Commit Graph

526 Commits

Author SHA1 Message Date
Joshen Lim 944c5862f3 Chore/small refactors (#47740)
## Context

Just extracting the fixes which I think are applicable from this
[PR](https://github.com/supabase/supabase/pull/47695)

Main files are
- `apps/studio/hooks/analytics/useLogsQuery.tsx`
- `packages/common/auth.tsx`
- `packages/common/feature-flags.tsx`

## Changes involved
- Adjust `useLogsQuery` to accept an object as prop, rather than 4
individual params
- This one doesn't address any Sentry issues, but is just a improvement
to the function's API imo, more readable
- Adjust how user email is retrieved in `feature-flags`
- Related Sentry issue
[here](https://supabase.sentry.io/issues/7592718607/?project=5459134)
- The error is a bit vague, but Claude's attempt to fix looks alright in
general IMO
  - Minimally verified that feature flags are loading as expected still

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Bug Fixes**
* Improved log-related screens and queries for more reliable loading and
filtering across the app.
* Fixed profile and account data handling so identity details are
retrieved more consistently.
* Improved authentication handling to better recognize missing user data
and keep the app stable.
* Updated feature flag personalization to use more accurate account
information.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-07-08 23:21:48 +08:00
Jeremias Menichelli f5c0074a47 fix: visual tweaks and telemetry added to projectConfigVariables (#47532) 2026-07-02 15:56:06 +02:00
Joshen Lim 9f1ce56322 Add edge log type with service filters (#47493)
## Context

Couple of changes to the Unified Logs logic, mainly to align unified
logs filters with legacy logs behaviour

## Changes involved
- Postgrest + Storage logs will no longer overlap with edge logs source
  - They will specifically just pull logs from their own sources only
- This will match legacy logs behaviour + also the observability
overview behaviour as well
- Re-introduce "API Gateway" as a log type (was there in the old UI)
  - Added service filters for convenience
<img width="271" height="233" alt="image"
src="https://github.com/user-attachments/assets/6264b7c5-e3e8-4db8-a378-4d8c46af3d62"
/>



<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Added **API Gateway** (“Edge”) logs to Unified Logs, including new
sub-filters for auth, storage, and postgrest activity.
  * Updated the default log selection to include API Gateway logs.
* **Bug Fixes**
* Improved how log types are bucketed and filtered, ensuring edge,
postgrest, and storage sources display under the correct views and
toggles.
* Refined “connection logs” filtering so results and counts remain
consistent with the selected options.
* **Style**
* Refined the Unified Logs filter checkbox layout and nested
expand/collapse controls.
* **Tests**
* Updated and expanded query tests to cover the new edge filter
behavior.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-07-01 18:09:56 +08:00
Pamela Chia 98cfe3307e feat(telemetry): fix creation-funnel tracking gaps (#47386)
## Summary

The creation-funnel instrumentation that shipped Jun 25 (#47291, #47293)
had real gaps, surfaced by the weekly telemetry audit and confirmed
against production PostHog data before I touched code. The two automated
reports also contradicted each other on `errorReason`; I checked
production (every value is a controlled slug) and the emit path (only
`useTrackFunnelError` sets it, and it only accepts classified slugs), so
I left the type as-is rather than add a cross-package abstraction for a
risk that cannot occur today.

## Changes

- Classify HTTP 401/403/404 API errors as `unauthorized` / `forbidden` /
`not_found` instead of the catch-all `other`. In production the
`org_creation` `other` bucket was ~96% 401s (~1,300 real over 4 days),
invisible in reason breakdowns. The status-code fallback runs after the
message-pattern match, so specific reasons still win and it only rescues
errors that would otherwise be `other`.
- Add a single `tier` property (`tier_free` / `tier_pro` / `tier_payg` /
`tier_team`) to `organization_creation_completed`, which previously
carried no properties. One canonical billing slug (matching
`SubscriptionTier`) instead of two overlapping plan/tier fields, so the
org-creation funnel segments cleanly by tier and joins against
subscription data. `tier_payg` is uncapped PRO.
- Freeze the submitted tier at submit time (snapshot in `createOrg`)
rather than reading live form state in the success callback, so the
event records the tier that was actually created even if the user edits
the form during the async payment flow.
- Emit `project_creation_form_exposed` with `surface: 'vercel'` on the
integration deploy-button project-creation page (the enum value existed
but was never fired). Gated on the URL `slug` so the impression is
captured as soon as the form renders, matching the sibling exposure hook
on that page.

I also checked the confirm-modal error path flagged in the insights
post: it already classifies via the shared
`useProjectCreateMutation.onError`, so adding instrumentation there
would double-count. No change made.

## Testing

These are analytics events with no UI change, so correctness is in what
lands in PostHog. Post-deploy validation I will run against production
(project 34344):

- `dashboard_error_created` where `origin='org_creation'` and
`errorReason='other'` drops ~96%, with `unauthorized` / `not_found`
appearing.
- `organization_creation_completed.tier` populated on 100% of new events
with one of the four tier slugs.
- `project_creation_form_exposed` with `surface='vercel'` goes from 0 to
greater than 0.

## Linear

- fixes GROWTH-948


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Added telemetry for organization creation completion that includes the
selected billing tier.
* Added one-time telemetry when the Vercel project creation form is
exposed.
* **Bug Fixes**
* Improved API error classification to more accurately distinguish
unauthorized, forbidden, and not found responses.
* **Documentation**
* Updated telemetry event definitions to require tier metadata for
organization creation events.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-30 23:11:53 +08:00
Joshen Lim 1de298ff31 Reinstate https://github.com/supabase/supabase/pull/45143 into latest master (#47433)
## Context

Previous PR was [here](https://github.com/supabase/supabase/pull/45143)
but it got stale with lots of conflicts so figured it'll be easier redo
it off the latest master

Moves policies page from Auth to Database under an Access Control
section along with Roles. This moves all existing files, applies
redirects, and updates urls to point to the new route

<img width="274" height="412" alt="image"
src="https://github.com/user-attachments/assets/7952c185-64ae-4355-ba36-45397efe1787"
/>

<img width="453" height="471" alt="image"
src="https://github.com/user-attachments/assets/04b3dcb3-48a5-4049-9893-d01109fb46a9"
/>


## To test
- [ ] Verify that policies now live under Database correctly

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Added a quick navigation shortcut to open **Database > Policies
(RLS)**.
* **Bug Fixes**
* Updated Policies and RLS-related links across the product to open the
**Database policies** area (menus, command palette, context actions,
alerts, and link-outs).
* Added a permanent redirect from the old **auth policies** URL to the
new **database policies** URL.
* **Documentation**
* Updated RLS Dashboard and security checklist instructions to reference
**Database > Policies**.
* **Tests**
  * Adjusted automated tests to validate the new Policies route.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-30 18:49:33 +08:00
Nik Richers 635b2d6050 docs: standardise next steps on overview pages with content listings (#47097)
## I have read the CONTRIBUTING.md file.

YES

## What kind of change does this PR introduce?

This PR helps standardise link sections which is useful for overview
pages that frequently use similar sections such as "Next steps", "Get
started", or "Examples".

Six high-traffic overview pages are migrated as a pilot, with a skill in
the new
[supabase/docs-agent-skills](https://github.com/supabase/docs-agent-skills)
repo to audit and convert the rest in a follow-on PR.

Refactored from an initial YAML front matter approach per review
feedback from @jeremenichelli. Now implemented as a React component and
using existing linting & Markdown export functionality.

A second round of review feedback further simplified the architecture:
the per-listing component registry was removed in favor of a single
`<ContentListings id="..." />` component backed by an ID-keyed data
lookup, the listing data moved out of `apps/docs/components/` into
`apps/docs/data/content-listings/`, the listing-specific link wrapper
was replaced with the existing `<Link>` + `<GlassPanel>` pattern from
the rest of the docs, and the headings now defer to the shared
`<Heading>` from `MdxBase.shared.tsx` (no parallel marker-to-tag
mapping, no typography overrides). Great feedback, thank you! 🙏

Relates to DOCS-1032.

## What is the current behavior?

Authors implement these sections however they wish. As a result,
overview and index pages use inconsistent patterns for orientation
links: some use hand-rolled Markdown lists, some use custom panel/grid
components, some use buttons, and some have no guidance about where to
go next at all. There is no shared component for these sections and no
analytics on those clicks.

## What is the new behavior?

Authors add orientation sections in two steps:

1. Define listing data in a `.data.ts` file under
`apps/docs/data/content-listings/` (for example, `storage.data.ts`).
Each `ContentListingGroup` has a globally-unique `id` like
`storage-get-started`.
2. Place a single `<ContentListings id="..." />` component inline in
guide MDX.

The ID is also the telemetry `listingId`, so the same value
disambiguates the section in PostHog dashboards.

Grid and list layouts, optional icons (such as
`/docs/img/icons/github-icon` with `-light.svg` variants for dark mode),
and external URLs are supported. Conditionals that use `$Show` around
inline components are also supported, for example for auth pricing.

