Supabase Release Notes

Release notes

Letting users know about security-sensitive actions on their account is an increasingly common authentication feature.

We’re excited to announce an expansion of our email templates to handle these these types of events, beginning with:

• Password changed
• Email changed
• Phone number changed
• Identity linked or unlinked
• Multi-factor authentication enrolled or unenrolled

You can find documentation—including for our API— here . The list of templates will continue to grow as our feature-set changes, and as we gather feedback from our community.

[!NOTE] To enable the feature preview, click your profile avatar, click Feature previews and enable Security notification templates .

What we’d like to know from you

• Any bugs or issues you run into when using email templates
• Any friction you run into when managing email templates through the Supabase dashboard
• Any additional use cases for email templates, and how we might be able to better support your workflow

Related links

• Dashboard: https://supabase.com/dashboard/project/_/auth/templates
• Documentation:
  • Email templates: https://supabase.com/docs/guides/auth/auth-email-templates
  • Send email hook: https://supabase.com/docs/guides/auth/auth-hooks/send-email-hook
  • Local Dev / CLI: https://supabase.com/docs/guides/local-development/customizing-email-templates

Original source Report a problem

Letting users know about security-sensitive actions on their account is an increasingly common authentication feature.

We’re excited to announce an expansion of our email templates to handle these these types of events, beginning with:

• Password changed
• Email changed
• Phone number changed
• Identity linked or unlinked
• Multi-factor authentication enrolled or unenrolled

You can find documentation—including for our API— here . The list of templates will continue to grow as our feature-set changes, and as we gather feedback from our community.

[!NOTE] To enable the feature preview, click your profile avatar, click Feature previews and enable Security notification templates .

What we’d like to know from you

• Any bugs or issues you run into when using email templates
• Any friction you run into when managing email templates through the Supabase dashboard
• Any additional use cases for email templates, and how we might be able to better support your workflow

Rollout plan

• Changes are behind a feature preview in the dashboard
• Starting from 13th Nov 2025, we will roll out to the hosted platform first as incremental % rollout where users will be opted into the feature preview by default
• If you might want opt out of the changes, you may disable the changes via the feature previews which you can access through the user dropdown in the header here:

Related links

• Dashboard: https://supabase.com/dashboard/project/_/auth/templates
• Documentation:
  • Email templates: https://supabase.com/docs/guides/auth/auth-email-templates
  • Send email hook: https://supabase.com/docs/guides/auth/auth-hooks/send-email-hook
  • Local Dev / CLI: https://supabase.com/docs/guides/local-development/customizing-email-templates

Original source Report a problem

Here's another brief summary of changes that went into the dashboard over the past 2 weeks 😄🙏

Upcoming: Storage UI update

We'll be pushing out an update to our Storage UI within this week as part of revisiting the information architecture of the dashboard, given that Supabase Storage isn't only about file storage but also analytics and vectors! 😉🗂️. This sets up the necessary changes required to support the other storage types that will come soon to the dashboard some time this week (or next)! 🙏 There's no other changes besides this (the file explorer of your file buckets remains the same 🙂🙏)

PR:
https://github.com/supabase/supabase/pull/40076
Link:
https://supabase.com/dashboard/project/_/storage/buckets

Auth Reports improvements

We've shipped a number of updates to the Auth Reports, splitting reports into sections and making it easier to find the information that you need! 🙂🕵️ (Usage, Monitoring, Performance) These changes will allow you to see spikes in errors in the API and Auth servers, and you may also select a part of the chart to open them in the logs pages (Way more easier than combing through them in the Logs Explorer)

PR:
https://github.com/supabase/supabase/pull/39013
Link:
https://supabase.com/dashboard/project/_/reports/auth

Additional settings for Realtime

We've added the following 3 settings that can be configured for your project through the realtime settings page! ⚙️💨 Information regarding all configurable settings for Realtime can be found in our documentation
here!

