Closes DOCS-488
<img width="1266" height="353" alt="Screenshot 2026-06-26 at 11 02
57 AM"
src="https://github.com/user-attachments/assets/67b5d47b-249e-4e53-9230-2bbcb7f037b7"
/>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## Problem
We have helpful documentation that delves into each observability
metric, but it is not easily findable in the moment it is needed while
viewing the dashboards.
## Solution
Solution includes:
- Add a docs link in Studio in every relevant place with the
`DocsButton` component
- Add aria-hidden on the `DocsButton` icon
- An added `constants.ts` to see all of the docs links in one place
- A contextual aria-label for the docs so that screenreader users know
where they're going
| Page | Docs link |
|------|-----------|
| Overview | `/guides/telemetry/reports` |
| Query Performance / Query Insights |
`/guides/platform/performance#examining-query-performance` |
| API Gateway | `/guides/telemetry/reports#api-gateway` |
| Database | `/guides/telemetry/reports#database` |
| Data API | `/guides/telemetry/reports#postgrest` |
| Auth | `/guides/telemetry/reports#auth` |
| Edge Functions | `/guides/telemetry/reports#edge-functions` |
| Storage | `/guides/telemetry/reports#storage` |
| Realtime | `/guides/realtime/reports` |
| Custom reports | `/guides/telemetry/reports#using-reports` |
Query Performance and Query Insights already had the button in their
custom headers. They now use the shared constants.
## Tophatting
1. Go to a project `/observability`.
2. Click into each of the panels and see a **Docs** link in the top
right.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added direct documentation links across observability report pages,
making it easier to open relevant help content from each view.
* Added clearer, page-specific labels for observability headers and docs
links.
* **Bug Fixes**
* Improved accessibility for icon buttons so icons are hidden from
assistive technologies while button labels remain clear.
* Adjusted report navigation layouts to keep controls aligned with the
new docs buttons.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Improved signed-in user identification in error tracking to use the
current authenticated user ID directly.
* Removed reliance on previously stored anonymous identifiers, reducing
inconsistent user matching across sessions.
* **Tests**
* Added coverage to confirm error tracking user identity is set when a
user is signed in and not set when signed out.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Problem
Every inputs and textarea have been migrated to the new shadcn
components. This `Input` is no longer needed
## Solution
- Delete it
- Clean up the `defaultTheme` accordingly
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Breaking Changes**
* Removed the built-in Input component from the UI library, including
its attached TextArea export.
* Removed input styling support from the default theme (standard/error
variants and related icon/action/textarea spacing).
* Cleared the Input module styles, so prior textarea action UI styling
is no longer available.
* Removed the Reports filtering UI in Studio (including the popover
component and the associated report-filter hook), which may affect
report filtering screens.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Summary
Adds frontend funnel telemetry to the organization-creation and
project-creation flows in Studio, so each is measurable as a funnel
(form exposed → completed) entirely from frontend events. Feeds the KPI
3 FE Benchmark Friction dashboard. Org creation had zero frontend funnel
events before this (only a backend event that fires across every
surface), and project creation had no clean form-view impression.
## Changes
- Define `organization_creation_form_exposed`,
`organization_creation_completed`, and `project_creation_form_exposed`
in the telemetry constants.
- Fire `organization_creation_form_exposed` when the new-org form
renders, gated on the profile resolving so pre-auth redirects are not
counted. Fire `organization_creation_completed` from the create success
callback, covering both the free and the paid pending-payment-intent
paths, attaching the new org slug as the organization group.
- Fire `project_creation_form_exposed` once the org and the
create-project permission have resolved, so it anchors on the form being
visible rather than the route loading. Project completion reuses the
existing client-side success event, so no duplicate completion event was
added.
## Notes
I chose exposed → completed over exposed → submitted. The org slug only
exists after the create API resolves, so the completion event is the
only org-funnel event that can carry the organization group; a
submit-time event cannot, which would break org-level segmentation. A
pageview is not a sufficient exposure anchor either: pageview capture is
off, and the manual pageview fires on route change before the form is
interactive (pre-auth redirect, async permission load, the no-org
redirect).
The `completed` verb follows the repo's approved-verb list
(`.claude/skills/telemetry-standards`); the repo previously migrated
`branch_merge_succeeded` to `branch_merge_completed` for the same
reason.
## Testing
Tested on the preview deploy:
- [x] `/dashboard/new` while signed in →
`organization_creation_form_exposed` fires once.
- [x] Create a free org → `organization_creation_completed` fires with
the organization group set.
- [x] `/dashboard/new/[slug]` with create permission →
`project_creation_form_exposed` fires once with `surface=main` and the
organization group.
- [x] No event re-fires on re-render or tab refocus.
Post-deploy: confirm in PostHog prod (project 34344) via HogQL that each
event fires with the expected properties and the organization / project
group set.
## Linear
- fixes FE-3690
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added improved tracking for organization and project creation flows,
including when forms are shown and when organization creation completes.
* Captures creation metadata to support better reporting on onboarding
and setup progress.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Summary
The KPI-3 friction dashboard needs to know *why* users hit errors on the
signup, project-creation, and org-creation funnels, not just that they
did. The existing `dashboard_error_created` event already fires for
these paths (10% sampled, with `$pathname`), but carries no reason:
~98.5% of events have no `errorType` and no property carries an error
message. This adds PII-safe classification computed client-side from a
controlled vocabulary, so raw error text never leaves the browser.
Validation errors (previously invisible, since they are inline form
errors that never raise a toast) are now captured on invalid submit.
## Changes
- Extend `dashboard_error_created` with `origin`, `errorCategory`,
`errorReason`, `errorCode`, and a `form` source value
- Add a pure, unit-tested classifier (`funnel-errors.ts`) and a
10%-sampled tracking hook (`use-track-funnel-error.ts`); the classifier
maps errors to stable slugs and emits only slugs + HTTP status, never
raw message text
- Classify signup errors (API failures + validation) in `SignUpForm`
- Classify project-creation errors (API failures, OrioleDB guard,
validation) in the new-project wizard
- Classify org-creation errors (API failures, payment/card declines,
confirm-subscription, validation) in `NewOrgForm`
## Testing
13 unit tests cover every classifier branch (validation / api / network
/ payment, status-code handling, message-pattern matching, and
fallbacks).
