This PR migrates the whole monorepo to use Tailwind v4:
- Removed `@tailwindcss/container-queries` plugin since it's included by
default in v4,
- Bump all instances of Tailwind to v4. Made minimal changes to the
shared config to remove non-supported features (`alpha` mentions),
- Migrate all apps to be compatible with v4 configs,
- Fix the `typography.css` import in 3 apps,
- Add missing rules which were included by default in v3,
- Run `pnpm dlx @tailwindcss/upgrade` on all apps, which renames a lot
of classes
- Rename all misnamed classes according to
https://tailwindcss.com/docs/upgrade-guide#renamed-utilities in all
apps.
---------
Co-authored-by: Jordi Enric <jordi.err@gmail.com>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## Summary
- Fix `ToggleLegacyApiKeysPanel` being permanently hidden for users with
project-level admin access but no org-level access
- The `useAuthorizedAppsQuery` calls an org-level endpoint
(`/platform/organizations/{slug}/oauth/apps`) which returns 403 for
project-only admins, causing `isAuthorizedAppsSuccess` to never become
`true` and
the entire panel to never render
- When the authorized apps query fails, show a fallback warning
directing users to verify their org's OAuth apps before disabling legacy
keys
## What changed
- Removed `isAuthorizedAppsSuccess` from the rendering guard, the panel
now renders once legacy keys status and permissions resolve
- When the authorized apps query errors (e.g. 403), the button still
opens a warning dialog with appropriate copy before proceeding to the
confirmation modal
## Behavior
| User type | Authorized apps query | Button click |
|---|---|---|
| Org-level access, has apps | Success, apps > 0 | Warning → confirm
modal |
| Org-level access, no apps | Success, apps = 0 | Confirm modal directly
|
| Project-only admin | 403 error | Fallback warning → confirm modal |
## Current behavior
<img width="1461" height="707" alt="image-IcxHfCX0"
src="https://github.com/user-attachments/assets/2fd124cd-02eb-46c0-816e-178fe3ce99b0"
/>
Project admins can't view the button
## Changed behaaviour
<img width="1455" height="704" alt="image-YW1k6GQe"
src="https://github.com/user-attachments/assets/8c428c63-f1de-4b84-a1f2-6af7ff064e50"
/>
Projects admins can view the disable button and when clicked views a
warning about oauth apps:
<img width="451" height="250" alt="image-yu4bux3l"
src="https://github.com/user-attachments/assets/5a314329-350b-4207-b8e4-311d0c827e6f"
/>
and when they visit oauth apps, there is warning to contact with project
owner
<img width="1453" height="578" alt="image-pppzfksn"
src="https://github.com/user-attachments/assets/489ba3ba-c94e-4efb-923b-a989eebb2fc4"
/>
This PR fixes some prettier issues:
- Bump and unify all prettier versions to 3.7.3 across teh whole repo
- Bump the SQL prettier plugin
- When running `test:prettier`, check `mdx` files also
- Run the new prettier format on all files
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
* Bump the deps, refactor deprecated code.
* Migrate keepPreviousData usage.
* Migrate all uses of InfiniteQuery.
* Fix refetchInterval in queries.
* Migrate all use of isLoading to isPending in mutations.
* Fix accessing location in claim-project.
* Fix a bug in duplicate query keys.
* Migrate all queries to use isPending.
* Revert "Fix accessing location in claim-project."
This reverts commit 2a07df64b5.
* Revert the rss.xml file to master.