### Usage example from "Storage" overview page

`apps/docs/data/content-listings/storage.data.ts`:

```ts
export const storageGetStarted: ContentListingGroup = {
  id: 'storage-get-started',
  heading: 'Get started',
  description: 'Choose the bucket type that fits your use case:',
  type: 'grid',
  items: [
    {
      title: 'Files buckets',
      href: '/guides/storage/quickstart',
      description:
        'Store and serve images, videos, documents, and general-purpose files with direct URL access and row-level security.',
    },
    {
      title: 'Analytics buckets',
      href: '/guides/storage/analytics/introduction',
      description:
        'Store data in Apache Iceberg tables for data lakes, logs, and ETL. Query from Postgres via foreign tables with partitioning.',
    },
    {
      title: 'Vector buckets',
      href: '/guides/storage/vector/introduction',
      description:
        'Store embeddings and run similarity search for semantic matching, AI, and RAG. Use HNSW indexing, distance metrics, and metadata filtering.',
    },
  ],
}
```

`apps/docs/content/guides/storage.mdx`:

```mdx
<ContentListings id="storage-get-started" />
```

Renders as:

<img width="689" alt="Storage Get started listing — Files, Analytics,
and Vector buckets"
src="https://github.com/user-attachments/assets/0d1b9531-962f-40ae-891e-b1e93ff1c939"
/>

<br>Exported in Markdown as:

```md
## Get started

Choose the bucket type that fits your use case:

- **[Files buckets](/docs/guides/storage/quickstart):** Store and serve images, videos, documents, and general-purpose files with direct URL access and row-level security.
- **[Analytics buckets](/docs/guides/storage/analytics/introduction):** Store data in Apache Iceberg tables for data lakes, logs, and ETL. Query from Postgres via foreign tables with partitioning.
- **[Vector buckets](/docs/guides/storage/vector/introduction):** Store embeddings and run similarity search for semantic matching, AI, and RAG. Use HNSW indexing, distance metrics, and metadata filtering.
```

Click tracking fires via PostHog (`docs_content_listing_clicked`):

```json
{
  "action": "docs_content_listing_clicked",
  "custom_properties": {
    "targetPath": "/guides/storage/quickstart",
    "linkTitle": "Files buckets",
    "groupTitle": "Get started",
    "listingId": "storage-get-started"
  }
}
```

Still finding my way around PostHog, but I verified on preview deploy
that clicking a content listing on `/docs/guides/auth` sends
`docs_content_listing_clicked` to
`https://api.supabase.green/platform/telemetry/event` and receives HTTP
201.

### Authoring experience

Three ways to add or convert content listings: copy the agent prompt
first, use snippets for manual edits, or invoke the audit skill for
batch follow-on work. Refer to `CONTRIBUTING.md` for the full authoring
guide.

#### 1. Agent prompt

Copy into Cursor or another AI assistant:

```text
Add a content listing block for [TOPIC] / [SECTION] (for example, Storage / Examples).
Follow CONTRIBUTING § Content listings in apps/docs.
- Add data to apps/docs/data/content-listings/[topic].data.ts
- Use a globally-unique kebab-case id like `[topic]-[section]`
- Place inline in the guide MDX with <ContentListings id="..." />
- Copy structure from storageGetStarted in apps/docs/data/content-listings/storage.data.ts
- Run pnpm test:local lib/content-listings.test.ts from apps/docs
```

#### 2. VS Code / Cursor snippets

Type these prefixes in the docs workspace
(`.vscode/content-listing.code-snippets`):

| Prefix | Inserts |
| ----------- | --------------------------------------------------------
|
| `cl-data` | `ContentListingGroup` export skeleton with namespaced id |
| `cl-inline` | `<ContentListings id="…" />` in guide MDX |

<img width="658" height="274" alt="image"
src="https://github.com/user-attachments/assets/5ef20954-7aee-4925-887d-79a5ae766b37"
/>

#### 3. Batch audit skill

For follow-on overview page conversion or maintenance, use the
[`audit-content-listings`](https://github.com/supabase/docs-agent-skills/blob/main/.claude/skills/audit-content-listings/SKILL.md)
skill in `docs-agent-skills` (skill, `conversion-manifest.json`, and
validation script).

Example:

```text
Use audit-content-listings. Audit getting-started.mdx, update conversion-manifest.json, then convert the next unconverted section only.
```

## Additional context

The implementation includes a presentational `<ContentListings />`
component (grid/list layouts, GlassPanel, telemetry) backed by ID-keyed
data modules, and a single markdown export handler that reads the same
`id` prop from the JSX and looks up data via the shared registry.

Key files:

- **Data:** `apps/docs/data/content-listings/` (one `.data.ts` file per
guide topic, plus `index.ts` exporting `CONTENT_LISTINGS` and
`getContentListingById`)
- **Renderer:** `apps/docs/components/ContentListings/` (single
`<ContentListings id="…" />` component); registered in
`apps/docs/features/docs/MdxBase.shared.tsx`
- **Types/helpers:** `apps/docs/lib/content-listings.schema.ts` (zod
schemas, type aliases, grid/heading/href helpers)
- **Markdown export:** `apps/docs/internals/markdown-schema/Listings.ts`
(single ID-driven handler) wired into
`apps/docs/internals/generate-guides-markdown.ts`
- **Telemetry:** `docs_content_listing_clicked` defined in
`packages/common/telemetry-constants.ts`, fired from
`ContentListings.client.tsx`
- **Authoring guide:** `apps/docs/CONTRIBUTING.md` (Components and
elements → Content listings)
- **VS Code snippets:** `.vscode/content-listing.code-snippets`
(`cl-data`, `cl-inline`)

### Before & After

#### Auth

| [Before (production)](https://supabase.com/docs/guides/auth) | [After
(preview)](https://docs-git-fork-nrichers-nikrichers-docs-1032-sta-e2a8cb-supabase.vercel.app/docs/guides/auth)
|
|
---------------------------------------------------------------------------------------------------------------------------
|
---------------------------------------------------------------------------------------------------------------------------
|
| ![Auth
before](https://moijyfpvgnmgoxvwcikq.supabase.co/storage/v1/object/public/pr-proof/supabase/supabase/pr47097/auth-before-dbc93ccd.png)
| ![Auth
after](https://moijyfpvgnmgoxvwcikq.supabase.co/storage/v1/object/public/pr-proof/supabase/supabase/pr47097/auth-after-789b25a6.png)
|

#### Database overview

| [Before
(production)](https://supabase.com/docs/guides/database/overview) |
[After
(preview)](https://docs-git-fork-nrichers-nikrichers-docs-1032-sta-e2a8cb-supabase.vercel.app/docs/guides/database/overview)
|
|
--------------------------------------------------------------------------------------------------------------------------------------------------
|
--------------------------------------------------------------------------------------------------------------------------------------------------
|
| ![Database
before](https://moijyfpvgnmgoxvwcikq.supabase.co/storage/v1/object/public/pr-proof/supabase/supabase/pr47097/database-before-0d32136a.png)
| ![Database
after](https://moijyfpvgnmgoxvwcikq.supabase.co/storage/v1/object/public/pr-proof/supabase/supabase/pr47097/database-after-22447d16.png)
|

#### Edge Functions

| [Before (production)](https://supabase.com/docs/guides/functions) |
[After
(preview)](https://docs-git-fork-nrichers-nikrichers-docs-1032-sta-e2a8cb-supabase.vercel.app/docs/guides/functions)
|
|
--------------------------------------------------------------------------------------------------------------------------------------------
|
--------------------------------------------------------------------------------------------------------------------------------------------
|
| ![Functions
before](https://moijyfpvgnmgoxvwcikq.supabase.co/storage/v1/object/public/pr-proof/supabase/supabase/pr47097/functions-before-11319580.png)
| ![Functions
after](https://moijyfpvgnmgoxvwcikq.supabase.co/storage/v1/object/public/pr-proof/supabase/supabase/pr47097/functions-after-83268362.png)
|

#### Storage

| [Before (production)](https://supabase.com/docs/guides/storage) |
[After
(preview)](https://docs-git-fork-nrichers-nikrichers-docs-1032-sta-e2a8cb-supabase.vercel.app/docs/guides/storage)
|
|
----------------------------------------------------------------------------------------------------------------------------------------
|
----------------------------------------------------------------------------------------------------------------------------------------
|
| ![Storage
before](https://moijyfpvgnmgoxvwcikq.supabase.co/storage/v1/object/public/pr-proof/supabase/supabase/pr47097/storage-before-9b4ae535.png)
| ![Storage
after](https://moijyfpvgnmgoxvwcikq.supabase.co/storage/v1/object/public/pr-proof/supabase/supabase/pr47097/storage-after-7503d664.png)
|