To verify on the Vercel preview (events are 10% sampled; set the sample
rate to 1 locally to observe each fire):
- Signup with a weak but non-empty password: `origin=signup,
source=form, errorCategory=validation, errorReason=password_invalid`
- Signup with an already-registered email: `origin=signup, source=toast,
errorCategory=api, errorReason=email_already_registered`
- New project with an empty name: `origin=project_creation, source=form,
errorReason=project_name_invalid`
- New org with an empty name: `origin=org_creation, source=form,
errorReason=org_name_missing`
- New org with a declined test card: `origin=org_creation,
errorCategory=payment`
PII: raw `error.message` is never sent; only controlled slugs and HTTP
status. Dashboard consumers must filter `origin IS NOT NULL` so these do
not collide with the generic toast events the global tracker still
emits.
## Linear
- fixes FE-3691
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added improved, categorized telemetry for signup, project creation,
and organization creation errors, including payment,
subscription-change, and validation failures.
* Extended dashboard error events with optional structured diagnostics
(origin, category, reason, and optional error code) and support for
form-origin reporting.
* **Bug Fixes**
* Improved project-creation handling to record a validation telemetry
event when an Oriole image is unavailable.
* Ensured payment-related and subscription-change failures are captured
consistently alongside existing user toasts.
* **Tests**
* Added unit tests covering API/network/validation/Stripe error
classification and reason mapping.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Bump several packages:
- Bump all instances of dompurify (patch version bump)
- Bump `posthog-js` to get a newer version of `@opentelemetry/core`
- Bump `@sentry/nextjs` to get a newer version of `@opentelemetry/core`
- Bump `redocly-cli` to get a newer version of `@opentelemetry/core`
- Bump `undici`
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated several project dependencies to newer versions, including
documentation tooling, analytics, and error-tracking packages.
* These updates may improve stability, compatibility, and access to the
latest fixes.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## What kind of change does this PR introduce?
Bug fix.
- Follow-up work to FE-3640
- Contributes to DEPR-604
## What is the current behavior?
Known dynamic OAuth requesters on `/dashboard/authorize` relied on
OAuth-specific hard-coded icon assets that were dark-mode only.
Cursor did not have separate light/dark assets in the shared MCP icon
registry, Perplexity only had a light tile asset with baked-in padding,
and OpenAI used the older blossom mark.
## What is the new behavior?
Known OAuth requester logos now resolve through the shared MCP icon
registry while preserving the existing `SupabaseLogo` treatment for
paired authorisation screens.
Cursor uses transparent SVG light/dark variants, Perplexity has cropped
transparent SVG light/dark variants, and OpenAI/ChatGPT uses the newer
monoblossom SVG in black/white variants. Claude remains static until a
suitable variant is available.
Unknown requester icons still render from the provided URL and fall back
to the requester initial if the image fails.
| Before | After |
| --- | --- |
| <img width="828" height="636" alt="Authorize OpenAI
Supabase-E2A05664-589F-458F-8452-9CEE008D558A"
src="https://github.com/user-attachments/assets/140021b1-ff05-4092-98ef-2eae94ff2ddb"
/> | <img width="828" height="636" alt="Authorize OpenAI
Supabase-EC7E00BD-439A-45D1-8E55-240B227C6897"
src="https://github.com/user-attachments/assets/93e603f2-5cbf-4219-b692-d36ac98e8d2a"
/> |
| <img width="828" height="636" alt="66 Authorize OpenAI
Supabase-CB31FF76-86DB-43A6-A426-46B99B8B1B91"
src="https://github.com/user-attachments/assets/b261416e-39b8-40b3-87fd-461653aa0334"
/> | <img width="828" height="636" alt="Authorize OpenAI
Supabase-EAFCF2F2-5CEA-4FE6-8AC0-819F764B414E"
src="https://github.com/user-attachments/assets/35ad7525-0fa9-4438-b117-4e70b78eb719"
/> |
## To test
1. Navigate to `http://localhost:8082/authorize?auth_id=test-auth-id`
2. Open DevTools → Network
3. Find `/platform/oauth/authorizations/test-auth-id`
4. Right-click → Override content
5. Replace the response body with:
```js
{
"name": "Perplexity",
"website": "https://perplexity.ai",
"icon": null,
"domain": "perplexity.ai",
"scopes": [],
"expires_at": "2026-12-31T23:59:59.000Z",
"approved_at": null,
"registration_type": "dynamic"
}
```
6. Then change "name" to Cursor, Claude, ChatGPT, or OpenAI and refresh
to inspect each logo
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* OAuth app requester logos now dynamically adapt to light and dark
themes, with improved logo selection for known requesters.
* Cursor now uses a distinct dark icon variant.
* Added Perplexity client icon support.
* **Bug Fixes**
* Improved logo rendering robustness: if a logo can’t be loaded, the UI
falls back to the requester’s initial.
* **Tests**
* Expanded coverage for theme-aware logo rendering and icon variant
handling, including unknown-icon and fallback scenarios.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
## Problem
The `alternative` variant for `<Button>` has been deprecated but is
still used in a few places.
## Solution
- Migrate usages to the recommended `primary` variant
- Delete the `alternative` variant
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Style**
* Updated several buttons across forms, logs, recent queries, and
release headers to use the primary visual style.
* Button styling is now more consistent throughout the app, with a
cleaner default emphasis for key actions.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
**Stack 1/6** of the TanStack Start migration (#46424), split into
reviewable, independently-mergeable PRs.
> [!IMPORTANT]
> **Next stays the default and only active framework after this PR.**
This wires up the Vite/TanStack-Start build pipeline behind the
`STUDIO_FRAMEWORK` flag, but there are no TanStack routes yet — so the
TanStack build isn't functional or tested until later PRs in the stack.
Nothing about the Next build, dev, or deploy changes behaviourally here.
## What's in this PR
- **Dispatch:** `dev`/`build`/`start` now go through
`scripts/dispatch.js`, which runs the Next variant unless
`STUDIO_FRAMEWORK=tanstack`. The original commands are preserved as
`dev:next`/`build:next`/`start:next`.
- **Build pipeline:** `vite.config.ts`, `serve.js`, `smoke-server.mjs`,
vite/tanstack deps, `turbo.jsonc`.
- **`tsconfig.json`:** `jsx: react-jsx`, `moduleResolution: Bundler`,
`target: ES2022`. Because `include` is `**/*.ts(x)`, this re-typechecks
the whole app, so the companion adaptations below land with it.
- **Shared adaptations (companions to the tsconfig change):**
`BufferSource` casts, `packages/ui` unused-`React` import removals, etc.
- **Routing/middleware plumbing:** `next.config.ts` +
`redirects.shared.ts` (redirect rules now shared with `vercel.ts`),
`proxy.ts`/`start.ts` middleware + `hosted-api-allowlist.ts`.
