Changelog

Here’s everything that happened with Supabase in the last month. Be sure to keep reading for a special gift:

Supabase ETL#

A change-data-capture pipeline that continuously replicates data from Supabase Postgres to external destinations, starting with Iceberg. Available in private alpha now.

[Blog Post]

Analytics Buckets#

Specialized storage buckets built on Apache Iceberg and AWS S3 Tables that provide columnar storage for analytical workloads while maintaining compatibility with the Postgres interface. Available in public alpha now.

[Blog Post]

Vector Buckets#

Vector Buckets are a specialized bucket type built on Amazon S3 Vectors. They are cold storage for your embeddings, with a query engine attached. Available in public alpha now.

[Blog Post]

iceberg-js#

A minimal, vendor-agnostic JavaScript client for the Apache Iceberg REST Catalog API.

[Blog Post]

Supabase Platform#

A white-label offering that lets platforms provision and manage fully managed backends on behalf of their users

[Blog Post]

New Auth Templates#

We now include more email templates to handle security-sensitive changes to you app, including password changed, email changed, phone number changed, identity linked or unlinked, multi-factor authentication enrolled or unenrolled, and more.

[Blog Post]

Sign in with [Your App]#

You can now turn your project into a full-fledged identity provider. You’ve heard about “Sign in With Google,” now you can build “Sign in With [Your App].” The immediate catalyst for this is that soon you can build MCP servers that use Supabase Auth in your app to authenticate the user.

[Blog Post]

Supabase power for Amazon Kiro#

With these powers for [Amazon’s Kiro IDE](https://www.kiro.dev), you can build full-stack applications faster by giving Kiro deep knowledge of your Supabase project, best practices for database migrations, edge functions, and security policies.

[Blog Post]

Supabase in the AWS Marketplace#

You can now purchase Supabase through the AWS Marketplace, which means that if your company has an AWS spend-commit you can use it to purchase Supabase.

[LinkedIn]

Quick Product Announcements#

• We’ve added asynchronous streaming to Postgres Foreign Data Wrappers. [Blog Post]
• We now support deploying legacy NodeJS applications as Edge Functions.
• You can now download Edge Functions from the Supabase CLI without Docker.
• You can now bulk paste and edit individual secrets for Edge Functions.

Manage Vector Buckets from the dashboard#

We're rolling out management of Vector Buckets where you can store, index, and query your vector embeddings at scale! 📈

Vector Buckets is currently in Public Alpha, hence expect rapid changes and possible breaking updates as we expand access to make this increasingly available to everyone. 🙂🙏

Analytics Buckets is also currently in Public Alpha if that might interest you too! 🙏

What we'd like to know from you#

• Any bugs / issues that you might run into when using Vector Buckets
• Any UX friction that you might run into when managing Vector Buckets through the dashboard
• Any use cases for Analytics Buckets, and how we might be able to improve the DX to support your development / workflow

Related Links#

Dashboard: https://supabase.com/dashboard/project/_/storage/vectors Documentation: https://supabase.com/docs/guides/storage/vector/introduction

Another brief summary of changes that went into the dashboard over the past 2 weeks 🙂 🙏

Update to the Storage UI#

This was mentioned in the previous changelog announcement but we've recently updated the UI of the storage section in the dashboard as we're expanding the product with 2 new types of buckets - Analytics and Vectors 🙂

We'll have more information regarding these 2 buckets in the near future, but if you might be interested in Analytics Buckets, we've got a separate discussion here where we're hoping to get some feedback once it becomes available! 🙏🙂 Watch this space!

PR: https://github.com/supabase/supabase/pull/40076

Link: https://supabase.com/dashboard/project/_/storage/files

Other bug fixes and improvements#

Account

• Add settings to toggle Inline SQL Editor Panel via keyboard shortcut (PR)

Auth

• Support toggling security emails from respective templates page (Feature is behind a feature preview) (PR)
• Default users search to be on the emails column instead of user ID (PR)

Storage

• Virtualize rendering of buckets to support rendering a large number of buckets in UI (PR)
• Added search support to search on bucket names for bucket policies page (PR)

Database

• Adds a link from trigger list to the corresponding database function, and a link to the table in the Table Editor (PR)

Edge Functions

• Fix code editor warnings overflowing issue (PR)

Table Editor

• Fix mobile menu closing when changing schema (PR)
• Hide row actions and separators for tables in protected schemas (PR)
• Fix empty state drag drop zone to handle non CSV file types (PR)
• Fix Table Editor not horizontally scrollable when there's no rows (PR)
• Link to policies page to use table name as search param instead of table ID (PR)
• Persist sort preferences within "Select foreign key record" sheet (PR)

Support Form

• Automatically select the organization in the support form if navigating to support form from an organization page (PR)

Letting users know about security-sensitive actions on their account is an increasingly common authentication feature.