#### Realtime

| [Before (production)](https://supabase.com/docs/guides/realtime) |
[After
(preview)](https://docs-git-fork-nrichers-nikrichers-docs-1032-sta-e2a8cb-supabase.vercel.app/docs/guides/realtime)
|
|
-------------------------------------------------------------------------------------------------------------------------------------------
|
-------------------------------------------------------------------------------------------------------------------------------------------
|
| ![Realtime
before](https://moijyfpvgnmgoxvwcikq.supabase.co/storage/v1/object/public/pr-proof/supabase/supabase/pr47097/realtime-before-6eb5b125.png)
| ![Realtime
after](https://moijyfpvgnmgoxvwcikq.supabase.co/storage/v1/object/public/pr-proof/supabase/supabase/pr47097/realtime-after-92ec7d74.png)
|

#### Getting Started (partial migration for demoing)

| [Before
(production)](https://supabase.com/docs/guides/getting-started) | [After
(preview)](https://docs-git-fork-nrichers-nikrichers-docs-1032-sta-e2a8cb-supabase.vercel.app/docs/guides/getting-started)
|
|
------------------------------------------------------------------------------------------------------------------------------------------------------
|
------------------------------------------------------------------------------------------------------------------------------------------------------
|
| ![Getting Started
before](https://moijyfpvgnmgoxvwcikq.supabase.co/storage/v1/object/public/pr-proof/supabase/supabase/pr47097/getting-started-before-89251d7b.png)
| ![Getting Started
after](https://moijyfpvgnmgoxvwcikq.supabase.co/storage/v1/object/public/pr-proof/supabase/supabase/pr47097/getting-started-after-3e33c6d4.png)
|

### Test plan

- [ ] Visually verify migrated pages render correctly:
- [ ] `/guides/auth` — grid "Get started", conditional pricing list,
grid "Next steps"
  - [ ] `/guides/database/overview` — get started + next steps listings
  - [ ] `/guides/getting-started` — top 3-column grid
  - [ ] `/guides/functions` — get started + example listings
  - [ ] `/guides/storage` — get started, examples, resources listings
  - [ ] `/guides/realtime` — get started, examples, resources listings
- [ ] Confirm listings render at explicit page positions
- [ ] Click a content listing link and verify
`docs_content_listing_clicked` fires in PostHog with expected properties
(the new `listingId` is the namespaced kebab-case id, e.g.
`storage-get-started`)
- [ ] Build docs and confirm `.md` alternate output includes listing
sections at component placement (e.g.
`public/markdown/guides/storage.md`)
- [ ] Run unit tests: `pnpm test:local lib/content-listings.test.ts` in
`apps/docs`

## Summary by CodeRabbit

## Release Notes

* **New Features**
* Introduced a standardized content listings system for organizing
related guides and resources.
* Content listings now support both grid and list layouts for consistent
presentation.
  * Added click telemetry for content listing interactions.

* **Documentation**
* Updated authentication, database, functions, getting started,
realtime, and storage guide pages to use the new content listing
components.
* Improved MDX structure examples and listing markup formatting in
contributor documentation.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->



<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

## Release Notes

* **New Features**
* Introduced a new content listings component for displaying guide
content in list and grid layouts across documentation pages.
* Added telemetry tracking for content listing interactions to measure
user engagement.

* **Documentation**
* Updated guide pages (Authentication, Database, Functions, Storage,
Realtime, Getting Started) to use the new listings layout.
* Added contribution guidelines for creating and managing content
listings in documentation.

* **Tests**
* Added comprehensive test coverage for content listings validation,
serialization, and rendering.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Nik Richers <nik@validmind.ai>
Co-authored-by: Jeremias Menichelli <jmenichelli@gmail.com>
2026-06-29 23:57:12 +00:00
Ivan Vasilov a9565c1645 refactor: Optimize Sentry user ids (#47342)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Bug Fixes**
* Improved signed-in user identification in error tracking to use the
current authenticated user ID directly.
* Removed reliance on previously stored anonymous identifiers, reducing
inconsistent user matching across sessions.
* **Tests**
* Added coverage to confirm error tracking user identity is set when a
user is signed in and not set when signed out.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-26 17:25:52 +02:00
Pamela Chia 0a797ef4ea feat(studio): add creation funnel telemetry (#47291)
## Summary

Adds frontend funnel telemetry to the organization-creation and
project-creation flows in Studio, so each is measurable as a funnel
(form exposed → completed) entirely from frontend events. Feeds the KPI
3 FE Benchmark Friction dashboard. Org creation had zero frontend funnel
events before this (only a backend event that fires across every
surface), and project creation had no clean form-view impression.

## Changes

- Define `organization_creation_form_exposed`,
`organization_creation_completed`, and `project_creation_form_exposed`
in the telemetry constants.
- Fire `organization_creation_form_exposed` when the new-org form
renders, gated on the profile resolving so pre-auth redirects are not
counted. Fire `organization_creation_completed` from the create success
callback, covering both the free and the paid pending-payment-intent
paths, attaching the new org slug as the organization group.
- Fire `project_creation_form_exposed` once the org and the
create-project permission have resolved, so it anchors on the form being
visible rather than the route loading. Project completion reuses the
existing client-side success event, so no duplicate completion event was
added.

## Notes

I chose exposed → completed over exposed → submitted. The org slug only
exists after the create API resolves, so the completion event is the
only org-funnel event that can carry the organization group; a
submit-time event cannot, which would break org-level segmentation. A
pageview is not a sufficient exposure anchor either: pageview capture is
off, and the manual pageview fires on route change before the form is
interactive (pre-auth redirect, async permission load, the no-org
redirect).

The `completed` verb follows the repo's approved-verb list
(`.claude/skills/telemetry-standards`); the repo previously migrated
`branch_merge_succeeded` to `branch_merge_completed` for the same
reason.

## Testing

Tested on the preview deploy:

- [x] `/dashboard/new` while signed in →
`organization_creation_form_exposed` fires once.
- [x] Create a free org → `organization_creation_completed` fires with
the organization group set.
- [x] `/dashboard/new/[slug]` with create permission →
`project_creation_form_exposed` fires once with `surface=main` and the
organization group.
- [x] No event re-fires on re-render or tab refocus.

Post-deploy: confirm in PostHog prod (project 34344) via HogQL that each
event fires with the expected properties and the organization / project
group set.

## Linear

- fixes FE-3690


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **New Features**
* Added improved tracking for organization and project creation flows,
including when forms are shown and when organization creation completes.
* Captures creation metadata to support better reporting on onboarding
and setup progress.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-25 13:17:11 +00:00
Pamela Chia 2d0bcd4714 feat(telemetry): classify funnel creation errors (#47293)
## Summary

The KPI-3 friction dashboard needs to know *why* users hit errors on the
signup, project-creation, and org-creation funnels, not just that they
did. The existing `dashboard_error_created` event already fires for
these paths (10% sampled, with `$pathname`), but carries no reason:
~98.5% of events have no `errorType` and no property carries an error
message. This adds PII-safe classification computed client-side from a
controlled vocabulary, so raw error text never leaves the browser.
Validation errors (previously invisible, since they are inline form
errors that never raise a toast) are now captured on invalid submit.

## Changes

- Extend `dashboard_error_created` with `origin`, `errorCategory`,
`errorReason`, `errorCode`, and a `form` source value
- Add a pure, unit-tested classifier (`funnel-errors.ts`) and a
10%-sampled tracking hook (`use-track-funnel-error.ts`); the classifier
maps errors to stable slugs and emits only slugs + HTTP status, never
raw message text
- Classify signup errors (API failures + validation) in `SignUpForm`
- Classify project-creation errors (API failures, OrioleDB guard,
validation) in the new-project wizard
- Classify org-creation errors (API failures, payment/card declines,
confirm-subscription, validation) in `NewOrgForm`

## Testing

13 unit tests cover every classifier branch (validation / api / network
/ payment, status-code handling, message-pattern matching, and
fallbacks).

To verify on the Vercel preview (events are 10% sampled; set the sample
rate to 1 locally to observe each fire):
- Signup with a weak but non-empty password: `origin=signup,
source=form, errorCategory=validation, errorReason=password_invalid`
- Signup with an already-registered email: `origin=signup, source=toast,
errorCategory=api, errorReason=email_already_registered`
- New project with an empty name: `origin=project_creation, source=form,
errorReason=project_name_invalid`
- New org with an empty name: `origin=org_creation, source=form,
errorReason=org_name_missing`
- New org with a declined test card: `origin=org_creation,
errorCategory=payment`

PII: raw `error.message` is never sent; only controlled slugs and HTTP
status. Dashboard consumers must filter `origin IS NOT NULL` so these do
not collide with the generic toast events the global tracker still
emits.

## Linear

- fixes FE-3691


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Added improved, categorized telemetry for signup, project creation,
and organization creation errors, including payment,
subscription-change, and validation failures.
* Extended dashboard error events with optional structured diagnostics
(origin, category, reason, and optional error code) and support for
form-origin reporting.

* **Bug Fixes**
* Improved project-creation handling to record a validation telemetry
event when an Oriole image is unavailable.
* Ensured payment-related and subscription-change failures are captured
consistently alongside existing user toasts.