• Enable / Disable Realtime service
  • If disabled, no clients will be able to connect and new connections will be rejected
• Max presence events per second
  • Maximum number of presence events per second that can be sent to your Realtime service
• Max payload size in KB
  • Maximum number of payload size in KB that can be sent to your Realtime service

PR:
https://github.com/supabase/supabase/pull/39566
Link:
https://supabase.com/dashboard/project/_/realtime/settings

Support for Sentry Log Drains

You can now send your project logs to Sentry as a third party destination! 🙂🪵 Read more about this in our documentation
here!

PR:
https://github.com/supabase/supabase/pull/39442
Link:
https://supabase.com/dashboard/project/_/settings/log-drains

Other bug fixes and improvements

General

• Simplified UI for project while in a paused state (PR)

Auth

• Persist sort by search configuration, but only if number of users in database is < 10,000 (PR)

Database

• Add support for duplicating database functions (PR)
• Add support for duplicating database triggers (PR)
• Database functions link to triggers list if function has trigger return type (PR)
• Database triggers link to table editor and functions list if for the table and function of the trigger respectively (PR)

Edge Functions

• Added support for drag and drop to add files while editing an edge function (PR)

Storage

• Add virtualization for buckets to support rendering a large number of buckets (PR)

Table Editor

• Fix schema not persisting when creating a table outside of the public schema (PR)

Reports

• Fix database reports "Database Connections" charts (PR)

Realtime

• Improved error messages when channel fails to join (PR)
• Add warning when updating realtime settings that clients will be disconnected (PR)

Original source Report a problem

🔍 What’s new

• Functions returning SETOF or table types are now correctly inferred as embedded relationships (arrays) when used in .select() queries (computed relationships). Supported via SetofOptions from introspection. note: If you define a function in Postgres with RETURNS SETOF … ROWS 1, the tool-chain (introspection + type generation) will infer this as a single object instead of an array.
• TypeScript errors at call-site when you attempt to call a function with wrong or conflicting parameters. For example:
  1
  const res = await supabase.rpc('postgrest_unresolvable_function', { a: 'test' });
  // Error: Could not choose the best candidate function between: public.postgrest_unresolvable_function(a => integer), public.postgrest_unresolvable_function(a => text).
  This kind of error helps you catch ambiguous overloads that the introspection cannot decide between.
• Additional error cases like:
  1
  const res = await supabase.rpc('blurb_message', {});
  // Error: Searched for the function public.blurb_message with parameter or with a single unnamed json/jsonb parameter, but no matches were found in the schema cache.
  This corresponds to underlying PostgREST error codes PGRST202 / PGRST203.

Important caveats:

Nullable embed relationships by default: When you embed a function (computed relationship) in a .select() query, the generated type will treat the function result as possibly null, since it may not return any rows.
You can override the nullability globally using a DeepMerge override when generating types using the CLI. Example:

import { MergeDeep } from 'type-fest'
import { Database as DatabaseGenerated } from './database-generated.types'

export type Database = MergeDeep<
  DatabaseGenerated,
  {
    public: {
      Functions: {
        my_function: {
          SetofOptions: {
            isNotNullable: true
          }
        }
      }
    }
  }
>

This approach mimics defining custom JSON types via MergeDeep.

However, when a function has multiple overloads or multiple SetofOptions variants (for example one overload returns from someTable → someOtherTable, another returns someTable2 → someOtherTable), a global override may become ambiguous:

function_name:
  |
  {
    ...,
    SetofOptions: {
      from: 'someTable',
      to: 'someOtherTable'
    }
  }
  |
  {
    ...,
    SetofOptions: {
      from: 'someTable2',
      to: 'someOtherTable'
    }
  }

In such cases, the recommendation is to use the !inner hint in the query itself so the inference knows the result won’t be null:

client
.from('table')
.select('field1, computed_relationship!inner(id)')
// Inferred type:
// { field1: string, computed_relationship: { id: string } }
// rather than default:
// { field1: string, computed_relationship: { id: string } | null }

✅ What you should do

• Upgrade to @supabase/[email protected] (or higher)
• Ensure you are using the CLI at version > 2.53.1 so that SetofOptions metadata is correctly included in the generated types.
• Regenerate your types (e.g., npx supabase gen types typescript …) after introspection so that functions with SETOF return types are captured with the proper metadata.