## Verification
Run locally off `master`: frozen install ✓, `studio` typecheck ✓, **Next
build ✓** (compiles + generates all routes), lint ratchet ✓ ("some rules
improved"), prettier ✓.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added a hosted API endpoint allowlist to return 404 for non-supported
`/api/*` routes.
* Introduced a TanStack route-migration checklist and expanded TanStack
Start routing support.
* **Improvements**
* Enhanced deployment refresh/detection by tightening cookie handling
for “latest deployment” updates.
* Centralized redirect/maintenance-mode rules for consistent platform vs
self-hosted behavior.
* Improved production serving with a dedicated static + proxy server and
a post-build smoke test.
* **Dependencies**
* Updated TanStack-related packages and React Table/query tooling
versions.
* **Documentation / Chores**
* Updated formatting and tooling config; added shared build environment
parsing utilities.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Alaister Young <10985857+alaister@users.noreply.github.com>
Co-authored-by: Ivan Vasilov <vasilov.ivan@gmail.com>
Closes DOCS-974
<img width="891" height="328" alt="Screenshot 2026-06-22 at 3 11 13 PM"
src="https://github.com/user-attachments/assets/d7b49d56-cf77-4c1d-a933-7cbeab3168c2"
/>
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## Problem
From Linear:
Accordion usage in the docs is inconsistent and can render with double
lines instead of single lines.
The current docs contribution guidance appears to recommend wrapping
accordions with an extra div, which seems to be the cause of the extra
divider in some pages.
## Solution
This PR:
- Removes all wrapping `divs` to AccordionItems that adds an extra
border
- For a11y, adds a cursor pointer and a slight bg color change on hover
to make the clickable area more obvious
- For a11y, adds reduce-motion option for animation and `aria-hidden` on
the chevron
**Note:** It is good for a11y to have more than one hover-state
indicator. For example, color-change and an underline.
## Tophatting
To review changes on the preview environment:
1. Go to `/docs/guides/platform/backups` and
`/docs/guides/platform/migrating-to-supabase/auth0#frequently-asked-questions-faq`.
2. Expand accordion.
3. See nothing visually odd such as strange spacing or double borders.
**Note:** To be exhaustive in your review, view all affected URLs and
scan the docs for `border-b` to see if there are any stragglers.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Style**
* Enhanced accordion components with improved hover state styling for
better visual feedback.
* **Refactor**
* Simplified accordion markup across documentation pages for cleaner,
more consistent layout and improved component nesting structure.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Problem
We now use the Shadcn breadcrumb everywhere but we still have the old
breadcrumb code.
## Solution
- Remove the old breadcrumb code
- Fix import paths where needed
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Refactor**
* Consolidated UI component imports across the codebase to use unified
package entrypoints.
* Removed legacy breadcrumb component implementation in favor of
standardized components.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## What
Studio + docs support for two **non-blocking** upgrade-eligibility
warnings for the PG 15.18 / 17.10 release:
- **`ltree_reindex_required`** — ltree indexes on a multibyte / non-libc
database must be `REINDEX`ed after upgrade.
- **`operator_estimator_gate`** — operators referencing a non-built-in
selectivity estimator (CVE-2026-2004) can't be recreated by a
non-superuser.
## Changes
- `UpgradeWarnings.tsx` — title/description/link for both types;
unrecognized warning types are skipped rather than rendering an empty
admonition.
- `apps/docs/.../platform/upgrading.mdx` — two upgrade-guide sections
(with detection + remediation SQL) that the warnings link to.
- `api-types` — the two types added to
`ProjectUpgradeEligibilityResponse.warnings`.
## Server side
Detection/emission lives in the platform repo:
**supabase/platform#34161**. Both warnings are version-gated there (only
fire when upgrading to ≥ 15.16 / 17.8).
Refs: PSQL-1247
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Upgrade warnings now support additional warning types, with
type-specific titles, descriptions, and optional “Read upgrade notes”
links.
* The project upgrade eligibility response now returns these additional
warning types.
* **Bug Fixes**
* Upgrade warnings are rendered consistently for all warning entries (no
special-casing).
* **Documentation**
* Added Postgres `ltree` upgrade warnings, including detection queries
and `REINDEX INDEX CONCURRENTLY` remediation guidance.
* Added operator selectivity estimator warnings, including superuser
requirements and how to detect affected operators.
* **Chores**
* Updated spelling lint exceptions for common terms.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Closes#47012
## What kind of change does this PR introduce?
Bug fix.
## What is the current behavior?
Unencrypted FDW server option values are pre-escaped with
`literal(value).replace(/'/g, "''")` and embedded inside the outer
`create server` `E'...'` string built by `format()`. That nests the
value inside two `E'...'` literals, so backslashes are decoded twice. A
value like `domain\user` aborts wrapper creation with `invalid Unicode
escape`, and `p@ss\w0rd` is silently stored as `p@ssw0rd`.
## What is the new behavior?
Unencrypted option values are passed as `format()` `%L` arguments, the
same way the encrypted options already supply their secret id, so
Postgres escapes each value exactly once.
Before and after, on postgres:16:
| Value | Before | After |
| --- | --- | --- |
| `domain\user` | aborts (invalid Unicode escape) | stored `domain\user`
|
| `p@ss\w0rd` | stored `p@ssw0rd` | stored `p@ss\w0rd` |
| `a\b` | stored `a`+backspace | stored `a\b` |
## Additional context
Added a unit test in `packages/pg-meta/test/sql/studio/fdw.test.ts`
asserting unencrypted options use a `%L` placeholder with the value as a
`format()` argument, and that the old double-escaped form is gone. The
encrypted-option path is unchanged.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Improved handling of special characters in foreign data wrapper server
option values.
* **Tests**
* Added test coverage for foreign data wrapper configuration, including
edge cases with special characters.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context
Changes are mainly within the `FilterBar` component in UI patterns
Supports a `count` option in `filterProperties` for `FilterBar` - which
will render as a filter option but only if the operator is set to
`eq`(opting for this as we don't have the numbers up front for the `neq`
operator)
<img width="389" height="319" alt="image"
src="https://github.com/user-attachments/assets/1d6e7dae-5350-4110-910b-88a5517fbb6e"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Filter options in Unified Logs now display item counts for log type,
method, level, and other enum filters, providing visibility into result
distribution across filter choices.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## What kind of change does this PR introduce?
Add support to use supabase projects as a pg catalog and storage when
adding a ducklake replication.