* **Tests**
* Added unit tests covering API/network/validation/Stripe error
classification and reason mapping.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-25 20:56:23 +08:00
Ivan Vasilov 631209f7ce chore: Bump vulnerable dependencies (#47269)
Bump several packages:
- Bump all instances of dompurify (patch version bump)
- Bump `posthog-js` to get a newer version of `@opentelemetry/core`
- Bump `@sentry/nextjs` to get a newer version of `@opentelemetry/core`
- Bump `redocly-cli` to get a newer version of `@opentelemetry/core`
- Bump `undici`

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Chores**
* Updated several project dependencies to newer versions, including
documentation tooling, analytics, and error-tracking packages.
* These updates may improve stability, compatibility, and access to the
latest fixes.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-25 08:50:27 +02:00
Alex Hall c7ab0c7370 feat(studio): marketplace preview listings (#47004)
Updates the Studio integrations marketplace to support the new
marketplace-specific database view and `preview` status
2026-06-23 11:16:58 -04:00
Joshen Lim 0b828f3960 Nit (#47109)
## Context

Add guards
2026-06-19 07:51:31 +00:00
Joshen Lim 6fc234cdd4 Use user_metadata email to fetch configcat flags (#47103)
## Context

Noticed this discrepancy when debugging fetching of feature flags
internally

We use the user's auth session's email to fetch feature flags, but
there's a unique case whereby if the email is updated, the session's
email will still be stale, although the user's `user_metadata.email`
does get updated correctly.

Am hence opting to default to `session?.user.user_metadata.email` for
fetching flags, and falling back to `session?.user.email` instead

## To test
- [ ] Ensure that configcat feature flags are still working as expected
on preview

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

## Bug Fixes
* Improved reliability of feature flag configuration by enhancing how
user email is retrieved during sessions.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-19 15:19:34 +08:00
Ali Waseem cedc4c8187 feat: Add Server lib to connect w/ ability to copy env (#47056)
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.

YES

## What kind of change does this PR introduce?

Introduced a new library called Superbase/Server. To help developers
using third party API frameworks, we want to make it easier than ever to
install and use as needed.
- One click copy
- Custom prompt to get started
- Validated API key permissions to ensure we don't leak secrets to other
users in your org/project

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

## New Features
- Added a **Server** connection mode end-to-end, including mode-specific
prompting and steps for installing **`@supabase/server`** and setting
required variables.
- Added a server **.env** panel with per-variable copy, **“Copy all
variables”**, and permission-aware secret reveal/copy.

## Improvements
- Updated connection UI layouts (mode selector grid and conditional
config section).
- Improved prompt copying to use mode-specific prompt text when
available.

## Tests
- Added UI tests for server env rendering, secret reveal/copy,
**copy-all** behavior, and permission-restricted scenarios.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-18 08:41:11 -06:00
Joshen Lim fd0f2dd459 Scope last visited organization local storage to profile (#47071)
## Context

If a user switches account without an explicit log out via the
dashboard, landing back on `/org` will redirect users to the last
visited organization as stored in local storage, in which it can result
in the following state if the last visited organization does not exist
in the current account
<img width="2538" height="1060" alt="image"
src="https://github.com/user-attachments/assets/270e482a-3515-48ef-898b-87e76fce80d6"
/>

## Changes involved
Am opting to scope the last visited organization to the user profile
instead - this would be a bit more cleaner than trying to actively clear
the last visited org slug from local storage with implicit account
changes as there's no deterministic way to track that (afaik) from FE
side of things

## To test
Can reproduce the problem as such
- Ensure that you have 2 accounts to log in with, and one account has an
org that the other is not a part of
- For the organization that has the "extra" org, ensure that you click
into it so that the last visited org slug is saved in local storage
- Mimic changing accounts by visiting
`/auth/v1/authorize?provider=github` (using the domain for the env that
you're testing on - e.g localhost:8000 for local, or green for staging
preview)

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Unified “last visited organization” handling across the Studio UI with
a shared hook, improving consistency for home/dashboard return,
cancel/back navigation, and account routing.

* **Bug Fixes**
* Updated redirects to only route to an organization when a valid
last-visited value is available; otherwise users go to the general
organizations page.
* Kept MFA enrollment and factor delete/leave flows aligned to the
unified last-visited organization value.

* **Tests**
* Updated onboarding and layout tests to match the new last-visited
organization storage key format and hook/query success behavior.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-18 17:42:18 +08:00
Taha Le Bras acbec2949d feat(docs): route docs page feedback comments to Postgres (#47041)
## Details of change

Re-lands DATAENG-1468 (docs page feedback to Postgres) with an
**insert-only** design that avoids the cross-project auth issue that
caused the prior revert.

- New insert-only `feedback_comments` table: anon `insert` policy only
(no select/update/delete). Columns: `page`, `vote`, `title`, `comment`,
`user_id`, `metadata`.
- The docs widget writes the free-text comment to `feedback_comments`
via the **anon key**. The votes `feedback` table is untouched (one row
per vote).
- No user token is sent to the content project anymore (that was the
cause of the previous failure): the feedback client uses the anon key
only.
- The commenter's account user id (gotrue UUID) is read client-side from
the session and stored as a plain `user_id` column for attribution
(comments are logged-in-only). Org/project association is derived
downstream in BigQuery via that id; docs pages aren't project-scoped, so
there's no project_ref/org to capture here.
- Removed the previous update-by-id approach, the per-user RLS policies,
and the obsolete unit test.

## Why the previous version was reverted

It authenticated feedback writes with the supabase.com account session
token, but the requests target the docs content project
(`xguihxuzqibwxjnimxev`), which cannot verify that token. Logged-in
users got `PGRST301 / JWSInvalidSignature`. This version removes the
user token entirely, so writes succeed for everyone.

## Verification

Insert-only RLS means a row can be written but not read/updated/deleted
by `anon`. Comments retrievable with `where comment is not null` is not
needed (separate table); just query `feedback_comments`.


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* The feedback form now captures a vote rating along with an optional
title and detailed comments, saving richer context for review.
* **Refactor**
* Feedback submission has been streamlined to write directly to the
database for both vote and comment submissions.
* **Maintenance**
* Updated the feedback data typings to support the new title, comment,
user, page, and vote fields via the new feedback comments storage.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-18 11:20:56 +02:00
Jordi Enric 15ef851e67 feat(studio): homepage usage charts backed by service-health, behind a flag (#46373) 2026-06-17 21:51:23 +02:00
Pamela Chia dc5ddd8c4c chore(telemetry): align event interface names with action strings (#47048)
## Summary

Aligns 16 telemetry event interface identifiers in
`packages/common/telemetry-constants.ts` so each interface name equals
the PascalCase of its `action` string (`PascalCase(action) + Event`).
This is a follow-up to the GROWTH-798 audit (#45964), which fixed the
`action` strings and several interface names but left these 16
identifiers mismatched. I renamed identifiers only: every `action`
string is untouched, so there is zero impact on PostHog event names or
historical data.

Before this change, 176/192 interfaces matched the convention. This
brings it to 192/192.

## Changes

Structural renames (interface name was dropping or reordering words vs
the action):
- `AskAIEvent` to `AskAiClickedEvent`
- `CopyAsMarkdownEvent` to `CopyAsMarkdownClickedEvent`
- `DocsRecommendation404ClickedEvent` to
`Docs404RecommendationClickedEvent` (from #46990)
- `EventPageCtaClickedEvent` to `WwwEventPageCtaClickedEvent` (completes
the interface side of GROWTH-798 HIGH #1)
- `ImportDataFileAddedEvent` to `ImportDataDropzoneFileAddedEvent` (also
updates the consumer `apps/studio/hooks/ui/useCsvFileDrop.ts`)
- `QueryPerformanceAIExplanationButtonClickedEvent` to
`QueryPerformanceExplainWithAiButtonClickedEvent`

Initialism casing (normalized to the file-majority lowercase transform;
`Sql` 9:2, `Api` 3:2, `Ai` 6:2):
- `CustomReportAddSQLBlockClickedEvent` to
`CustomReportAddSqlBlockClickedEvent`
- `CustomReportAssistantSQLBlockAddedEvent` to
`CustomReportAssistantSqlBlockAddedEvent`
- `HomepageGitHubButtonClickedEvent` to
`HomepageGithubButtonClickedEvent`
- `MetricsAPIBannerCtaButtonClickedEvent` to
`MetricsApiBannerCtaButtonClickedEvent`
- `MetricsAPIBannerDismissButtonClickedEvent` to
`MetricsApiBannerDismissButtonClickedEvent`
- `TableRLSEnabledEvent` to `TableRlsEnabledEvent`
- `RLSGeneratePoliciesClickedEvent` to `RlsGeneratePoliciesClickedEvent`
- `RLSGeneratedPolicyRemovedEvent` to `RlsGeneratedPolicyRemovedEvent`
- `RLSGeneratedPoliciesCreatedEvent` to
`RlsGeneratedPoliciesCreatedEvent`
- `RLSTesterRunQueryClickedEvent` to `RlsTesterRunQueryClickedEvent`

## Testing

Type-only change, no runtime or PostHog behavior to exercise. Verified
that all 192 interfaces now match `PascalCase(action) + Event` (0
mismatches), the `TelemetryEvent` union has no duplicates, no old
identifier names remain anywhere in the repo, and the one external
consumer (`useCsvFileDrop.ts`) still resolves via its `['action']`
indexed access since the action strings are unchanged.