🔗 References

• PostgREST docs — Computed Relationships
• supabase/supabase-js#1632
• supabase/postgres-meta#971
• Defining custom JSON types (type override docs)

Original source Report a problem

Another brief summary of changes that went into the dashboard over the past 2 weeks 🙂🙏

Update to the Authentication Users page

You may have already noticed but we've recently had to make some changes to the Users page under the Authentication section, specifically around how users are fetched and searched 🙏 The reason behind the change is primarily technical which is summarized nicely in this tweet here, but TLDR the query which the dashboard was running to retrieve users from the database wasn't performant in particular if your project had a large number of users.

Understandably this makes the UX less than ideal consequently, in particular with sorting since users are no longer sorted by "Created at" by default which was helpful for seeing new users who signed up to your application. While this is still possible by swapping the search mode to "Unified search", it was pretty inconvenient since the search configurations aren't persisted across sessions (we definitely hear all feedback as promised! 🙏🙂)

As such and we've recently shipped an update that moves search configuration into the URL (so that refreshing keeps you in the same state), but also persist the search mode in local storage to ensure that it's restored whenever you return to the Users page.

There's definitely more than we can do here and we're actively looking into this! In the meantime, feel free to leave any thoughts or feedback in this discussion here! 🙂🙏

PR:

• https://github.com/supabase/supabase/pull/39349
• https://github.com/supabase/supabase/pull/39599
• https://github.com/supabase/supabase/pull/39649

Link:

• https://supabase.com/dashboard/project/_/auth/users

Other bug fixes and improvements

Account

• Add settings to disable hotkeys in dashboard (PR)

General

• Add more context for common issues in session expired dialog (PR)
• Add visibility toggle for password input field in sign in page (PR)
• Consolidate information in Connect dialog to reduce cognitive load (PR)

Assistant

• Add support for rating individual assistant responses (PR)
• Add error handler for when conversation gets too long (PR)
• Add support for switching models for Assistant (PR)

Edge Functions

• Add Hide / Show anonymous key CTA in Edge Function details page "Invoke function" section (PR)
• Opt to ignore "Cannot find modules" errors in Edge Functions code editor (PR)
• Omit quotes when pasting contents of a .env file into Edge Functions secrets (PR)

Realtime

• Add Assistant CTA to set up realtime for project (PR)
• Add max events per second configuration in realtime settings (PR)

Reports

• Add timezone to tooltips (PR)

Settings

• Improve clarity in Postgres upgrade callout regarding objects that need to be removed (PR)

Table Editor

• Fix occasional duplicate rows issue when exporting table into CSV (PR)

SQL Editor

• Mitigate "Unable to find snippet" issue Part 1 (PR)
• Mitigate "Unable to find snippet" issue Part 2 (PR)

Original source Report a problem

The
Supabase MCP server
is now hosted as a remote (HTTP) MCP server at the following URL:
https://mcp.supabase.com/mcp
Or if you are developing locally using the CLI, you can access the MCP server at:
http://localhost:54321/mcp
This makes it easier and more secure to connect your MCP clients with Supabase while expanding the number of clients Supabase can connect to.

Why remote MCP?
Up until now you had to run Supabase MCP locally via an
npx
command:
npx -y @supabase/mcp-server-supabase@latest ...
Running the MCP server this way came with a lot of pain points:

• Limited MCP clients: Most web-based AI agents (like ChatGPT) are limited to HTTP-based MCP servers due to the environments they run in.
• Authentication was clunky: You needed to manually generate a personal access token (PAT) in order to authenticate with your Supabase account which added friction to the setup experience and had weaker security (it was easy to accidentally commit this to source control).
• Setup was tricky: You needed Node.js installed to run the server, needed to make sure your environment was configured correctly with the right version, and you needed to modify the command slightly based on the operating system you were running.
  Now with remote MCP, you are able to connect Supabase with many more MCP clients, you authenticate using a much simpler browser-based OAuth 2 flow, and setup is much easier. We also built an
  interactive widget
  to help you connect popular MCP clients to Supabase and customize the URL to your preferences (like project-scoped mode and read-only mode).