We’re excited to announce an expansion of our email templates to handle these these types of events, beginning with:

• Password changed
• Email changed
• Phone number changed
• Identity linked or unlinked
• Multi-factor authentication enrolled or unenrolled

You can find documentation—including for our API—here. The list of templates will continue to grow as our feature-set changes, and as we gather feedback from our community.

[!NOTE] To enable the feature preview, click your profile avatar, click Feature previews and enable Security notification templates.

What we’d like to know from you#

• Any bugs or issues you run into when using email templates
• Any friction you run into when managing email templates through the Supabase dashboard
• Any additional use cases for email templates, and how we might be able to better support your workflow

Rollout plan#

• Changes are behind a feature preview in the dashboard
• Starting from 13th Nov 2025, we will roll out to the hosted platform first as incremental % rollout where users will be opted into the feature preview by default
• If you might want opt out of the changes, you may disable the changes via the feature previews which you can access through the user dropdown in the header here:

Related links#

• Dashboard: https://supabase.com/dashboard/project/_/auth/templates
• Documentation:
  • Email templates: https://supabase.com/docs/guides/auth/auth-email-templates
  • Send email hook: https://supabase.com/docs/guides/auth/auth-hooks/send-email-hook
  • Local Dev / CLI: https://supabase.com/docs/guides/local-development/customizing-email-templates

Manage Analytics Buckets from the dashboard#

We previously announced Supabase Analytics Bucket in Launch Week 15 and we've made much progress since then! You can use these buckets to store large datasets for analytics and reporting 📊

Analytics Buckets is currently in Public Alpha, hence expect rapid changes and possible breaking updates as we expand access to make this increasingly available to everyone. 🙂🙏

Vector Buckets are also now in Public Alpha if you might be interested as well 😄

What we'd like to know from you#

• Any bugs / issues that you might run into when using Analytics Buckets
• Any UX friction that you might run into when managing Analytics Buckets through the dashboard
• Any use cases for Analytics Buckets, and how we might be able to improve the DX to support your development / workflow

Related Links#

Dashboard: https://supabase.com/dashboard/project/_/storage/analytics

Waitlist: https://forms.supabase.com/analytics-buckets Youtube: https://www.youtube.com/watch?v=8poJ0f3Ucik Blog: https://supabase.com/blog/analytics-buckets Documentation: https://supabase.com/docs/guides/storage/analytics/introduction

Here's another brief summary of changes that went into the dashboard over the past 2 weeks 😄🙏

Upcoming: Storage UI update#

We'll be pushing out an update to our Storage UI within this week as part of revisiting the information architecture of the dashboard, given that Supabase Storage isn't only about file storage but also analytics and vectors! 😉🗂️. This sets up the necessary changes required to support the other storage types that will come soon to the dashboard some time this week (or next)! 🙏 There's no other changes besides this (the file explorer of your file buckets remains the same 🙂🙏)

PR: https://github.com/supabase/supabase/pull/40076

Link: https://supabase.com/dashboard/project/_/storage/buckets

Auth Reports improvements#

We've shipped a number of updates to the Auth Reports, splitting reports into sections and making it easier to find the information that you need! 🙂🕵️ (Usage, Monitoring, Performance) These changes will allow you to see spikes in errors in the API and Auth servers, and you may also select a part of the chart to open them in the logs pages (Way more easier than combing through them in the Logs Explorer)

PR: https://github.com/supabase/supabase/pull/39013

Link: https://supabase.com/dashboard/project/_/reports/auth

Additional settings for Realtime#

We've added the following 3 settings that can be configured for your project through the realtime settings page! ⚙️💨 Information regarding all configurable settings for Realtime can be found in our documentation here!

• Enable / Disable Realtime service
  • If disabled, no clients will be able to connect and new connections will be rejected
• Max presence events per second
  • Maximum number of presence events per second that can be sent to your Realtime service
• Max payload size in KB
  • Maximum number of payload size in KB that can be sent to your Realtime service

PR: https://github.com/supabase/supabase/pull/39566

Link: https://supabase.com/dashboard/project/_/realtime/settings

Support for Sentry Log Drains#

You can now send your project logs to Sentry as a third party destination! 🙂🪵 Read more about this in our documentation here!