## Linear

- fixes GROWTH-928


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Chores**
* Updated internal telemetry infrastructure for consistency and
maintainability.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-17 23:31:03 +08:00
Chris Chinchilla 309f4b2612 docs: Track 404 recommendation clicked (#46990)
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.

YES


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Added analytics telemetry for documentation 404 recommendation clicks,
recording the clicked destination and the originating page.

* **Improvements**
* Enhanced the ButtonCard component to optionally handle click actions
via an `onClick` callback and forward it to the underlying link element.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-17 22:56:53 +08:00
Chris Chinchilla c9baed829f Revert "feat(docs): route docs page feedback comments to Postgres" (#47027)
Reverts supabase/supabase#46941

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

## Release Notes

* **New Features**
* Feedback is now automatically routed to the appropriate documentation
team based on the section being viewed.

* **Improvements**
* Streamlined feedback submission process—votes and comments are now
collected more efficiently in a single submission.
* Enhanced feedback data handling and organization for better team
collaboration.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-17 11:49:45 +00:00
Taha Le Bras de76c83238 feat(docs): route docs page feedback comments to Postgres (#46941)
## What

- Route docs page feedback **comments** to Postgres instead of `POST
/platform/feedback/docs` (which created duplicate Linear issues); the
👍/👎 vote is unchanged
- Store the comment on the **existing `feedback` row**: add `user_id` /
`title` / `comment`; submitting a comment updates the vote row the user
just created
- Capture the real `user_id` (`default auth.uid()`) so feedback is tied
to the user
- Owner-scoped RLS — `select`/`update` for authenticated users where
`user_id = auth.uid()`; anonymous votes stay insert-only
- Linear issues still get created, now via the data pipeline instead of
directly from the UI

## Linear

[DATAENG-1468](https://linear.app/supabase/issue/DATAENG-1468)

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Feedback follow-ups now support saving a detailed title and comment,
tied to the signed-in user.
* **Bug Fixes**
* Follow-up submissions are now persisted in Supabase, ensuring the vote
and later details stay consistent for logged-in users.
* **Tests**
  * Added coverage for updating a feedback entry’s title and comment.
* **Chores**
* Removed the previous feedback submission endpoint/mutation flow in
favor of a Supabase update-based approach.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-17 12:32:09 +02:00
Chris Chinchilla a1cc7294b2 docs: Add the ability to individually toggle AI features (#46807)
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.

YES

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Agent Plugin, Agent Skills, and Prompts menu items added to navigation
(now feature-gated).
* **Documentation**
* AI Prompts and Agent Skills sections are now conditionally shown in
the docs based on feature flags.
* **Chores**
* New feature flags for docs (Agent Plugin, Agent Skills, Prompts) added
and enabled in config/schema.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-16 09:19:41 +02:00
Pamela Chia 91982e6a2d feat(studio): track unified logs cta variant and auto-dismiss on explore (#46940)
## Summary
The Unified Logs promo banner (shipped in #46847) had two telemetry/UX
gaps I found while auditing the weekly PostHog event review. Its CTA
fired one event for two different user paths with no way to tell them
apart, and clicking "Explore" left the banner in place. This adds an
`is_enabled` property to the CTA event and auto-dismisses the banner on
the Explore path.

## Changes
- Add `is_enabled: boolean` to `unified_logs_banner_cta_button_clicked`.
It is `true` when the user is already enabled and the button navigates
to the logs page ("Explore"), and `false` when not enabled and the
button opens the feature-preview modal ("Enable"). The two cohorts are
now queryable independently, which is what makes the CTA data usable for
measuring adoption.
- Auto-dismiss the banner when an already-enabled user clicks "Explore".
Previously only the X button dismissed it, so an Explore click left the
banner showing on the next project page load. Scoped to the Explore path
on purpose: the not-enabled path only opens a preview modal (it does not
enable), so dismissing there would hide the banner from users who never
enabled.

## Testing
Behavior to verify on the Vercel preview:
- [x] Enabled user clicks "Explore Unified Logs": navigates to the logs
page, banner does not reappear on the next project page load, CTA event
fires with `is_enabled` true.
- [x] Non-enabled user clicks "Enable Unified Logs": preview modal
opens, banner is still present after closing the modal, CTA event fires
with `is_enabled` false.
- [x] X button: banner dismissed as before, dismiss event fires.

Out of scope on purpose: no impression event (it would fire on every
banner render, low-millions of events per month for one banner), so true
click-through rate stays unmeasurable for now.

## Linear
- fixes GROWTH-925


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Improvements**
* Unified Logs banner now intelligently updates behavior based on
feature state.
* When enabled, exploring the feature automatically dismisses the
banner.
  * When disabled, the enable action opens the feature preview flow.
  * Enhanced tracking for banner interactions.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-15 15:07:03 +00:00
kemal.earth 3162cad715 feat(studio): add a banner to promote unified logs (#46847)
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.

YES

## What kind of change does this PR introduce?

Adds a one time banner to the `<BannerStack />` to promote Unified Logs
becoming available. This also fixes the `<BannerStack />` components
issue with stacking varying height banners.



https://github.com/user-attachments/assets/40f02709-0d67-43a9-ab95-750d9a4a582a




<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Added a dismissible "Unified Logs" banner with an animated sample-log
carousel, CTA to Unified Logs, and a preview/enable flow for non-enabled
users. Dismissal is persisted locally and telemetry is recorded for CTA
and dismiss actions; banner appears only for eligible projects.

* **Refactor**
* Banner stack UI updated to display a single front banner with animated
"peek" slivers and refined hover/animation behavior.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-11 17:00:48 +01:00
Mert YEREKAPAN 2191669d08 feat(studio): add upgrade CTA placement experiment (#45858)
## Summary

Replaces the header upgrade CTA (PR #44494, which design team wanted to
iterate on) with a placement experiment that tests three non-chrome
surfaces for the free-plan "Upgrade to Pro" CTA.

PostHog flag `upgradeCtaPlacement` (free-plan users only) with four
arms:

| Variant | Surface |
| --- | --- |
| `control` | No CTA (baseline cohort, still tracked) |
| `user_dropdown` | Full-width button pinned in the account dropdown |
| `org_projects_list` | Project-card-shaped usage tile, first card in
the org project grid |

## Details

### `user_dropdown`
- Full-width `Upgrade to Pro` button in `UserDropdown`, gated to
org-scoped routes only (`/project/*`, `/org/*`) so the org-billing CTA
never shows on `/account`, `/organizations`, etc. — addresses the scope
concern raised in review.
- Dropdown uses controlled `open` state so it closes before navigation
(it lives in the global layout, so a route change alone wouldn't dismiss
the overlay).


### `org_projects_list`
- `PlanUsageCard` renders as the first `<li>` in the project grid (via
`ProjectList`'s `prependCard`), matching `ProjectCard` shape so it reads
like another project tile. Also renders during the project-list loading
state to avoid pop-in.
<img width="3804" height="1494" alt="Arc 2026-06-08 20 02 54"
src="https://github.com/user-attachments/assets/09c2218c-43d1-49ce-bae7-5075c9750d72"
/>

### Shared card styling
- Metric rows (Egress, Database size, Monthly active users, File
storage) show `current / limit` with a progress ring; ring/value turn
warning at ≥80% and over at ≥100%.
- Rows are clickable deep-links to `/org/[slug]/usage#<anchor>` with a
hover chevron and dashed separators; the same row component is used by
both the embedded and project-card variants.
- Skeleton placeholder renders from first paint so the card reserves
layout while `useOrgUsageQuery` resolves.
- Exposure is fired optimistically while the org query loads (skeleton
shows immediately), but the experiment exposure event only fires once
free-plan is confirmed.

### Telemetry
- `upgrade_cta_clicked` with `placement: user_dropdown | home_usage_card
| org_projects_list`.
- `upgrade_cta_placement_experiment_exposed` with `variant` — the custom
exposure event (snake_case experiment id `upgrade_cta_placement`; the
flag key stays camelCase `upgradeCtaPlacement`).

### Header CTA sunset
- `HeaderUpgradeButton` and its wiring in `LayoutHeader` /
`MobileNavigationBar` removed (master's #46144 already removed the
button; this branch drops the remaining `header_upgrade_cta_clicked`
event).

## Before merging
- [x] Create the `upgradeCtaPlacement` flag + experiment in PostHog (4
variants, free-plan targeting, custom exposure event
`upgrade_cta_placement_experiment_exposed`).
- [x] Archive the now-orphaned `headerUpgradeCta` flag.

## Test plan
- [x] Override the flag per variant via the dev toolbar on staging;
confirm each surface renders and `upgrade_cta_clicked` fires with the
right `placement`.
- [x] `control` shows no CTA but still emits the exposure event.
- [x] Paid-plan org and self-hosted (`IS_PLATFORM=false`) show nothing.
- [x] Clicking a metric row deep-links to the matching usage section;
clicking Upgrade routes to billing.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Experimentally surface an “Upgrade to Pro” CTA in the user dropdown
and on the projects page for eligible free-plan orgs.
* Added a Plan Usage card showing free-plan metrics and upgrade prompts
on the organization projects page; hides when irrelevant or errored.
* Project list and its loading view support inserting a custom/prepend
card in card mode.

