https://github.com/user-attachments/assets/83c37f8a-28fc-43b3-b0ff-e28571d8710c"
/>


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* RLS Tester: run queries as anon or authenticated users, view inferred
SQL, per-table policy summaries, and data previews of accessible rows.
* UI preview: new RLS Tester preview card and modal with opt-in toggle;
RLS Tester sheet with role/user selector and query editor.
  * SQLEditor: “Explain” tab is always visible.

* **Chores**
* Added supporting API endpoints, background checks for table RLS
status, and a local-storage flag to persist the preview opt-in.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-28 15:02:49 +08:00
Joshen Lim 7f5865872a Enforce noUnusedLocals and noUnusedParameters in tsconfig.json + fix all related issues (#45264)
## Context

Enforce `noUnusedLocals` and `noUnusedParameters` in tsconfig.json + fix
all related issues
2026-04-27 17:42:34 +08:00