* user newer input in api keys
* user newer input in s3 connection settings
* improve input read-only styles
* make API text selectable
* disable text until reveal button tapped
* fix build
* revert change
* fix other cases
* revert hardcoded example
* nice region field
* documentation
* cleanup
* better docs
* colour tweaks
* Update perms checking in audit logs
* Deprecate useCheckPermissions, useIsPermissionsLoaded and useCheckProjectPermissions as they're no longer used
* Rename useAsyncCheckProjectPermissions to useAsyncCheckPermissions
* Fix TS
* Add flags for policies, third party auth, and manual linking + providers in sign in page
* Add flag for rate limitm page
* Add UnknownInterface components
* Update comment
* Flip flags to true
* Add flags for realtime policies and reports page
* Temp
* Add flag for sign in providers page
* Add flag for stripe wrapper
* Add flag for custom domains
* Add flag for dedicated ipv4 address addon
* Add empty state for realtime policies
* Add empty state for reports page
* Add flag for disable legacy JWT keys section
* Add flag for legacy jwt keys
* nit
* Remove ConnectionStringMoved call out
* Add flag for project settings log drains
* Add flag for subscription link in project settings
* Deprecate settings/auth page and redirect directly to auth page
* Flip back flags
* Add flags for account preferences analytics marketing and account deleetion
* Remove 'table_editor:enable_rls_toggle' flag and revert UI changes
* Remove 'authentication:policies' flag and revert UI changes
* Add flags for cmd K routes
* Add flags for instance size in infra settings
* Small refactor to DisplayApiSettings, decouple ToggleLegacyApiKeysPanel from it
* Have project_connection:javascript_example toggle code example title to TS
* add flag for templates dropdown in logs explorer
* UsesOverview only show link to providers page if providers is enabled
* API Docs UserManagement to only include docs on third party auth if providers is enabled
* Hide instance size on project card if flag is off
* Fix cmd k for roles, update redirect link from settings/auth to auth/providers
* Add flags for policies, third party auth, and manual linking + providers in sign in page
* Add flag for rate limitm page
* Add UnknownInterface components
* Update comment
* Flip flags to true
* Add flags for realtime policies and reports page
* Temp
* Add flag for sign in providers page
* Add flag for stripe wrapper
* Add flag for custom domains
* Add flag for dedicated ipv4 address addon
* Add empty state for realtime policies
* Add empty state for reports page
* Add flag for disable legacy JWT keys section
* Add flag for legacy jwt keys
* nit
* Remove ConnectionStringMoved call out
* Add flag for project settings log drains
* Add flag for subscription link in project settings
* Deprecate settings/auth page and redirect directly to auth page
* Flip back flags
* Part 1 of swapping useCheckPermissions with useAsyncCheckProjectPermissions
* Update apps/studio/hooks/misc/useCheckPermissions.ts
Co-authored-by: Drake Costa <drake@saeris.io>
* Address feedback
---------
Co-authored-by: Drake Costa <drake@saeris.io>
* Replace all usage of useProjectContext with useSelectedProjectQuery
* Replace all usage of useSelectedProject with useSelectedProjectQuery
* Replace all usage of useProjectByRef with useProjectByRefQuery
* Replace all usage of useSelectedOrganization with useSelectedOrganizationQuery
* Deprecate useSelectedProject, useSelectedOrganization, and useProjectByRef hooks
* Deprecate ProjecContext
* Deprecate getAPIKeys from project settings v2, use new api keys endpoint instead
* use getPreferredKeys where appropriate
* Prevent usage of secret key for storage and realtime inspector
* Add dashboard API api-keys endpoint
* Simplify
* Disable edge functions test if legacy api keys are disabled
* Revert
* Fix graphiql
* Remove all usage of api keys from project settings, except DisplayApiSettings
* Update
* Fix
* Small fix for an undefined upload url.
* Fix the storage state initialization when the resumable url changes.
---------
Co-authored-by: Ivan Vasilov <vasilov.ivan@gmail.com>
* fix(api-settings): correct API keys description text with link
The legacy guidance text had "Secret" and "Publishable" API keys
swapped for `anon` and `service_role` keys. This fix corrects the
text and adds contextual links to the new API keys page to guide
users appropriately.
* fix: remove target & rel
* fix: prettier
---------
Co-authored-by: Chris Stockton <chris.stockton@supabase.io>
* Minor update to new API keys modal for disabling / reenabling legacy keys
* Minor update
* Refresh user count as well when clicking refresh in auth users management
* original files from previous PR
* get rid of router in jwt-secrets to make it show up
* rename jwt-secrets page to jwt-signing-keys
* add jwt-signing-keys query
* add legacy jwt signing keys query
* wire-up JwtSecretKeysTable with queries
* add jwt signing keys page to settings menu
* deduplicate labels, descriptions, etc
* add create, update jwt-signing-key mutations
* update types
* remove unused components, to be refactored later
* make everything into a mostly working state
* legacy migration added
* put jwt keys page like api keys
* fully migrate legacy jwt secret page
* fix prettier
* fix typecheck ts-expect-error
* rm unneeded file
* Fix compile errors.
* Rename the files and move them to the same folder.
* Merge the two constant files.