## What is the current behavior?
Only simple form with raw input text for custom parameters is available.
## What is the new behavior?
Being able to select supabase project to directly use projects in
supabase for the ducklake.
I also fixed a warning we had in the console for this form (cf
screenshot)
## Additional context
[API Changes ](https://github.com/supabase/platform/pull/34282)
https://github.com/user-attachments/assets/4ff9ee65-6ba4-4f17-9ea1-9aebad34171c
<img width="862" height="228" alt="Capture d’écran 2026-06-18 à 09 58
50"
src="https://github.com/user-attachments/assets/1592c3be-807e-426f-9a5a-84979e05d93c"
/>
### Test scenario
Follow the screencast, go to your supabase project (better if it's in
ap-southeast-1)
Create a test table with 1 row for example
-> Database -> Replication -> New destination -> Select ducklake and use
supabase option
-> Keep the same current supabase project selected for both catalog and
storage
-> Create destination -> You'll get a warning about the storage and
credentials
-> Confirm creation
-> Wait until it's in status Running, if it's runing then it works
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Release Notes
* **New Features**
* Added DuckLake replication destination with **Use Supabase** and
**Custom parameters** modes.
* Added DuckLake bucket selection with a **“New bucket”** creation
dialog.
* Added/expanded BigQuery, Analytics Bucket, and Snowflake destination
configuration.
* **Improvements**
* Updated DuckLake create vs edit behavior: mode selection is hidden in
edit mode and configuration is mapped correctly for the selected
variant.
* Enhanced field-level validation (including whitespace-only handling)
and added clearer validation issue messages.
* Added a cross-region warning for DuckLake when catalog and storage
regions differ.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Signed-off-by: Benjamin <5719034+bnjjj@users.noreply.github.com>
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
## Context
Noticed this discrepancy when debugging fetching of feature flags
internally
We use the user's auth session's email to fetch feature flags, but
there's a unique case whereby if the email is updated, the session's
email will still be stale, although the user's `user_metadata.email`
does get updated correctly.
Am hence opting to default to `session?.user.user_metadata.email` for
fetching flags, and falling back to `session?.user.email` instead
## To test
- [ ] Ensure that configcat feature flags are still working as expected
on preview
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Bug Fixes
* Improved reliability of feature flag configuration by enhancing how
user email is retrieved during sessions.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Introduced a new library called Superbase/Server. To help developers
using third party API frameworks, we want to make it easier than ever to
install and use as needed.
- One click copy
- Custom prompt to get started
- Validated API key permissions to ensure we don't leak secrets to other
users in your org/project
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## New Features
- Added a **Server** connection mode end-to-end, including mode-specific
prompting and steps for installing **`@supabase/server`** and setting
required variables.
- Added a server **.env** panel with per-variable copy, **“Copy all
variables”**, and permission-aware secret reveal/copy.
## Improvements
- Updated connection UI layouts (mode selector grid and conditional
config section).
- Improved prompt copying to use mode-specific prompt text when
available.
## Tests
- Added UI tests for server env rendering, secret reveal/copy,
**copy-all** behavior, and permission-restricted scenarios.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
This updates the remaining stale auth hook references after the auth
hooks guide moved from hash anchors to dedicated subpages.
It switches the RBAC guide to the current custom access token hook page,
updates the MFA verification hook reference in both the docs error-code
source and the shared-data export, and fixes the matching custom access
token hook comments in the Slack Clone SQL examples.
Testing: not run. Link-target updates only.
Refs #46947
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Release Notes
* **Documentation**
* Updated error code and auth hook documentation reference links to
point to more specific canonical documentation pages, improving accuracy
of references for developers.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context
If a user switches account without an explicit log out via the
dashboard, landing back on `/org` will redirect users to the last
visited organization as stored in local storage, in which it can result
in the following state if the last visited organization does not exist
in the current account
<img width="2538" height="1060" alt="image"
src="https://github.com/user-attachments/assets/270e482a-3515-48ef-898b-87e76fce80d6"
/>
## Changes involved
Am opting to scope the last visited organization to the user profile
instead - this would be a bit more cleaner than trying to actively clear
the last visited org slug from local storage with implicit account
changes as there's no deterministic way to track that (afaik) from FE
side of things
## To test
Can reproduce the problem as such
- Ensure that you have 2 accounts to log in with, and one account has an
org that the other is not a part of
- For the organization that has the "extra" org, ensure that you click
into it so that the last visited org slug is saved in local storage
- Mimic changing accounts by visiting
`/auth/v1/authorize?provider=github` (using the domain for the env that
you're testing on - e.g localhost:8000 for local, or green for staging
preview)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Unified “last visited organization” handling across the Studio UI with
a shared hook, improving consistency for home/dashboard return,
cancel/back navigation, and account routing.
* **Bug Fixes**
* Updated redirects to only route to an organization when a valid
last-visited value is available; otherwise users go to the general
organizations page.
* Kept MFA enrollment and factor delete/leave flows aligned to the
unified last-visited organization value.
* **Tests**
* Updated onboarding and layout tests to match the new last-visited
organization storage key format and hook/query success behavior.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Details of change
Re-lands DATAENG-1468 (docs page feedback to Postgres) with an
**insert-only** design that avoids the cross-project auth issue that
caused the prior revert.
- New insert-only `feedback_comments` table: anon `insert` policy only
(no select/update/delete). Columns: `page`, `vote`, `title`, `comment`,
`user_id`, `metadata`.
- The docs widget writes the free-text comment to `feedback_comments`
via the **anon key**. The votes `feedback` table is untouched (one row
per vote).
- No user token is sent to the content project anymore (that was the
cause of the previous failure): the feedback client uses the anon key
only.
- The commenter's account user id (gotrue UUID) is read client-side from
the session and stored as a plain `user_id` column for attribution
(comments are logged-in-only). Org/project association is derived
downstream in BigQuery via that id; docs pages aren't project-scoped, so
there's no project_ref/org to capture here.
- Removed the previous update-by-id approach, the per-user RLS policies,
and the obsolete unit test.
## Why the previous version was reverted
It authenticated feedback writes with the supabase.com account session
token, but the requests target the docs content project
(`xguihxuzqibwxjnimxev`), which cannot verify that token. Logged-in
users got `PGRST301 / JWSInvalidSignature`. This version removes the
user token entirely, so writes succeed for everyone.
## Verification
Insert-only RLS means a row can be written but not read/updated/deleted
by `anon`. Comments retrievable with `where comment is not null` is not
needed (separate table); just query `feedback_comments`.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* The feedback form now captures a vote rating along with an optional
title and detailed comments, saving richer context for review.