* **Telemetry**
* Added tracking for CTA clicks and experiment exposure; placement is
persisted per org.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: kemal <hello@kemal.earth>
2026-06-10 11:20:27 +00:00
Jordi Enric 9c572a56fd feat(logs): add realtime, supavisor, and pgbouncer to unified logs (#46786)
## Problem

The unified logs view was missing three log sources that the backend
already returns: Realtime (`realtime_logs`), Supavisor
(`supavisor_logs`), and PgBouncer (`pgbouncer_logs`). Users had no way
to filter or view logs from these services in the unified view.

## Fix

- Added `realtime`, `supavisor`, and `pgbouncer` to `LOG_TYPE_PREDICATE`
and `LOG_TYPE_EXPR` in the OTEL query builder so rows from these sources
are matched and labeled correctly.
- Added the three types to `LOG_TYPES` so filter chips appear in the UI.
- Added icons (`Realtime` from the icons package, `Cable` from
lucide-react for both pooler types) in `LogTypeIcon.tsx`.
- Added display labels in `formatServiceTypeForDisplay` (`Realtime`,
`Supavisor`, `PgBouncer`).
- Fixed a pre-existing unsafe cast in `ServiceFlowPanel.tsx` where any
log type not in the service flow allow-list (like the new types) would
produce a truthy `serviceFlowType` and trigger a runtime error on row
click. The fix checks against `SERVICE_FLOW_TYPES` before casting.

Note: `pg_cron_logs` is not included because the backend otel query does
not yet return that source.

## How to test

1. Open unified logs for a project that has Realtime activity.
2. In the log type filter, confirm `realtime`, `supavisor`, and
`pgbouncer` chips are visible.
3. Toggle on `realtime` and confirm Realtime logs appear with the
correct icon.
4. Click a realtime log row and confirm the detail panel opens on the
raw JSON tab without a runtime error.
5. Toggle on `supavisor` or `pgbouncer` and confirm pooler logs appear
if the project has connection pooler activity.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Added support for three new log types — Realtime, Supavisor, and
PgBouncer — in Unified Logs with display labels, icons, and
filtering/viewing support.

* **Bug Fixes / UI Behavior**
* Service Flow “Overview” tab now only shows when the service type is
recognized, preventing irrelevant overview content for unsupported log
sources.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-09 18:46:37 +02:00
Pamela Chia cd52669f1f fix(docs): negotiate /guides/* markdown via shared helper (#45432)
## Summary

This brings docs `/guides/*` to full content negotiation for AI agents
(GROWTH-811):
RFC 9110 q-value parsing instead of a `.includes('text/markdown')`
substring match,
a 406 when the client rejects every type the route can produce, and
markdown rewrites
for known LLM user agents.

I implemented it by extracting the negotiation into a shared
`common/markdown-negotiation`
module consumed by both `apps/docs/middleware.ts` and
`apps/www/middleware.ts`, rather than
duplicating the helpers into docs and keeping them in sync by hand with
www (#45394). Single
source of truth, no re-sync burden. www is refactored onto the shared
helper with no behavior
change.

## Changes

### docs `/guides/*` content negotiation (GROWTH-811)

- Replace the `.includes('text/markdown')` substring match with RFC 9110
q-value parsing.
- Return 406 (`Cache-Control: no-store`, `Vary: Accept`) when Accept
excludes every type the
route serves. Bypassed for LLM user agents, the `.md` suffix, and
clients sending no Accept.
- Rewrite to `/api/guides-md/<slug>` for LLM user agents (Claude-User,
Claude-Web, ChatGPT-User,
  PerplexityBot) regardless of Accept.
- Preserve the existing `.md` suffix routing and the entire
`/reference/*` block.

### Shared negotiation helper

- New `packages/common/markdown-negotiation.ts`:
`negotiateMarkdown(signals, route)` returns
`'markdown' | 'not-acceptable' | 'pass'`. Internalizes q-value parsing,
the LLM user-agent
  match, the UA-length cap, and the markdown-vs-html preference.
- `apps/www/middleware.ts`: refactored to consume the shared helper; its
duplicated copy of the
negotiation helpers (added in #45394) is removed. `.md` early-return,
changelog routing, and
first-referrer cookie stamping are unchanged (no behavior change,
covered by its existing tests).

### Tests

- New `apps/docs/middleware.test.ts`: q-value priority, the 406 path,
`.md` suffix, LLM UA
override, browser default Accept, training-crawler and substring-embed
exclusion, and the
  `/reference/*` exemption.
- New `packages/common/markdown-negotiation.test.ts`: the same decision
matrix at the unit level
(q-values, 406, LLM UAs, `.md`, `*/*`, training crawlers, OWS,
out-of-range q).

## Testing (Vercel preview)

After Vercel posts a preview URL, save it once then run the probe set.

```bash
echo 'PREVIEW_HOST' > /tmp/growth-811-host.txt
HOST=$(cat /tmp/growth-811-host.txt)

# 1) Browser-style Accept -> HTML 200
curl -sI -A "Mozilla/5.0" \
  -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8' \
  "https://$HOST/docs/guides/auth"

# 2) Accept: text/markdown -> markdown 200
curl -sI -H 'Accept: text/markdown' "https://$HOST/docs/guides/auth"

# 3) text/html;q=1.0, text/markdown;q=0.5 -> HTML 200
curl -sI -H 'Accept: text/html;q=1.0, text/markdown;q=0.5' "https://$HOST/docs/guides/auth"

# 4) unsupported Accept -> 406 + Cache-Control: no-store + Vary: Accept
curl -sI -H 'Accept: application/x-content-negotiation-probe' "https://$HOST/docs/guides/auth"

# 5) User-Agent: Claude-User/1.0 (any Accept) -> markdown 200
curl -sI -A 'Claude-User/1.0' "https://$HOST/docs/guides/auth"
```

### After merge

Run
[acceptmarkdown.com/readiness-check](https://acceptmarkdown.com/readiness-check)
against `https://supabase.com/docs/guides/auth`: expect 100/100.

## Linear

- fixes GROWTH-811
2026-06-09 17:49:35 +08:00
Alex Hall 97c5db7218 chore: regenerate marketplace types (#46746)
Regenerates types for marketplace schema bindings to remove deprecated
RPC functions.
2026-06-08 12:08:43 -04:00
Jordi Enric 895726505f feat(studio): dedicated telemetry events for org audit log drains (#46733)
## Problem

The org Audit Log Drains page fires the same
`log_drain_save_button_clicked` and `log_drain_removed` telemetry events
as the project Log Drains page, even though they are distinct features
(project product logs vs. the org audit log). Org-scoped events should
have their own names and drop the project group.

## Fix

Add dedicated org-scoped events and use them in the org container:

- `audit_log_drain_save_button_clicked`
- `audit_log_drain_removed`

Both declare `groups: Omit<TelemetryGroups, 'project'>` (no project
group), matching the convention used by other org-scoped events (e.g.
the documents page events). The project Log Drains page keeps the
original `log_drain_*` events unchanged.

## How to test

- Open `/org/{slug}/audit-log-drains` (with the `auditLogsLogDrain` flag
enabled).
- Create a drain and confirm `audit_log_drain_save_button_clicked` fires
(with the destination type, org group, no project group).
- Delete a drain and confirm `audit_log_drain_removed` fires.
- Confirm the project Log Drains page still fires `log_drain_*` events.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Chores**
* Updated internal telemetry tracking for audit log drain operations to
improve monitoring and analytics of system behavior.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-08 15:10:03 +02:00
Alex Hall c0e0501c01 feat(studio): support custom installation logic for marketplace integrations (#46660)
- Fetch additional project data needed to determine marketplace
integration installation status
- Consolidate logic to ensure consistency between left-hand nav and
overview tab
- Add special-case handling of new integrations to give us more granular
control of their behavior
2026-06-05 14:02:23 -04:00
Julian Domke dfaf59010b feat(billing): show cancel subscription button on billing page (#46500)
Extracts the Cancellation Flow from the subscriptions side panel and
adds a new button that initiates the flow (old journey is still
possible):

(screenshots see below)

Verified manually:


-  confirmed the old downgrade flow works, Team -> Pro; Pro -> Free
-  confirmed the new downgrade flow works
-  button does not show up when on free plan; no flicker
-  button does not show up on enterprise/platform plan
-  verified button is disabled when managed by AWS marketplace
(hardcoded in `useSelectedOrganizationQuery`)
-  verified button is disabled if `canUpdateSubscriton` is false,
hardcoded in `useAsyncCheckPermissions`
-  modal for exceeding-free-projects shows up


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Added a guided subscription cancellation flow with confirmation steps,
member/usage checks, and an exit survey.
* Exposed a visible "Cancel Subscription" control in billing settings,
enabled/disabled with contextual tooltip messaging.