PR: https://github.com/supabase/supabase/pull/39442

Link: https://supabase.com/dashboard/project/_/settings/log-drains

Other bug fixes and improvements#

General

• Simplified UI for project while in a paused state (PR)

Auth

• Persist sort by search configuration, but only if number of users in database is < 10,000 (PR)

Database

• Add support for duplicating database functions (PR)
• Add support for duplicating database triggers (PR)
• Database functions link to triggers list if function has trigger return type (PR)
• Database triggers link to table editor and functions list if for the table and function of the trigger respectively (PR)

Edge Functions

• Added support for drag and drop to add files while editing an edge function (PR)

Storage

• Add virtualization for buckets to support rendering a large number of buckets (PR)

Table Editor

• Fix schema not persisting when creating a table outside of the public schema (PR)

Reports

• Fix database reports "Database Connections" charts (PR)

Realtime

• Improved error messages when channel fails to join (PR)
• Add warning when updating realtime settings that clients will be disconnected (PR)

With @supabase/supabase-js@2.75.1 and a CLI version > 2.53.1, the type-generation and runtime support for embedded functions / computed relationships has been improved. The introspection now includes SetofOptions metadata via the supabase/postgres-meta#971, and the client library types in supabase-js now provide stronger type inference and compile-time errors for invalid function usage.

🔍 What’s new#

• Functions returning SETOF or table types are now correctly inferred as embedded relationships (arrays) when used in .select() queries (computed relationships). Supported via SetofOptions from introspection. note: If you define a function in Postgres with RETURNS SETOF … ROWS 1, the tool-chain (introspection + type generation) will infer this as a single object instead of an array.

• TypeScript errors at call-site when you attempt to call a function with wrong or conflicting parameters. For example:

  
  

  _10

  const res = await supabase.rpc('postgrest_unresolvable_function', { a: 'test' });

  _10

  // Error: Could not choose the best candidate function between: public.postgrest_unresolvable_function(a => integer), public.postgrest_unresolvable_function(a => text).

  
  

  This kind of error helps you catch ambiguous overloads that the introspection cannot decide between.

• Additional error cases like:

  
  

  _10

  const res = await supabase.rpc('blurb_message', {});

  _10

  // Error: Searched for the function public.blurb_message with parameter or with a single unnamed json/jsonb parameter, but no matches were found in the schema cache.

  
  

  This corresponds to underlying PostgREST error codes PGRST202 / PGRST203.

Important caveats:

Nullable embed relationships by default: When you embed a function (computed relationship) in a .select() query, the generated type will treat the function result as possibly null, since it may not return any rows.

You can override the nullability globally using a DeepMerge override when generating types using the CLI. Example:

This approach mimics defining custom JSON types via MergeDeep.

However, when a function has multiple overloads or multiple SetofOptions variants (for example one overload returns from someTable → someOtherTable, another returns someTable2 → someOtherTable), a global override may become ambiguous:

In such cases, the recommendation is to use the !inner hint in the query itself so the inference knows the result won’t be null:

✅ What you should do#

1. Upgrade to @supabase/supabase-js@2.75.1 (or higher)
2. Ensure you are using the CLI at version > 2.53.1 so that SetofOptions metadata is correctly included in the generated types.
3. Regenerate your types (e.g., npx supabase gen types typescript …) after introspection so that functions with SETOF return types are captured with the proper metadata.

🔗 References#

• PostgREST docs — Computed Relationships
• supabase/supabase-js#1632
• supabase/postgres-meta#971
• Defining custom JSON types (type override docs)

Another brief summary of changes that went into the dashboard over the past 2 weeks 🙂🙏

Update to the Authentication Users page#

You may have already noticed but we've recently had to make some changes to the Users page under the Authentication section, specifically around how users are fetched and searched 🙏 The reason behind the change is primarily technical which is summarized nicely in this tweet here, but TLDR the query which the dashboard was running to retrieve users from the database wasn't performant in particular if your project had a large number of users.

Understandably this makes the UX less than ideal consequently, in particular with sorting since users are no longer sorted by "Created at" by default which was helpful for seeing new users who signed up to your application. While this is still possible by swapping the search mode to "Unified search", it was pretty inconvenient since the search configurations aren't persisted across sessions (we definitely hear all feedback as promised! 🙏🙂)

As such and we've recently shipped an update that moves search configuration into the URL (so that refreshing keeps you in the same state), but also persist the search mode in local storage to ensure that it's restored whenever you return to the Users page.