* Fix the imports.
* Fix a bug in the API keys page when opening it in a new tab.
* Change the page to be at /signing-keys
* Fix some minor types.
* Break apart some of the components in the signing keys UI.
* Use a feature banner for the initial action.
* Make a create key dialog and move functionality there.
* Fix some cosmetic issues.
* Minor cosmetic fixes.
* Remove extra keys in RQ cache.
* Add a missing link
* Add a banner when the feature flag is false.
* Minor type fix.
* more tiny type fix
* fix error on create standby key
* add alert to prevent revoking legacy jwt secret without disabling legacy api keys first
---------
Co-authored-by: Ivan Vasilov <vasilov.ivan@gmail.com>
* feat: allow disabling and re-enabling of `anon` and `service_role`
* Cleanup the RQ hooks.
* Restructure the enable/disable alert in API keys.
* Minor cleanups.
* Minor fixes.
* Fix a type error.
---------
Co-authored-by: Ivan Vasilov <vasilov.ivan@gmail.com>
* Remove api-keys.tsx, duplicated with api-keys/index.ts
* Remove use of newApiKeys feature flag in SettingsMenu.utils.tsx
* Refactor use of newApiKeys flag to basicApiKeys
* Update logic for shouldDisableUI in useApiKeysVisibility hook
* Smol fix
* feat: add last used timestamp in the last 24h to legacy api keys
* address comments by @jordienr
* fix prettier
---------
Co-authored-by: Jordi Enric <jordi.err@gmail.com>
* feat: add basic api keys ui
* init JWT secrets. rough
* Update JWTSecretKeysTable.tsx
* added some info hover cards.
• found this this is probably the wrong direction
• will create a new page for next iteration.
* init new version
* add illustrations
* Update JWTSecretKeysTablev2.tsx
* chore: delete API key now works
* some style changes
* added better tables
* Update JWTSecretKeysTablev2.tsx
* add public JWT dialog
* moar
* adding sub layout in
* starts adding in a ButtonGroup
* about to make into separate components
* added quick copy to project loading screen
* build state
* basic loading
* confirm dialog and loading states
* switched for better loading experience
* moved styles of Input to InputVariants
* issue with ref type
* loading,error and rest states
* new loading states
* alt l;ayout
* add group
* updated error states for permissions
* copy button behaviour for secret keys
* delete dialog
* Update QuickKeyCopy.tsx
* fix type errors
* Update JWTSecretKeysTablev2.tsx
* update menu to hide pages
* Update SettingsMenu.utils.tsx
* Update resource-query.ts
* remove old file
* moved JWT secrets to use valtio
* Update api-keys-query.ts
* fix typecheck
* rename files
* remove JWT stuff
* revert file
* remove more JWT stuff
* Update package.json
* Update pnpm-lock.yaml
* Update ProjectLayout.tsx
* Update PublishableAPIKeys.tsx
* Update api-keys-query.ts
* refactor api-keys-query
* Update SettingsMenu.utils.tsx
* Some clean up
* more clean up and refactor
* Update APIKeyRow.tsx
* Update LayoutHeader.tsx
* resolve comments
* Update CreateSecretAPIKeyModal.tsx
* Update APIKeyRow.tsx
* Add perms check for delete API keys
* Remove console log
* Delete ConnectDialog.tsx
* use project ref
---------
Co-authored-by: Stojan Dimitrovski <sdimitrovski@gmail.com>
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
* Update DisplayApiSettings.tsx | add note on how to rotate service_role key
* Update apps/studio/components/ui/ProjectSettings/DisplayApiSettings.tsx
---------
Co-authored-by: Terry Sutton <saltcod@gmail.com>
* Fix the types for API settings to include protocol.
* Use the protocol property in all usages of endpoints.
* Update
* Lint
* Revert changes to retrieving protocol
* Remove console.logs
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
* Add perms check in projects API query
* Start deprecating use of projects-api-query, move to projects-settings-v2-query
* PRETTY
* Shift all uses of project api query to project settings v2 query, and deprecate project api query
* Shift all uses of project-settings-query to project-settings-v2-query and deprecate project-settings-query
* Fix
* Add lucide-react to docs (to make the autocomplete work).
* Migrate the docs app icons.
* Migrate the ui-patterns.
* Remove the old icons from ui package.