* **Refactor**
* Feedback submission has been streamlined to write directly to the
database for both vote and comment submissions.
* **Maintenance**
* Updated the feedback data typings to support the new title, comment,
user, page, and vote fields via the new feedback comments storage.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Summary
Aligns 16 telemetry event interface identifiers in
`packages/common/telemetry-constants.ts` so each interface name equals
the PascalCase of its `action` string (`PascalCase(action) + Event`).
This is a follow-up to the GROWTH-798 audit (#45964), which fixed the
`action` strings and several interface names but left these 16
identifiers mismatched. I renamed identifiers only: every `action`
string is untouched, so there is zero impact on PostHog event names or
historical data.
Before this change, 176/192 interfaces matched the convention. This
brings it to 192/192.
## Changes
Structural renames (interface name was dropping or reordering words vs
the action):
- `AskAIEvent` to `AskAiClickedEvent`
- `CopyAsMarkdownEvent` to `CopyAsMarkdownClickedEvent`
- `DocsRecommendation404ClickedEvent` to
`Docs404RecommendationClickedEvent` (from #46990)
- `EventPageCtaClickedEvent` to `WwwEventPageCtaClickedEvent` (completes
the interface side of GROWTH-798 HIGH #1)
- `ImportDataFileAddedEvent` to `ImportDataDropzoneFileAddedEvent` (also
updates the consumer `apps/studio/hooks/ui/useCsvFileDrop.ts`)
- `QueryPerformanceAIExplanationButtonClickedEvent` to
`QueryPerformanceExplainWithAiButtonClickedEvent`
Initialism casing (normalized to the file-majority lowercase transform;
`Sql` 9:2, `Api` 3:2, `Ai` 6:2):
- `CustomReportAddSQLBlockClickedEvent` to
`CustomReportAddSqlBlockClickedEvent`
- `CustomReportAssistantSQLBlockAddedEvent` to
`CustomReportAssistantSqlBlockAddedEvent`
- `HomepageGitHubButtonClickedEvent` to
`HomepageGithubButtonClickedEvent`
- `MetricsAPIBannerCtaButtonClickedEvent` to
`MetricsApiBannerCtaButtonClickedEvent`
- `MetricsAPIBannerDismissButtonClickedEvent` to
`MetricsApiBannerDismissButtonClickedEvent`
- `TableRLSEnabledEvent` to `TableRlsEnabledEvent`
- `RLSGeneratePoliciesClickedEvent` to `RlsGeneratePoliciesClickedEvent`
- `RLSGeneratedPolicyRemovedEvent` to `RlsGeneratedPolicyRemovedEvent`
- `RLSGeneratedPoliciesCreatedEvent` to
`RlsGeneratedPoliciesCreatedEvent`
- `RLSTesterRunQueryClickedEvent` to `RlsTesterRunQueryClickedEvent`
## Testing
Type-only change, no runtime or PostHog behavior to exercise. Verified
that all 192 interfaces now match `PascalCase(action) + Event` (0
mismatches), the `TelemetryEvent` union has no duplicates, no old
identifier names remain anywhere in the repo, and the one external
consumer (`useCsvFileDrop.ts`) still resolves via its `['action']`
indexed access since the action strings are unchanged.
## Linear
- fixes GROWTH-928
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated internal telemetry infrastructure for consistency and
maintainability.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added analytics telemetry for documentation 404 recommendation clicks,
recording the clicked destination and the originating page.
* **Improvements**
* Enhanced the ButtonCard component to optionally handle click actions
via an `onClick` callback and forward it to the underlying link element.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Problem
All inputs don't have the same style when focused
## Solution
Consolidate focus states across inputs
## How to test
Checkout the design system form examples:
https://design-system-git-gildasgarcia-depr-354-consoli-0188d7-supabase.vercel.app/design-system/docs/ui-patterns/forms
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Style**
* Refined focus-visible ring/outline and ring-offset tokens across
buttons, multi-select, radio groups, checkbox, select, and switch for a
more consistent accessible experience.
* Updated focus-state styling details within the shared Button and
related controls (including open-state outline behavior).
* **Refactor**
* Updated icon upload preview triggers in form examples to use the
shared Button component while preserving existing upload behavior and
visuals.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
- closes https://github.com/supabase/supabase/issues/47033
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Table search now matches fully-qualified table names (e.g.,
`schema.table`) when no specific schema is selected, enabling searches
to work seamlessly across all schemas.
* **Tests**
* Added comprehensive test coverage validating schema-qualified table
name matching in search filters.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Reverts supabase/supabase#46941
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Release Notes
* **New Features**
* Feedback is now automatically routed to the appropriate documentation
team based on the section being viewed.
* **Improvements**
* Streamlined feedback submission process—votes and comments are now
collected more efficiently in a single submission.
* Enhanced feedback data handling and organization for better team
collaboration.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context
Dashboard currently doesn't have any support for managing stored
procedures. In the event that the security advisor surfaces a warning
about a stored procedure, users hence run into a dead-end as there's
currently no way to self-remediate via the dashboard
## Changes involved
We're hence adding support for managing stored procedures within
Database Functions
<img width="1082" height="546" alt="image"
src="https://github.com/user-attachments/assets/2598a5fe-e58f-4e8a-ad2f-9cb6d0eb2f53"
/>
Creating a function now shows a dropdown to select the type
<img width="500" alt="image"
src="https://github.com/user-attachments/assets/acc9249d-7b25-4416-aae8-89c630e1c62b"
/>
In which if stored procedure is selected, the following fields will be
hidden since they're irrelevant for stored procedures
- Return type
- Behaviour (Under advanced settings)
Some other minor UI changes as well:
- Field inputs are re-ordered a little, opting to group "Schema" and
"Name" into one section, followed by "Type" and "Return type"
- Opting to show "Return type" when editing a function but disabled
- Add schema filter for fetching database functions to reduce
unnecessary load on the database
## To test
- [ ] Can create, update, delete, read stored procedures via database
functions page
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Summary
- **New Features**
- Added PostgreSQL **procedure** support alongside functions, including
a **Type** selector in the create/edit flow.
- Updated Functions UI with a new **Type** column and procedure-aware
return/argument details.
- **Improvements**
- Refreshed create/edit headers and language help text for clearer
context.
- Improved argument parsing/display, including better handling of
procedure argument modes.
- **Bug Fixes**
- Corrected routine-type handling during function/procedure delete and
update SQL operations.