Security reminder
A friendly reminder to never connect MCP to production data! Supabase was designed from the beginning to assist with app development and shouldn't be connected to production databases. See our post on
Defense in Depth for MCP Servers
.

More info
Read more about all the features in the
Remote MCP blog post
!

Original source Report a problem

We recently rolled out a change that updates pgmq version from 1.4.4 to 1.5.1 for new projects created with release version https://github.com/supabase/postgres/releases/tag/17.6.1.016 and newer.

There is a potential breaking change for users of the delay parameter as discussed here https://github.com/pgmq/pgmq/releases/tag/v1.5.0 for versions 1.5.0 and newer

However, there is a temporary issue with upgrade of existing projects with just the pgmq extension. At the moment if you trigger an upgrade, your pgmq extension will remain on version 1.4.4 until we fix this upgrade issue. We'll report back here when this is fixed. It will likely be fixed by an upstream contribution or fix of the extension itself, and a release of a version newer than 1.5.1

Again, once this issue is resolved we'll update this changelog issue, although users should still be aware of the potential breaking change

Original source Report a problem

Another brief summary of changes that went into the dashboard over the past 2 weeks, but before that...

Supabase Select just wrapped up over the weekend!

If you might have missed it or want to get involved - Livestreams are available on the
Supabase Youtube channel
, or on our site
here
! A huge thank you to everyone in the community for joining us on this journey thus far - and as always let us know any feedback / ideas / thoughts, anything! We promise we look at every message that comes in 🙂🙏

Assistant Improvements

We've been shipping some incremental improvements to the Assistant which involves both better response speeds, better quality outputs, and better UX with a more action-oriented approach (along with some style refinements to messages and tools)! 🤖🙂

These are all in hopes to support you while building out with Supabase and we're still looking into how we can make the experience even better for you! Feel free to leave any feedback or ideas in this thread on how we can further improve the Assistant 😄🙏

• PR:

  • https://github.com/supabase/supabase/pull/38806
  • https://github.com/supabase/supabase/pull/38805
  • https://github.com/supabase/supabase/pull/39031
  • https://github.com/supabase/supabase/pull/39072

• Link:

  • https://supabase.com/dashboard/project _

Contextual error handling in Table Editor

Enabling users to self-debug when running into issues have been at the forefront of our priority recently - this is just a small addition to that topic in which we're opting to provide contextual errors in the table editor, specifically when applying filters 🙂🔍

Hopefully these will provide better clues while working with the Table Editor instead of just merely showing "Failed to retrieve rows" - and we're hoping to expand this further too to cover more cases! 🙏

• PR:

  • https://github.com/supabase/supabase/pull/39004

• Link:

  • https://supabase.com/dashboard/project _/editor

Other bug fixes and improvements

General

• Improve clarity of errors for organization member invite flow (PR)
• Fix deleting project not refreshing list of projects on home page (PR)

Table Editor

• Fix "New table" button not working if on an unknown table (PR)
• Improve stability of tab state syncing between URL params and local storage (PR)
• Use session storage as default cache for tab state (PR)
• Ensure CSV chunk uploads handle rate limits properly (PR)
• Refrain from applying a default sort on JSON columns (PR)
• Flatten copy cell and row actions in context menu (PR)

Storage Explorer

• Fix long bucket names blocking bucket actions (PR)

Integrations

• Fix webhooks HTTP headers for edge functions not loading Auth headers on first open (PR)

Advisors

• Query performance improve layout of metadata in query details panel (PR)
• Query performance consolidate time consumed and total time columns (PR)
• Query performance make query pattern expandable (PR)
• Query performance improve time consumed text to be more human readable (PR)

Reports

• Improve tooltip UX (PR)
• Make chart highlight actions configurable per chart (PR)
• Use is instead of matches in API filters (PR)
• Fix max pooler connections tooltip (PR)
• Always show tooltip values (PR)

Original source Report a problem

What Changed

We've consolidated all Supabase JS client libraries into a unified monorepo at
supabase/supabase-js
.

