## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Bug fix. Resolves DEPR-511.
## What is the current behavior?
Paused projects in `Project Settings > General > Project availability`
still present restart/pause maintenance controls, but no resume
affordance. That makes the resume path hard to discover from Settings
and pushes users back to the project dashboard to find the correct
action.
The paused state also keeps showing a redundant disabled `Pause project`
row, and the pause confirmation uses a more flexible modal than this
flow needs.
DEPR-519 already covered the unhealthy-project restart guard, but not
this paused-project discoverability path.
## What is the new behavior?
Project Settings is now paused-project aware. It shows a shared `Resume
project` action when the project can still be restored, falls back to
the project dashboard when the restore window has expired or pause
status cannot be confirmed, and reuses the same resume flow, permission
checks, and free-tier guardrails as the paused dashboard.
While a project is already paused, the redundant `Pause project` row is
hidden so the section stays focused on the real next action. For active
projects, the pause row remains in place, including the useful disabled
tooltip states for plans that cannot pause.
The pause confirmation now uses `AlertDialog` with shorter, more
accurate copy about the restore window, and the restart controls now
behave more consistently on smaller breakpoints. The Project Settings
command-menu entry is also searchable via `resume project`.
| Before | After |
| --- | --- |
| <img width="1602" height="566" alt="CleanShot 2026-04-24 at 18 05
25@2x"
src="https://github.com/user-attachments/assets/bd8f4095-0360-443c-a179-185da69eb9e8"
/> | <img width="1538" height="408" alt="CleanShot 2026-04-24 at 18 06
12@2x"
src="https://github.com/user-attachments/assets/7ac26529-4b54-460e-89c3-927891d873d8"
/> |
| <img width="1524" height="524" alt="CleanShot 2026-04-24 at 18 08
53@2x"
src="https://github.com/user-attachments/assets/f3c49c46-b389-4324-b982-f557b159623e"
/> | <img width="1528" height="550" alt="CleanShot 2026-04-24 at 18 08
30@2x"
src="https://github.com/user-attachments/assets/4021e2bb-f22f-40db-be43-de6d0fb571b3"
/> |
| <img width="896" height="558" alt="CleanShot 2026-04-24 at 17 41
40@2x"
src="https://github.com/user-attachments/assets/31569aec-89a6-4984-8011-39d8b102c90f"
/> | <img width="912" height="502" alt="CleanShot 2026-04-24 at 18 10
34@2x"
src="https://github.com/user-attachments/assets/f19dcd27-12e6-4a2f-8eed-ca709e77dfa1"
/> |
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added a tooltip-enabled "Resume project" button that handles
permissions, free-plan member gating, optional Postgres version
selection, and navigates to the project after restore.
* **UX**
* Pause confirmation migrated to an alert-style dialog with updated copy
and disabled controls during pausing.
* Restart controls updated for improved responsive layout and refreshed
button visuals.
* Project settings now show appropriate resume/dashboard actions based
on pause/restore eligibility.
* **Tests**
* Added tests for active, resumable-paused, and non-resumable-paused
states.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
## Summary by CodeRabbit
* **New Features**
* Added Passkeys configuration page to manage WebAuthn relying-party
settings and enable/disable passkey auth.
* Added a Beta "Passkeys" item to the Auth settings menu.
* Enabled saving passkey-related authentication parameters.
* **Tests**
* Added test coverage to ensure the Passkeys menu appears or is omitted
based on feature flags.
* **Chores**
* Removed an unused import to tidy the code.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: fadymak <dev@fadymak.com>
Co-authored-by: Ivan Vasilov <vasilov.ivan@gmail.com>
## What kind of change does this PR introduce?
Refactor, cleanup, and docs update.
## What is the current behavior?
After the page-title rollout, `ProjectLayout` is still in a transitional
state:
- it accepts a deprecated `title` prop
- it still supports a separate `browserTitle.surface`
- wrapper layouts are split between passing `title` directly and passing
`browserTitle.section`
That makes the API harder to reason about than it needs to be, even
though the rendered titles are already correct.
## What is the new behavior?
This cleanup finishes the API simplification that came out of the
stacked PR review:
- wrapper layouts stay `title`-first for DX
- `ProjectLayout` no longer accepts `title`
- `product` is now the single source of truth for the project-surface
title segment
- `browserTitle` is now only used for extra browser-title metadata
(`entity`, `section`, `override`)
- the remaining project-scoped callers now pass `browserTitle.section`
when they need a section label
- docs now reflect the final pattern instead of the transitional one
Rendered page titles stay the same.