- **Tests**
- Updated unit snapshots and end-to-end UI flows/labels for the new “New
function” control.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## What
- Route docs page feedback **comments** to Postgres instead of `POST
/platform/feedback/docs` (which created duplicate Linear issues); the
👍/👎 vote is unchanged
- Store the comment on the **existing `feedback` row**: add `user_id` /
`title` / `comment`; submitting a comment updates the vote row the user
just created
- Capture the real `user_id` (`default auth.uid()`) so feedback is tied
to the user
- Owner-scoped RLS — `select`/`update` for authenticated users where
`user_id = auth.uid()`; anonymous votes stay insert-only
- Linear issues still get created, now via the data pipeline instead of
directly from the UI
## Linear
[DATAENG-1468](https://linear.app/supabase/issue/DATAENG-1468)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Feedback follow-ups now support saving a detailed title and comment,
tied to the signed-in user.
* **Bug Fixes**
* Follow-up submissions are now persisted in Supabase, ensuring the vote
and later details stay consistent for logged-in users.
* **Tests**
* Added coverage for updating a feedback entry’s title and comment.
* **Chores**
* Removed the previous feedback submission endpoint/mutation flow in
favor of a Supabase update-based approach.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
## Problem
The date picker pattern we currently have:
- requires developers add classes and props themselves to get the
expected result. This is cumbersome and prone to error.
- does not visually convey the field invalid state like inputs do
<img width="702" height="256" alt="image"
src="https://github.com/user-attachments/assets/cacd6414-6789-42e3-8d06-88e44fd9fe0a"
/>
## Solution
Introduce a new `DatePicker` _UI pattern_ that wraps the `Popover` and
`Button` components to ease the most common scenarios while still
allowing full customization
<img width="699" height="250" alt="image"
src="https://github.com/user-attachments/assets/e80f842c-28b2-4a4f-b316-c2005e771912"
/>
## Component usage
Note how we manually pass the `isInvalid` prop to the
`<DatePickerButton>` to avoid relying on `react-hook-form` contexts
which would make the date picker unusable outside RHF forms.
Alternative would be to also have a `<DatePickerInput>` that could be
used instead of `<DatePickerButton>` when inside an RHF form.
```tsx
<FormField
control={form.control}
name="expiryDate"
render={({ field, fieldState }) => (
<FormItemLayout
layout="horizontal"
label="Date Picker"
description="Date selection with calendar popover"
>
<FormControl className="col-span-6">
<DatePicker>
<DatePickerTrigger asChild>
<DatePickerButton isInvalid={fieldState.invalid}>
{field.value ? format(field.value, 'PPP') : 'Pick a date'}
</DatePickerButton>
</DatePickerTrigger>
<DatePickerContent>
<Calendar
mode="single"
selected={field.value}
onSelect={field.onChange}
initialFocus
/>
</DatePickerContent>
</DatePicker>
</FormControl>
</FormItemLayout>
)}
/>
---------
Co-authored-by: Ivan Vasilov <vasilov.ivan@gmail.com>
## Problem
Our `<Button>` component breaks the default `button` contract by
redefining the `type` prop to set its variant (`primary`, `default`,
etc) instead of the button type (`submit`, `button`, etc).
This is confusing and forces to write more code when using it with
shadcn components that expect/inject the standard button props.
## Solution
- rename the `type` prop to `variant`
- rename the `htmlType` prop to `type`
- propagate the changes where necessary
- format code
## How to test
As this is just prop renaming, if it builds it's ok
---------
Co-authored-by: Ivan Vasilov <vasilov.ivan@gmail.com>
This PR adds an error state to the usage charts on the Project home
page.
<img width="1708" height="471" alt="Screenshot 2026-06-16 at 18 10 20"
src="https://github.com/user-attachments/assets/cba87dad-5e23-4cd1-b787-0ea699445d7f"
/>
I also added an error state to the charts in the [design
system](https://design-system-git-feat-chart-error-state-supabase.vercel.app/design-system/docs/ui-patterns/charts#chart-states).
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Charts now display error states when data retrieval or processing
fails, providing users with clear feedback about issues.
* Improved error visibility and handling across analytics and charting
components for better transparency.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Problem
On pages that needs to check conditions for which data is loaded
asynchronously, the navigation links in the sidebar appear disabled for
a split second:
<img width="1394" height="1636" alt="image"
src="https://github.com/user-attachments/assets/0681966d-676d-4c8c-8bd4-852dcf93ddb7"
/>
## Solution
Check whether the required data is loading and override the styles so
that the links are still disabled to avoid errors but appear as normal.
## How to test
- Open the project setting page
- Check the styles of the sidebar items carefully while it load (might
require to refresh a few times to be sure)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Release Notes
* **New Features**
* Navigation buttons, menu items, and settings menus now display loading
states while project data is being fetched, providing visual feedback
and preventing interaction during data loading operations.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Context
There's certain areas in the dashboard where we're calling
`useTablesQuery` without a schema filter, in which case the dashboard
then fires a query against the project's database to fetch _all_ tables
across _all_ schemas - this could easily be a heavy query if there's a
large number of relations in the project's database.
Am hence opting to either add a schema filter if appropriate, or
otherwise opt to use the infinite loading behaviour
## Changes involved
- Add schema filter to `useTablesQuery` in database triggers and
publications
- Use infinite loading for tables in Cmd K for "Run query on table" and
"Search database tables"
## To test
- [x] Verify that database triggers + publications still function as
expected
- [x] Verify that CMD K "Run query on table" and "Search database
tables" still function as expected (including search)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Implemented debounced infinite-scrolling table search in the command
menu and SQL editor command flow.
* Added a schema selector dropdown to publications management for easier
navigation.
* **Improvements**
* Removed the “Schema” column from the publications tables UI.
* Updated search guidance and table-picker status (counts/loading)
during infinite browsing.
* Trigger table listings now follow the selected schema context.
* Refined command menu list height and improved the database-tables
placeholder text.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Agent Plugin, Agent Skills, and Prompts menu items added to navigation
(now feature-gated).
* **Documentation**
* AI Prompts and Agent Skills sections are now conditionally shown in
the docs based on feature flags.
* **Chores**
* New feature flags for docs (Agent Plugin, Agent Skills, Prompts) added
and enabled in config/schema.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Summary
The Unified Logs promo banner (shipped in #46847) had two telemetry/UX
gaps I found while auditing the weekly PostHog event review. Its CTA
fired one event for two different user paths with no way to tell them
apart, and clicking "Explore" left the banner in place. This adds an
`is_enabled` property to the CTA event and auto-dismisses the banner on
the Explore path.