* **Improvements**
* Downgrade/exit survey confirm action can be disabled when appropriate;
exit survey confirm label updated to "Downgrade Now".

* **Chores**
  * Added frontend telemetry for cancellation button interactions.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-05 09:17:53 +02:00
Ali Waseem 1c2d28d5b3 chore: wrap local storage into helper methods that are safer (#46628)
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.

YES

## What kind of change does this PR introduce?

- Noticing our code we have many patterns of calling localstorage and
handling those errors
- We should add those in a single well tested file
- Handle those errors in the singleton which makes it easier for us to
debug customer issues. Logger is outputing local storage warnings for
feature we expose
- Side effect of this is random crashes on studio when local storage
isn't available or handled correctly

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Refactor**
* Improved browser storage handling across the app for more reliable
persistence and graceful behavior in restricted or non-browser
environments (settings, previews, charts, tabs, sign-in/session flows,
integrations, and UI state).

* **New Features**
* Introduced a safe storage layer to standardize and harden
local/session persistence.

* **Tests**
  * Added comprehensive tests covering the new safe storage behavior.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-04 07:41:28 -06:00
Raminder Singh 101158e824 chore: remove deprecated fields (#46636)
Removed unused deprecated fields from marketplace types.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Refactor**
* Updated listing configuration types to reflect current system
behavior.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-04 13:48:00 +05:30
Raminder Singh e33331fa92 feat: use the new timestamp published at and built by columns (#46552)
This PR starts using the new `built_by`, `published_in_marketplace_at`,
and `published_in_catalog_at` columns in preparation for removing the
old deprecated fields `publish_marketplace`, `publish_dashboard`.

- [x] Test dashboard changes in preview.
- [x] Test www changes in preview.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Bug Fixes**
* Updated marketplace integration identification to use publication
status instead of publish flags for more accurate filtering and display.
* Corrected the developer attribution field displayed for technology
partner integrations to reflect accurate authorship information.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-03 14:57:38 +05:30
Alex Hall 99f4b4230a feat: detect integration install state based on partner callbacks (#46488)
Adds support for the new `integration_status` installation
identification method for OAuth marketplace integrations, which will use
the new integration state stored in Marketplace DB and updated via
partner callbacks. Fixes INT-123
2026-06-02 09:46:04 -04:00
Ali Waseem ac79b1bc81 chore: update banner for pooler w/ new dates (#46561)
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.

YES

## What kind of change does this PR introduce?

- Minor updates to date on pooler changes

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Chores**
* Extended the on-screen maintenance notice so the banner remains
visible until June 9, 2026.
* Updated the scheduled maintenance window details for the US East
region.
  * Revised local maintenance tracking to use the new June 9, 2026 date.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-06-02 13:34:51 +00:00
Paul Cioanca bc6a459fd2 feat(upgrades): prevent upgrades for hibernated projects (#46109)
## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.

YES

## What kind of change does this PR introduce?

* Prevents hibernated projects from undergoing database version upgrades


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Added support for hibernating projects in upgrade warnings. Users will
now see a clear message indicating their project is hibernating and will
resume on the next supported request.

* **Chores**
* Extended log drain configuration to support additional destination
types.

<!-- review_stack_entry_start -->

[![Review Change
Stack](https://storage.googleapis.com/coderabbit_public_assets/review-stack-in-coderabbit-ui.svg)](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46109?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)

<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Kevin Grüneberg <k.grueneberg1994@gmail.com>
2026-06-01 18:53:57 +03:00
Pamela Chia 7f5e3cab93 chore(studio): remove expired Fly.io deprecation banner (#46535) 2026-06-01 19:35:14 +08:00
Pamela Chia 9da249135c fix(telemetry): fix and unify dashboard_error_created tracking (#46537) 2026-06-01 19:34:56 +08:00
Saxon Fletcher 033daf223c Support form Assistant Streamdown (#46248)
Re-adds support form Assistant response using a lighter weight
Streamdown component vs the more heavy `Message` component.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* AI Assistant follow-up card after ticket submission for project-scoped
requests.
* In-chat support request preview panels showing submitted subject and
message.

* **Improvements**
* Smarter project selection when opening the support form via
route/context.
* Success screen: cleaner layout, project-name messaging, optional
finish action, and a "Join Discord" button.
  * Category prompt text updated to "What issue are you having?"
  * New success/feedback section for consistent layouts.

* **Tests**
* Added tests covering support prompt serialization/parsing and UI
previews.

<!-- review_stack_entry_start -->

[![Review Change
Stack](https://storage.googleapis.com/coderabbit_public_assets/review-stack-in-coderabbit-ui.svg)](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46248?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)

<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-05-26 09:56:52 +00:00
Joshen Lim 7f23394818 Persist connect sheet user preference (#46213)
## Context

As per PR title - persists the opened state of the connect sheet into
local storage so re-opening it again will have the same parameters
chosen

## To test

- [ ] Verify that the persisting of the opened state of the connect
sheet works

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Connect Sheet now saves user preferences so selections persist across
sessions.

* **Improvements**
* Better synchronization between the UI and the URL for more consistent
state when opening or sharing links.
  * Clearing selections reliably removes all relevant filters.

* **Refactor**
* Internal state handling simplified for more predictable mode and field
changes.

<!-- review_stack_entry_start -->

[![Review Change
Stack](https://storage.googleapis.com/coderabbit_public_assets/review-stack-in-coderabbit-ui.svg)](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46213?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)

<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-05-25 11:20:43 +07:00
Sean Oliver 2c651ddabc fix(experiment): make dataApiRevokeOnCreateDefault flag reads shape-agnostic (#46289) 2026-05-23 09:30:25 -07:00
Danny White 7283459a02 chore(studio): use ShortcutBadge in Connect command (#46245)
## What kind of change does this PR introduce?

Refactor

## What is the current behavior?

FE-3452: `Connect.Commands.tsx` has a local `ConnectShortcutBadge`
component that hand-rolls the same Fragment + `KeyboardShortcut` +
"then" separator loop that `ShortcutBadge` already provides.

FE-3453: The `'header_button' | 'connect_section' | 'keyboard_shortcut'`
union is written out twice: once in `app-state.ts` and once in the
`ConnectSheetOpenedEvent` telemetry type in `telemetry-constants.ts`.

## What is the new behavior?

FE-3452: `ConnectShortcutBadge` is removed; the badge uses
`<ShortcutBadge shortcutId={SHORTCUT_IDS.CONNECT_OPEN_SHEET} />` inline.

FE-3453: A `ConnectSheetSource` type is exported from
`telemetry-constants.ts` and imported into `app-state.ts`.

## Additional context

- Resolves FE-3452
- Resolves FE-3453.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Refactor**
* Consolidated shortcut badge rendering to use a shared component across
the application, improving code maintainability and reducing
duplication.
* Introduced a centralized type definition for connect sheet source
tracking, enhancing type consistency throughout the codebase.

<!-- review_stack_entry_start -->

[![Review Change
Stack](https://storage.googleapis.com/coderabbit_public_assets/review-stack-in-coderabbit-ui.svg)](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46245?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)

<!-- review_stack_entry_end -->

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-22 10:08:39 -06:00
Joshen Lim 24f62c4402 Joshen/fe 3432 show maintenance banners only for affected project regions (#46191)
## Context

There'll be an upcoming shared pooler maintenance for specific regions -
so the PR here informs users about that via the following changes

- Shift Terms of Service update into a float banner
- Same local storage key is used for dismissal so users who already
dismissed it won't see this again
  - This is to prevent 2 notice banners scenario
<img width="342" height="235" alt="image"
src="https://github.com/user-attachments/assets/0a10fa53-46a0-4c71-beef-d66e006503fd"
/>

- Updated NoticeBanner to inform users of the upcoming maintenance
- Only projects in specific regions will be affected, so not all
projects will see this
<img width="658" height="75" alt="image"
src="https://github.com/user-attachments/assets/83aabda5-a774-4118-a945-08052b7c6b3e"
/>
<img width="496" height="152" alt="image"
src="https://github.com/user-attachments/assets/a1ccc440-5179-4a4b-919f-208844bb2227"
/>

- Cleaned up unused local storage keys

### To test

- Can be tested on preview as the notice applies for eu-central-1 and
us-east-1


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Dismissible Terms of Service update banner with “Learn more” dialog so
users can review and acknowledge changes.
* Enhanced maintenance notices showing region-specific maintenance
windows, a status link per region, and formatted UTC timestamps tied to
the selected project.

<!-- review_stack_entry_start -->

[![Review Change
Stack](https://storage.googleapis.com/coderabbit_public_assets/review-stack-in-coderabbit-ui.svg)](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46191?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)

<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-05-22 17:40:12 +07:00
Danny White 25c8194579 feat(studio): add Connect sheet shortcut guidance (#46185)
## What kind of change does this PR introduce?

Feature, docs update.

- Resolves FE-3419
- First pass for DEPR-578

## What is the current behaviour?

The Connect sheet can be opened from visible UI and command-menu
actions, but it does not have a direct keyboard shortcut. Studio also
has shortcut conventions in code, but limited agent-facing review
guidance for contributors adding or touching Studio UI.