## Additional context
Checks run:
- `pnpm --filter studio exec vitest --run lib/page-title.test.ts
components/layouts/ProjectLayout/index.test.tsx`
- `pnpm --filter studio typecheck`
- `pnpm exec prettier --check ...` on touched files
This is intended as the post-rollout cleanup PR based on Joshen's review
feedback across the stacked title changes.
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
Stacked PR 2/5 for page title improvements. Includes Auth, Database,
editors, and Edge Functions layout title adoption.
_Base:
[dnywh/feat/page-titles](https://github.com/supabase/supabase/pull/43538)_
---
## What kind of change does this PR introduce?
- Resolves FE-1960
- Resolves FE-1983
- Resolves DEPR-207
## What is the current behavior?
Page titles between surfaces are inconsistent and vague. Sometimes they
say the product name:
```
My Project | My Org | Supabase
```
...even when on a specific surface like Database > Tables.
Other times they show the entity name but skip over the project or org
name :
```
Edge Functions | Supabase
```
## What is the new behavior?
Auth, Database, editors, and Edge Functions adopt the layout title
format introduced in https://github.com/supabase/supabase/pull/43538:
```
users | Table Editor | My Project | My Org | Supabase
hello-world | Logs | Edge Functions | My Project | My Org | Supabase
Backups | Database | My Project | My Org | Supabase
Authentication | My Project | My Org | Supabase
```
That format is:
entity, section, surface, project, org, brand
## Additional context
Related stacked PRs also based on the the original
[dnywh/feat/page-titles](https://github.com/supabase/supabase/pull/43538)
branch:
- https://github.com/supabase/supabase/pull/43535
- https://github.com/supabase/supabase/pull/43536
- https://github.com/supabase/supabase/pull/43537
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
## Context
Just cleaning up feature flags that have been toggled on for all users
and unchanged for the past 2 months
- advisorRules
- newJwtSecrets
- isWorkOSTPAEnabled
- EnableOAuth21
- gitlessBranching
- showRefreshToast
- awsPrivateLinkIntegration
- useBedrockAssistant (Already not used)
- enableStripeSyncEngineIntegration
- ShowExplainWithAiInQueryPerformance
Doing it in 2 parts so its easier for review
* feat: auth advanced page renamed to performance, support for percent db connections
* rename page and form
* make it compile
* fix types?
* one more update
* use master types
* restore from source
* fix prettier
* fix compilation
* minor adjustments
* wording
* change pro plan check
* fix prettier
* nit fixes
* Update next config
* update copy + align upgrade to pro language
* Update
* Clean up
* Nit improve loading time
* Update docs
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
* oAuth clients index layout
* oAuth apps crud
* is public
* add user count and client secret generation and management
* scaffold oauth server settings
* improve oauth server enablement / disablement
* show cover when oAuth server is disabled
* fix update panel update button
* add site url and authorization path settings values
* move oauth server to it's own nav item
* remove unneeded oauth server settings
* let the user disactivate oauth server even after creating oauth apps
* better delete button
* cleanup
* fix typecheck
* test endpoints
* add EnableOAuth21 feature flag
* update OAUTH_SERVER_ auth config api
* load OAUTH_SERVER_ENABLED in oauth list
* Update the api.d.ts. Remove the custom versions of supa libs.
* Add query for getTemporaryAPIKey.
* Add a hook for initializing a supabase client.
* Add hooks for oAuth Server apps.
* Regenerate pnpm-lock.yaml.
* Revert updates to the platform.d.ts. Not needed for this PR.
* Migrate all code to use the new hooks.
* Try to integrate the mutations and fix some of the sheet and dialogs.
* improve default and saving states
* fix oauth app form validation
* unify components into CreateOrUpdateOAuthAppModal
* create or update oauth app
* Update the OAuth Server page.
* Remove extra files.
* Minor various fixes.
* More fixes to the creation of oauth apps.
* Bump the libs to fix a DELETE oauth app error.
* Clean up the scope feature.
* Move the feature flag in the auth layout.
* Bunch of smaller fixes.
* Regenerate pnpm-lock.
* Revert SidePanel and CardDescription changes.
* Add confirm dialog for regenerating secret.
---------
Co-authored-by: Ivan Vasilov <vasilov.ivan@gmail.com>
* feat(preferences): allow disable hotkeys
Add a section in /account/me for disabling hotkeys. Only added one
hotkey for now (Cmd + E for toggling editor side panel) but we can add
more with the same pattern.