## Changes
- Add `is_enabled: boolean` to `unified_logs_banner_cta_button_clicked`.
It is `true` when the user is already enabled and the button navigates
to the logs page ("Explore"), and `false` when not enabled and the
button opens the feature-preview modal ("Enable"). The two cohorts are
now queryable independently, which is what makes the CTA data usable for
measuring adoption.
- Auto-dismiss the banner when an already-enabled user clicks "Explore".
Previously only the X button dismissed it, so an Explore click left the
banner showing on the next project page load. Scoped to the Explore path
on purpose: the not-enabled path only opens a preview modal (it does not
enable), so dismissing there would hide the banner from users who never
enabled.
## Testing
Behavior to verify on the Vercel preview:
- [x] Enabled user clicks "Explore Unified Logs": navigates to the logs
page, banner does not reappear on the next project page load, CTA event
fires with `is_enabled` true.
- [x] Non-enabled user clicks "Enable Unified Logs": preview modal
opens, banner is still present after closing the modal, CTA event fires
with `is_enabled` false.
- [x] X button: banner dismissed as before, dismiss event fires.
Out of scope on purpose: no impression event (it would fire on every
banner render, low-millions of events per month for one banner), so true
click-through rate stays unmeasurable for now.
## Linear
- fixes GROWTH-925
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Improvements**
* Unified Logs banner now intelligently updates behavior based on
feature state.
* When enabled, exploring the feature automatically dismisses the
banner.
* When disabled, the enable action opens the feature preview flow.
* Enhanced tracking for banner interactions.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Added landing pages for some events
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Launched three Supabase Select 2026 event pages (Partner Day, VIP
Dinner, VIP Experience) with RSVP flows, agendas, host details, and
thank-you confirmations.
* **Updates**
* RSVP forms now support per-form CRM mapping and explicit field
exclusions for HubSpot.
* Site index updated to include the new event pages.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: shaziya <99940835+shaziyabandukia@users.noreply.github.com>
<img width="1196" height="58" alt="Screenshot 2026-06-12 at 4 21 02 PM"
src="https://github.com/user-attachments/assets/132742b4-652c-4aeb-9296-b830578f153b"
/>
<img width="314" height="209" alt="Screenshot 2026-06-12 at 4 21 07 PM"
src="https://github.com/user-attachments/assets/69bf5e04-3c84-4464-90a6-3297626bfd65"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Introduced a database Replication (ETL) offering now available in Pro,
Team, and Enterprise plans with usage-based billing options.
* Updated the pricing table with explanatory tooltip text to clarify
replication billing and features.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.
YES
## What kind of change does this PR introduce?
Adds a one time banner to the `<BannerStack />` to promote Unified Logs
becoming available. This also fixes the `<BannerStack />` components
issue with stacking varying height banners.
https://github.com/user-attachments/assets/40f02709-0d67-43a9-ab95-750d9a4a582a
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added a dismissible "Unified Logs" banner with an animated sample-log
carousel, CTA to Unified Logs, and a preview/enable flow for non-enabled
users. Dismissal is persisted locally and telemetry is recorded for CTA
and dismiss actions; banner appears only for eligible projects.
* **Refactor**
* Banner stack UI updated to display a single front banner with animated
"peek" slivers and refined hover/animation behavior.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Problem
We lost the button focus state design while migrating to tailwind v4
See https://supabase.com/design-system/docs/components/button and move
to each buttons with the _Tab_ key.
## Solution
Restore it.
## How to test
- Open
https://design-system-git-fix-button-focus-state-supabase.vercel.app/design-system/docs/components/button
- Move to each buttons with the _Tab_ key.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Style**
* Updated Button component styling for improved layout, typography, and
transitions.
* Refined focus state and outline styling for better visual consistency.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
The 'New Group' action used value `'group'` which collided with any
column named `'group'`. Changed to unique sentinel `'__new_group__'`.
## How to test
Create a table with the column Group
```
create table public.test_group_filter (
id bigint generated always as identity primary key,
name text,
"group" text
);
insert into public.test_group_filter (name, "group")
values
('Alice', 'admin'),
('Bob', 'member'),
('Charlie', 'guest');
```
Try to filter on Group, it should work
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Resolved a naming collision in FilterBar where properties named
"group" conflicted with the group creation action, preventing users from
accurately filtering by properties with this name.
* **Tests**
* Added comprehensive test coverage for FilterBar's property selection
and group creation features, verifying correct handling of edge cases
and reserved property names.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
This PR improves the replication UI in the following ways:
- Adds a new selecion picker for destinations which is split by the
destination location and it's clearer and can scale more when we add
more destinations.
- Adds a much improved section on lag, highlighting new metrics that
could help debug issues more easily.
- Improves the copy across the whole code.
- Fixes the 2d topological view of replication with better status
handling.
### Screenshots
<img width="1270" height="777" alt="image"
src="https://github.com/user-attachments/assets/0ffc890e-2f80-47e5-bdb1-75071adda024"
/>
<img width="1665" height="656" alt="image"
src="https://github.com/user-attachments/assets/23a27a02-acb2-4891-af95-5bc1d6ec7bfe"
/>
<img width="1454" height="247" alt="image"
src="https://github.com/user-attachments/assets/c8799983-aa63-42b2-9370-ae4e009c1573"
/>
<img width="1120" height="340" alt="image"
src="https://github.com/user-attachments/assets/20a18ad6-e5a9-40ec-80d4-42d6f783d868"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Live slot health indicators, legend, and connection badges.
* Grouped destination type dropdown with alpha badges.
* **Improvements**
* Clearer UI copy for external destinations, alpha disclaimers, and
onboarding flows.
* Consolidated "n/a" handling for lag displays and richer metric
tooltips.
* Simplified replication diagram visuals and clearer table/row
status/lag presentation.
* Replication status responses now include expanded slot health and lag
metrics.
* **Tests**
* New test suites covering destination selection and destination row
states.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Details of change
Adds Snowflake to the Studio replication destination flow:
- destination selection and display
- create/edit form fields
- validate/create/update payload serialization
- generated Platform API types
Snowflake remains gated behind `etlEnableSnowflakePrivateAlpha`.
**Note:** I have configured `etlEnableSnowflakePrivateAlpha` in
ConfigCat ("all" in staging and tied to my own org id in prod).
## Details of Verification Process
- Studio focused Vitest coverage for form serialization and diagram
mapping
- Studio typecheck
- ESLint on changed Studio replication files
- Local `mise fullstack:dev` smoke test to confirm the Snowflake form
renders ok.