For Package Users 👥

Nothing changed for you!

Continue installing packages as usual:

• npm install @supabase/supabase-js
• npm install @supabase/auth-js
• npm install @supabase/storage-js
• etc.

For Contributors 🛠️

All development now happens in the monorepo:
Old repositories (will be archived soon):

• supabase/auth-js
• supabase/postgrest-js
• supabase/realtime-js
• supabase/storage-js
• supabase/functions-js
  New location: All libraries are now under
  packages/core/
  in
  supabase/supabase-js

Benefits

• Fixed versioning - all packages share the same version for compatibility
• Atomic changes - fix bugs across libraries in single PRs
• Better testing - immediate integration testing without manual releases
• Unified tooling - consistent build, test, and release processes

Getting Started

• Fork and clone : github.com/supabase/supabase-js
• Read the guides : Complete documentation in the new repository
• Use Nx commands : npx nx test auth-js, npx nx build storage-js, etc.

Documentation
All documentation is now in the monorepo:

• Contributing Guide - Development workflow and PR process
• Migration Guide - Detailed transition information
• Testing Guide - Package-specific testing requirements

Questions?

• Issues : supabase-js Issues
• Migration help : Open a new issue. Add [migration] in the title of your issue.

Original source Report a problem

Another brief summary of changes that went into the dashboard over the past 2 weeks! 🙂

Couple of improvements to the Query Performance Advisor

We've been shipping incremental improvements to the Query Performance Advisor in hopes to simplify the usability of the report despite all the information present on the page 🙏🙂 There's quite a few tidbits there so check out the advisor and let us know what you think! Huge shoutout to @kemaldotearth for this one! 😄

PRs

• https://github.com/supabase/supabase/pull/38470
• https://github.com/supabase/supabase/pull/38523
• https://github.com/supabase/supabase/pull/38606
• https://github.com/supabase/supabase/pull/38657
• https://github.com/supabase/supabase/pull/38634
• https://github.com/supabase/supabase/pull/38744
• https://github.com/supabase/supabase/pull/38778
• https://github.com/supabase/supabase/pull/38783
• https://github.com/supabase/supabase/pull/38819
• https://github.com/supabase/supabase/pull/38825
• https://github.com/supabase/supabase/pull/38815
• https://github.com/supabase/supabase/pull/38867
• https://github.com/supabase/supabase/pull/38920

URL

https://supabase.com/dashboard/project/_/advisors/query-performance

Configure to save Auth Audit Logs in project's database

We've added a new page under the Auth section "Audit Logs" which will allow you to toggle disabling writing Auth audit logs to your project's database. The Auth audit logs will still be available in the auth logs but doing so will then prevent the audit logs from taking up your project's database space, which subsequently reduces your database storage costs. Read more about this in our docs here!

PR

https://github.com/supabase/supabase/pull/37409

URL

https://supabase.com/dashboard/project/_/auth/audit-logs

Other bug fixes and improvements

Table Editor

• Shift refresh button to top nav for better visibility (PR)
• CSV imports will show row number with the error to give a more actionable message (PR)
• Fix default value placeholder for fields with foreign keys (PR)
• Add support for expanding rows into a side panel for foreign tables (FDW) (PR)
• Add contextual errors for foreign tables if failed to fetch rows (FDW) (PR)

Integrations

• Fix webhooks HTTP headers for edge functions not loading auth headers on first open (PR)

Reports

• Chart highlight actions can be configured per chart (PR)

Original source Report a problem