* refactor: remove default export on ProjectLayout
* feat(hotkeys): allow toggling of command menu and ai assistant hotkeys
* Nit
* PRettier lint
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
* feat: basic auth overview page setup
Adds the route and layout for the Authentication Overview page.
* feat: add feature flag for auth overview
* chore: small clean up
* feat: add overview page header
* feat: create sections for auth overview page
Adds three high level components for the sections of the Auth overview page. Can break down further later
* feat: add conditional redirect for top level sidebar item
This adds a redirect based on whether overview page is enabled or not. For users who dont have it enabled they go to users as default when tapping authentication.
* feat: add redirect if overview is set to false
* fix: add loaded context for feature flag
* chore: clean up scaffolding mark up
* chore: remove unused important
* chore: placeholders for sections
* Add flags for policies, third party auth, and manual linking + providers in sign in page
* Add flag for rate limitm page
* Add UnknownInterface components
* Update comment
* Flip flags to true
* Add flags for realtime policies and reports page
* Temp
* Add flag for sign in providers page
* Add flag for stripe wrapper
* Add flag for custom domains
* Add flag for dedicated ipv4 address addon
* Add empty state for realtime policies
* Add empty state for reports page
* Add flag for disable legacy JWT keys section
* Add flag for legacy jwt keys
* nit
* Remove ConnectionStringMoved call out
* Add flag for project settings log drains
* Add flag for subscription link in project settings
* Deprecate settings/auth page and redirect directly to auth page
* Flip back flags
* Add flags for account preferences analytics marketing and account deleetion
* Remove 'table_editor:enable_rls_toggle' flag and revert UI changes
* Remove 'authentication:policies' flag and revert UI changes
* Add flags for cmd K routes
* Add flags for instance size in infra settings
* Small refactor to DisplayApiSettings, decouple ToggleLegacyApiKeysPanel from it
* Have project_connection:javascript_example toggle code example title to TS
* add flag for templates dropdown in logs explorer
* UsesOverview only show link to providers page if providers is enabled
* API Docs UserManagement to only include docs on third party auth if providers is enabled
* Hide instance size on project card if flag is off
* Fix cmd k for roles, update redirect link from settings/auth to auth/providers
* Add flags for policies, third party auth, and manual linking + providers in sign in page
* Add flag for rate limitm page
* Add UnknownInterface components
* Update comment
* Flip flags to true
* Add flags for realtime policies and reports page
* Temp
* Add flag for sign in providers page
* Add flag for stripe wrapper
* Add flag for custom domains
* Add flag for dedicated ipv4 address addon
* Add empty state for realtime policies
* Add empty state for reports page
* Add flag for disable legacy JWT keys section
* Add flag for legacy jwt keys
* nit
* Remove ConnectionStringMoved call out
* Add flag for project settings log drains
* Add flag for subscription link in project settings
* Deprecate settings/auth page and redirect directly to auth page
* Flip back flags
* Add flags for account preferences analytics marketing and account deleetion
* Remove 'table_editor:enable_rls_toggle' flag and revert UI changes
* Remove 'authentication:policies' flag and revert UI changes
* Update flags
---------
Co-authored-by: Terry Sutton <saltcod@gmail.com>
* Add flags for policies, third party auth, and manual linking + providers in sign in page
* Add flag for rate limitm page
* Add UnknownInterface components
* Update comment
* Flip flags to true
* Add flag for sign in providers page
* page components
* page component changes
* settings but broken saving
* rvert
* use sheet for provider
* styling
* remove things
* Some refactoring and fixing, added JSDocs to layouts
* Smol refactor
* Fix
* Update JSDocs
* updated scaffolding
* update edge functions layout
* remove params
* single function layout
* invocation cleanup
* remove vars
* Clean up
* Spelling
* Clean up FormFieldWrappers
* One last clean up
* fix merge errors
* fix merge errors
* rmeove import
* Address comments
* Remove unnecessary prop
* Remove settings/functions and add redirects in next config
* fix empty
* Fix key prop issue and fix selected state in layout for single edge function
* Clean up edge function details
* Use zodResolver
* Refactor file name
* Remove unnecessary fragment
* Small refactors
* Refactor deleting edge function to use ConfirmationModal
* edge details fixes
* Small adjustment to paddings
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
* all settings moved into the right places
* clean a few things up
* update ui for auth settings
* more updating
* rearrange settings
* Update SmtpForm.tsx
* updated styling
* add old auth page to show links
* add copy
* udpate copy
* smtp links
* auth fixes
* Smol fix
* Another smol fix
* Fix tab page menu selection
* Add missing border
* Gah one last one
* Smol improvement for redirects from settings/auth to use id
* Update apps/studio/components/layouts/AuthLayout/AuthLayout.utils.ts
Co-authored-by: Kang Ming <kang.ming1996@gmail.com>
* Update apps/studio/pages/project/[ref]/auth/mfa.tsx
Co-authored-by: Kang Ming <kang.ming1996@gmail.com>
* Update apps/studio/pages/project/[ref]/auth/mfa.tsx
Co-authored-by: Kang Ming <kang.ming1996@gmail.com>
* remove recommendation
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
Co-authored-by: Kang Ming <kang.ming1996@gmail.com>
* Make the resource banner sticky.