<img width="937" height="569" alt="image"
src="https://github.com/user-attachments/assets/8d6b3a87-1f9d-4a59-91da-be719714ea49"
/>
Full create/validate E2E depends on the Platform PR and ETL runtime
rollout.
## Review Requests
Please check the Snowflake wire payload matches the Platform/ETL
contract and that gating/edit/display behavior follows the existing ETL
destination patterns.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Snowflake added as a supported replication destination (private-alpha
gated), including UI for selecting and configuring connection and auth
(account, user, database, schema, role, private key, optional
passphrase).
* **Validation**
* Form validation and submission now handle Snowflake-specific
required/optional fields.
* **Tests**
* Unit tests added for Snowflake form behavior and replication-type
detection.
* **API**
* Destination create/update/validate flows extended to accept Snowflake
payloads.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## Summary
Replaces the header upgrade CTA (PR #44494, which design team wanted to
iterate on) with a placement experiment that tests three non-chrome
surfaces for the free-plan "Upgrade to Pro" CTA.
PostHog flag `upgradeCtaPlacement` (free-plan users only) with four
arms:
| Variant | Surface |
| --- | --- |
| `control` | No CTA (baseline cohort, still tracked) |
| `user_dropdown` | Full-width button pinned in the account dropdown |
| `org_projects_list` | Project-card-shaped usage tile, first card in
the org project grid |
## Details
### `user_dropdown`
- Full-width `Upgrade to Pro` button in `UserDropdown`, gated to
org-scoped routes only (`/project/*`, `/org/*`) so the org-billing CTA
never shows on `/account`, `/organizations`, etc. — addresses the scope
concern raised in review.
- Dropdown uses controlled `open` state so it closes before navigation
(it lives in the global layout, so a route change alone wouldn't dismiss
the overlay).
### `org_projects_list`
- `PlanUsageCard` renders as the first `<li>` in the project grid (via
`ProjectList`'s `prependCard`), matching `ProjectCard` shape so it reads
like another project tile. Also renders during the project-list loading
state to avoid pop-in.
<img width="3804" height="1494" alt="Arc 2026-06-08 20 02 54"
src="https://github.com/user-attachments/assets/09c2218c-43d1-49ce-bae7-5075c9750d72"
/>
### Shared card styling
- Metric rows (Egress, Database size, Monthly active users, File
storage) show `current / limit` with a progress ring; ring/value turn
warning at ≥80% and over at ≥100%.
- Rows are clickable deep-links to `/org/[slug]/usage#<anchor>` with a
hover chevron and dashed separators; the same row component is used by
both the embedded and project-card variants.
- Skeleton placeholder renders from first paint so the card reserves
layout while `useOrgUsageQuery` resolves.
- Exposure is fired optimistically while the org query loads (skeleton
shows immediately), but the experiment exposure event only fires once
free-plan is confirmed.
### Telemetry
- `upgrade_cta_clicked` with `placement: user_dropdown | home_usage_card
| org_projects_list`.
- `upgrade_cta_placement_experiment_exposed` with `variant` — the custom
exposure event (snake_case experiment id `upgrade_cta_placement`; the
flag key stays camelCase `upgradeCtaPlacement`).
### Header CTA sunset
- `HeaderUpgradeButton` and its wiring in `LayoutHeader` /
`MobileNavigationBar` removed (master's #46144 already removed the
button; this branch drops the remaining `header_upgrade_cta_clicked`
event).
## Before merging
- [x] Create the `upgradeCtaPlacement` flag + experiment in PostHog (4
variants, free-plan targeting, custom exposure event
`upgrade_cta_placement_experiment_exposed`).
- [x] Archive the now-orphaned `headerUpgradeCta` flag.
## Test plan
- [x] Override the flag per variant via the dev toolbar on staging;
confirm each surface renders and `upgrade_cta_clicked` fires with the
right `placement`.
- [x] `control` shows no CTA but still emits the exposure event.
- [x] Paid-plan org and self-hosted (`IS_PLATFORM=false`) show nothing.
- [x] Clicking a metric row deep-links to the matching usage section;
clicking Upgrade routes to billing.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Experimentally surface an “Upgrade to Pro” CTA in the user dropdown
and on the projects page for eligible free-plan orgs.
* Added a Plan Usage card showing free-plan metrics and upgrade prompts
on the organization projects page; hides when irrelevant or errored.
* Project list and its loading view support inserting a custom/prepend
card in card mode.
* **Telemetry**
* Added tracking for CTA clicks and experiment exposure; placement is
persisted per org.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: kemal <hello@kemal.earth>
## Problem
The unified logs view was missing three log sources that the backend
already returns: Realtime (`realtime_logs`), Supavisor
(`supavisor_logs`), and PgBouncer (`pgbouncer_logs`). Users had no way
to filter or view logs from these services in the unified view.
## Fix
- Added `realtime`, `supavisor`, and `pgbouncer` to `LOG_TYPE_PREDICATE`
and `LOG_TYPE_EXPR` in the OTEL query builder so rows from these sources
are matched and labeled correctly.
- Added the three types to `LOG_TYPES` so filter chips appear in the UI.
- Added icons (`Realtime` from the icons package, `Cable` from
lucide-react for both pooler types) in `LogTypeIcon.tsx`.
- Added display labels in `formatServiceTypeForDisplay` (`Realtime`,
`Supavisor`, `PgBouncer`).
- Fixed a pre-existing unsafe cast in `ServiceFlowPanel.tsx` where any
log type not in the service flow allow-list (like the new types) would
produce a truthy `serviceFlowType` and trigger a runtime error on row
click. The fix checks against `SERVICE_FLOW_TYPES` before casting.
Note: `pg_cron_logs` is not included because the backend otel query does
not yet return that source.
## How to test
1. Open unified logs for a project that has Realtime activity.
2. In the log type filter, confirm `realtime`, `supavisor`, and
`pgbouncer` chips are visible.
3. Toggle on `realtime` and confirm Realtime logs appear with the
correct icon.
4. Click a realtime log row and confirm the detail panel opens on the
raw JSON tab without a runtime error.
5. Toggle on `supavisor` or `pgbouncer` and confirm pooler logs appear
if the project has connection pooler activity.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added support for three new log types — Realtime, Supavisor, and
PgBouncer — in Unified Logs with display labels, icons, and
filtering/viewing support.
* **Bug Fixes / UI Behavior**
* Service Flow “Overview” tab now only shows when the service type is
recognized, preventing irrelevant overview content for unsupported log
sources.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Miranda Limonczenko