## What is the new behaviour?

FE-3419:

- Adds `O then C` to open the Connect sheet for active healthy projects.
- Mounts the shortcut from the always-rendered Connect sheet, so it
works without first opening the lazy command menu.
- Surfaces the shortcut on the Connect button tooltip, in the shortcuts
reference sheet, and on the Connect command-menu action.
- Forces the tooltip closed while the sheet is open so Escape closes the
sheet without also driving tooltip state.
- Tracks keyboard shortcut opens with the existing Connect sheet
telemetry event.
- Moves single-item AI Assistant and Inline Editor shortcuts to the
_Global Actions_ section in the cheatsheet.

DEPR-578:

- Adds a short Studio shortcut convention to `.claude/CLAUDE.md`.
- Adds scoped Copilot review guidance for Studio shortcut coverage,
discovery, and collision checks.
- Points the guidance back to the existing shortcut registry,
`useShortcut`, `Shortcut`, and `ShortcutTooltip` implementation context.

| After |
| --- |
| <img width="1576" height="188" alt="CleanShot 2026-05-21 at 11 30
40@2x"
src="https://github.com/user-attachments/assets/ba9d68c8-27ea-4c89-8016-d95d5bcea3ea"
/> |
| <img width="830" height="364" alt="CleanShot 2026-05-21 at 11 48
51@2x-FC627CB5-4A1C-49E2-B748-8AF0A3EBD7BC"
src="https://github.com/user-attachments/assets/d6aa52c1-56b2-4731-8e6b-088e29da43ed"
/> |

Validation:

- `pnpm --dir apps/studio exec vitest --run
components/ui/GlobalShortcuts/ShortcutsReferenceSheet.test.tsx
components/interfaces/ConnectButton/Connect.Commands.test.tsx
components/interfaces/ConnectSheet/useConnectSheetShortcut.test.ts`
- `git diff --check`

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Keyboard shortcut to open the Connect sheet from anywhere; Connect
button displays the shortcut and is enabled only for eligible projects.
* New "Global Actions" group in the shortcuts reference including AI
Assistant, Inline Editor, and Connect.

* **Documentation**
* Added Studio keyboard-shortcuts guidance and linked it in project
instructions.

* **Tests**
* Added tests covering connect shortcut behavior and command
registration.

* **Telemetry**
  * Connect-sheet open events now record keyboard shortcut as a source.

<!-- review_stack_entry_start -->

[![Review Change
Stack](https://storage.googleapis.com/coderabbit_public_assets/review-stack-in-coderabbit-ui.svg)](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46185?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)

<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Ali Waseem <waseema393@gmail.com>
2026-05-21 09:32:22 -06:00
Kanishk Dudeja ba77d15d41 chore(billing): remove billing address modal and tax id banner (#46210)
This PR removes the billing address modal and tax id banner code
completely since we no longer need it.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Removed Features**
  * Billing address update modal is no longer accessible.
  * Tax ID banner has been removed from the app UI.
  * Placeholder banner block disabled.

* **Tests**
  * Automated tests for the billing address modal were removed.

* **Chores**
  * Associated local-storage key for the tax ID banner was removed.

<!-- review_stack_entry_start -->

[![Review Change
Stack](https://storage.googleapis.com/coderabbit_public_assets/review-stack-in-coderabbit-ui.svg)](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46210?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)

<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-05-21 18:30:18 +05:30
Charis 72cebe3976 feat(studio): toggle pg_graphql introspection from GraphiQL (#46170)
## Summary

- pg_graphql 1.6+ disables schema introspection by default, which breaks
GraphiQL's docs explorer and field autocomplete. This PR adds an in-app
notice + confirmation flow so users can opt into (or later opt out of)
introspection without leaving the GraphQL tab.
- Introspection state is read from, and written to, the `@graphql(...)`
directive embedded in the target schema's Postgres comment (`public` by
default). Other directive options the user has set are preserved when
the introspection key is toggled.
- Ships `parseSchemaComment` / `buildSchemaCommentWith` helpers (with
unit tests) and a `useSetIntrospection` mutation hook, plus collapsible
disabled-state and dismissible enabled-state notices rendered above
GraphiQL. GraphiQL is re-mounted after a toggle so it re-runs
introspection.

## Test plan

- [ ] On a project with pg_graphql >= 1.6 and introspection disabled:
disabled-state notice appears, confirm modal shows the SQL that will
run, enabling re-mounts GraphiQL and populates the docs explorer.
- [ ] On a project with introspection enabled: small enabled-state
banner appears, disabling clears the docs explorer and updates the
schema comment.
- [ ] Existing `@graphql({...})` options (e.g. `inflect_names`,
`max_rows`) survive a toggle; malformed directive text is replaced and a
warning is shown in the confirm modal.
- [ ] On pg_graphql < 1.6 (or extension not installed): no notice
renders, GraphiQL behaves as before.
- [ ] Collapsed-disabled-notice state persists per project via local
storage.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
  * GraphQL introspection toggle with enable/disable confirmation modal.
* Notices showing current introspection state with controls to change
it.
* GraphiQL automatically remounts and updates when introspection status
changes.
* Per-project persisted collapsed/expanded state for the introspection
notice.
* Background detection of introspection support and schema comment
handling for targeted schemas.

* **Tests**
* Comprehensive tests for parsing/building schema comment directives and
version behavior.

<!-- review_stack_entry_start -->

[![Review Change
Stack](https://storage.googleapis.com/coderabbit_public_assets/review-stack-in-coderabbit-ui.svg)](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46170?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)

<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-05-21 07:07:35 -04:00
Joshen Lim d11bd4997e Revert "Support form Assistant" (#46194)
Reverts supabase/supabase#45861

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

## Release Notes

* **New Features**
* Support form now returns to home view upon completion within the help
panel.
* Success screen conditionally displays community (Discord) section for
specific issue categories.

* **Bug Fixes**
  * Improved project selection logic in support form initialization.

* **Style**
  * Updated support form label text for clarity.
* Redesigned success screen layout with updated styling and separators.

* **Removed Features**
  * Removed support assistant follow-up card from success screen.
  * Removed support request message parsing from AI responses.

<!-- review_stack_entry_start -->

[![Review Change
Stack](https://storage.googleapis.com/coderabbit_public_assets/review-stack-in-coderabbit-ui.svg)](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46194?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)

<!-- review_stack_entry_end -->

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-05-21 14:28:40 +07:00
Saxon Fletcher af7d953f52 Support form Assistant (#45861)
When a support from is submitted, we believe there is an opportunity to
help people before a human receives and responds. Human support is still
involved regardless of whether Assistant helps or not, so this is to
positioned as a "while you wait" type experience.

## To test:
- Enable to `supportAssistantFollowUp` feature flag
- Open a project
- Open the support form and submit a request
- Note the success state and the additional Assistant card
- Note text generation in card
- Clicking card should open the Assistant conversation

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* AI assistant follow-up card appears after submitting a support ticket
to continue the conversation
* Support request preview rendered in the assistant panel showing
subject/message when present

* **Bug Fixes**
* Improved project selection fallback during support form initialization

* **Improvements**
* Refined success layout and messaging; finish action behavior
simplified

[![Review Change
Stack](https://storage.googleapis.com/coderabbit_public_assets/review-stack-in-coderabbit-ui.svg)](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/45861)
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Gildas Garcia <1122076+djhi@users.noreply.github.com>
2026-05-21 09:16:48 +10:00
Mert YEREKAPAN 1ef80fec23 chore(studio): remove HeaderUpgradeButton experiment code (#46144)
## Summary

- Removes the `HeaderUpgradeButton` component, all call sites, and the
`HeaderUpgradeCtaClickedEvent` telemetry type. The GROWTH-615 header
upgrade CTA experiment ended on Apr 29.
- Fixes the `Flag key "headerUpgradeCta" does not exist in PostHog flag
store` console errors that were logging on every render. PostHog drops
disabled flags from `/feature-flags` responses, so the still-mounted
consumer logged a missing-flag warning continuously. Removing the
consumer lets the flag be safely disabled again.

Context: [Slack
thread](https://supabase.slack.com/archives/C07P3AU3J2D/p1779250648219089?thread_ts=1779166940.445709&cid=C07P3AU3J2D)

## Test plan

- [x] `pnpm dev:studio`, open the dashboard, confirm no
`headerUpgradeCta` warning in the browser console
- [x] Desktop header still renders correctly (the button was hidden
behind the `test` variant; visually nothing changes for users since
rollout was 100/0 control)
- [x] Mobile nav bar still renders with `UserDropdown` to the right of
the org/project selector

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Chores**
* Removed the upgrade call-to-action button from the navigation header
in both desktop and mobile layouts.

<!-- review_stack_entry_start -->

[![Review Change
Stack](https://storage.googleapis.com/coderabbit_public_assets/review-stack-in-coderabbit-ui.svg)](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46144?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)

<!-- review_stack_entry_end -->

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-05-20 10:38:04 +00:00