* Remove main from all layouts that are using it.
* Update apps/studio/components/ui/ResourceExhaustionWarningBanner/ResourceExhaustionWarningBanner.tsx
Co-authored-by: Jonathan Summers-Muir <MildTomato@users.noreply.github.com>
* Fix the whitespace.
* Fix some of the pages with broken layouts.
* Fix a merge error.
* Fix the layout of the SQL editor.
---------
Co-authored-by: Jonathan Summers-Muir <MildTomato@users.noreply.github.com>
* chore: move column priv
* update docs
* Minor fixes for column privileges. Add an explanation alert.
* Add a right icon to productMenuItem component.
* Rename the database replication into publications.
* Change the order for the database menu.
* Fix various links to db publications.
* Remove duplicate entry.
---------
Co-authored-by: Ivan Vasilov <vasilov.ivan@gmail.com>
* add privileges page
* fix
* fix: could have both global and column-specific privileges + is global per privilege
* Trigger Build
* load permissions data for current table only
* fix style for light theme
* add a guide to Privileges
* Update apps/docs/pages/guides/auth/column-level-security.mdx
Co-authored-by: Greg Richardson <greg.nmr@gmail.com>
* Update apps/docs/pages/guides/auth/column-level-security.mdx
Co-authored-by: Greg Richardson <greg.nmr@gmail.com>
* Update doc
* Update docs
* progress moving privileges to pg-meta
* split up column privileges and table privileges
* adds loading state to toggles
* Add feature flag, move from auth section to database section
* Cleanup
* Update meta store table lists, add header warnings, update docs
* Add alert if any columns have privilages
* Spelling
* fix api.d.ts
* fix link
* move to auth pages
* only show editable schemas
* limit roles
* auto select first table
* remove roles meta store
* inline toggling
* apply privileges all at once
* add preview and use new switch component
* fix spelling
* handle long column names
* warn users about losing changes when changing schemas/tables
* remove strange docs link
* fix feature preview after reload
* use shadcn select
* Update select.tsx
* Minor UX fixes
* Update toast
* Update feature preview image for cls
* update cls warnings
* update warnings
* fix toast message
* Add migration alert to preview page
* Add link to CLS from feature preview, and add empty state on CLS page if feature preview is not enabled
* Shift local storage keys hard code to lib/constants
---------
Co-authored-by: Copple <10214025+kiwicopple@users.noreply.github.com>
Co-authored-by: Greg Richardson <greg.nmr@gmail.com>
Co-authored-by: Terry Sutton <saltcod@gmail.com>
Co-authored-by: Alaister Young <a@alaisteryoung.com>
Co-authored-by: Jonathan Summers-Muir <MildTomato@users.noreply.github.com>
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
* chore: improve auth screens loading
* Update apps/studio/components/interfaces/Auth/Users/UsersList.tsx
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
* handle error
* better pagination for users list
* disgusting boolean logic
* return user to previous page after deleting last user
* only show reloading indicator when it's refetching
* fix date formatting
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
* Init RQ for database roles
* Shift all use of roles from pg meta mobx store to RQ
* Deprecate and remove roles pg meta mobx store
* Fix import
* Fix
* Address comments
* remove function child
---------
Co-authored-by: Alaister Young <a@alaisteryoung.com>
* Add database policies RQ and shift all usage of policies from pg meta mobx to RQ
* Deprecate and remove policies store from pg meta mobx store
* Fix policies not showing by table and schema
* Update create policy mutation body
* Move all studio files from /studio to /apps/studio.
* Move studio specific prettier ignores.
* Fix the ui references from studio.
* Fix the css imports.
* Fix all package.json issues.
* Fix the prettier setup for the studio app.
* Add .turbo folder to prettierignore.
* Fix the github workflows.
Ali Waseem