* Migrate the www app from react-feather icons.
* Migrate all of studio icons.
* Migrate the only component in design-system.
* Fix an old import in ui package. Revert an import in docs app.
* Fix some pages in www.
* Remove unneeded files used in generation of icons.
* Fix a prettier error.
* Fix more issues in www.
* Fix an issue in Log Date picker.
* Replace all string sizes with number sizes because the icons grew in some cases.
* Fix more imports in security page.
* Fix an extra import.
* Remove the size prop from all icons if they're in a button and they match the button size.
* Minor fixes for docs and www.
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
* fix: update Permission params
* fix: upgrade check permission hook to support project level role
* fix: usePermissionsLoaded
* fix: Permission params can be undefined
* Scaffold new access management UI
* Add validation
* Update roles view
* Add tooltip
* Add button to apply role to all projects
* Update UI to select projects first instead of roles
* Merge master update UI
* Midway trying to implementation project level perms API
* First pass implementating updating project level permissions
* Add client side validation for assigning/removing roles
* Midway implementing new invites
* Integrate most of the project level permissions functionality
* fix: filter out org-level permissions before checking
* Add relevant UI guards in org level pages for project role POV
* Minor refactors
* Small refactors
* More fixes
* Moar refactors
* More fixes
* More fixes
* Refactor update role logic and smack some test cases on it
* Fixes
* Fix type issue
* Fix type
* more fixes, refactors, adding checks...
* MORE fixes
* Add perms checking for replicas
* Add ButtonTooltip component and use them to prevent repetition of pointer events auto for buttons with tooltips
* Convert all buttons with tooltips to use ButtonTooltip
* refactor
* PRettier
* Small fix
* Remove commented out code in organization-invitation-accept-mutation
* fix: switch to use the platform oauth authorizations routes
* Add perms checking for org audit logs and org oauth apps
* PRettier
* Fix incorrect URL for oauth app flow
* Fix incorrect URL for oauth app flow
* Fix
* Add perms checking for warehouse related UI
* Update roles helper icon
* remove unused lib
* Update package lock... again
* Update package lock... again
* Smalllll update
* Update some checks
* Add gate for project level permissions
* Last fix
* update codegen
* Update warehouse endpoint routes
* Fix
---------
Co-authored-by: phamhieu <phamhieu1998@gmail.com>
Co-authored-by: Alaister Young <a@alaisteryoung.com>
* set up multiple themes in studio
* set up multiple themes in studio
* set up multiple themes in docs and www
* update all resolvedTheme to also include deep-dark
* update all resolvedTheme checks to also include deep-dark
* update tailwind.config.js tokens
* update tailwind.config.js tokens
* update leftover scale12 token
* update if resolvedTheme _doesn't_ include 'dark'
* update more styling tokens
* add dynamic themes to CmdK
* fix nav and footer for multi theme
* add data-theme selector output to transformTokens.js
* update code-hike.css to target data-theme css
* update tailwindcss to ^3.3.5
* ThemeImage with light and dark src for www and docs
* add brand-button styling token
* update old dark theme boolean
* update old dark theme boolean
* make homepage product visuals themeable
* update product page themed images
* update badge green with brand
* fix roles list appearance
* fix auth widget in auth page
* update more dark logic
* update more dark logic
* add button default bg and border
* update pricing page theme styling
* clean up Themeimage
* remove forceDark in homepage
* update dark:border-dark occurrences
* update dark:border-dark occurrences
* fix dark mode base colors
* remove foreground-strong
* fix notification badge bg
* remove some dark: selectors
* update dark: selectors
* update code-hike deep dark bg color
* fix comment typo
* update border-button-hover token
* fix customer story logo
* remove some more dark: selectors
* restore forceDark in www homepage
* fix auth react icon
* fix homepage product visuals
* remove theme
* add brand-link token
* fix checkbox bg
* npm install
* more visible EntityListItem active bg
* fix --background-alternative-default css vars
---------
Co-authored-by: Jonathan Summers-Muir <MildTomato@users.noreply.github.com>
* Move all studio files from /studio to /apps/studio.
* Move studio specific prettier ignores.
* Fix the ui references from studio.
* Fix the css imports.
* Fix all package.json issues.
* Fix the prettier setup for the studio app.
* Add .turbo folder to prettierignore.
* Fix the github workflows.
Ivan Vasilov