There's definitely more than we can do here and we're actively looking into this! In the meantime, feel free to leave any thoughts or feedback in this discussion here! 🙂🙏

PR:

• https://github.com/supabase/supabase/pull/39349
• https://github.com/supabase/supabase/pull/39599
• https://github.com/supabase/supabase/pull/39649

Link: https://supabase.com/dashboard/project/_/auth/users

Other bug fixes and improvements#

Account

• Add settings to disable hotkeys in dashboard (PR)

General

• Add more context for common issues in session expired dialog (PR)
• Add visibility toggle for password input field in sign in page (PR)
• Consolidate information in Connect dialog to reduce cognitive load (PR)

Assistant

• Add support for rating individual assistant responses (PR)
• Add error handler for when conversation gets too long (PR)
• Add support for switching models for Assistant (PR)

Edge Functions

• Add Hide / Show anonymous key CTA in Edge Function details page "Invoke function" section (PR)
• Opt to ignore "Cannot find modules" errors in Edge Functions code editor (PR)
• Omit quotes when pasting contents of a .env file into Edge Functions secrets (PR)

Realtime

• Add Assistant CTA to set up realtime for project (PR)
• Add max events per second configuration in realtime settings (PR)

Reports

• Add timezone to tooltips (PR)

Settings

• Improve clarity in Postgres upgrade callout regarding objects that need to be removed (PR)

Table Editor

• Fix occasional duplicate rows issue when exporting table into CSV (PR)

SQL Editor

• Mitigate "Unable to find snippet" issue Part 1 (PR)
• Mitigate "Unable to find snippet" issue Part 2 (PR)

What's changed?#

The Supabase MCP server is now hosted as a remote (HTTP) MCP server at the following URL:

Or if you are developing locally using the CLI, you can access the MCP server at:

This makes it easier and more secure to connect your MCP clients with Supabase while expanding the number of clients Supabase can connect to.

Why remote MCP?#

Up until now you had to run Supabase MCP locally via an npx command:

Running the MCP server this way came with a lot of pain points:

1. Limited MCP clients: Most web-based AI agents (like ChatGPT) are limited to HTTP-based MCP servers due to the environments they run in.
2. Authentication was clunky: You needed to manually generate a personal access token (PAT) in order to authenticate with your Supabase account which added friction to the setup experience and had weaker security (it was easy to accidentally commit this to source control).
3. Setup was tricky: You needed Node.js installed to run the server, needed to make sure your environment was configured correctly with the right version, and you needed to modify the command slightly based on the operating system you were running.

Now with remote MCP, you are able to connect Supabase with many more MCP clients, you authenticate using a much simpler browser-based OAuth 2 flow, and setup is much easier. We also built an interactive widget to help you connect popular MCP clients to Supabase and customize the URL to your preferences (like project-scoped mode and read-only mode).

Security reminder#

A friendly reminder to never connect MCP to production data! Supabase MCP was designed from the beginning to assist with app development and shouldn't be connected to production databases. See our post on Defense in Depth for MCP Servers.

More info#

Read more about all the features in the Remote MCP blog post!

We recently rolled out a change that updates pgmq version from 1.4.4 to 1.5.1 for new projects created with release version https://github.com/supabase/postgres/releases/tag/17.6.1.016 and newer.

There is a potential breaking change for users of the delay parameter as discussed here https://github.com/pgmq/pgmq/releases/tag/v1.5.0 for versions 1.5.0 and newer

However, there is a temporary issue with upgrade of existing projects with just the pgmq extension. At the moment if you trigger an upgrade, your pgmq extension will remain on version 1.4.4 until we fix this upgrade issue. We'll report back here when this is fixed. It will likely be fixed by an upstream contribution or fix of the extension itself, and a release of a version newer than 1.5.1

Again, once this issue is resolved we'll update this changelog issue, although users should still be aware of the potential breaking change

Launch week, Storage, Supabase CLI, Connection Pooling, Supabase UI, and Pricing. Here's what we released last month.

This is also available as a blog post and a video demo.

Supabase Storage#

Need to store images, audio, and video clips? Well now you can do it on Supabase Storage. It's backed by S3 and our new OSS storage API written in Fastify and Typescript. Read the full blog post.

Connection Pooling#

The Supabase API already handles Connection Pooling, but if you're connecting to your database directly (for example, with Prisma) we now bundle PgBouncer. Read the full blog post.

React UI Component Library#

We open sourced our internal UI component library, so that anyone can use and contribute to the Supabase aesthetic. It lives at ui.supabase.io . It was also the #1 Product of the Day on Product Hunt.

CLI#

Now you can run Supabase locally in the terminal with supabase start. We have done some preliminary work on diff-based schema migrations, and added some new tooling for self-hosting Supabase with Docker. Blog post here.

OAuth Scopes#

Thanks to a comunity contribution (@_mateomorris and @Beamanator), Supabase Auth now includes OAuth scopes. These allow you to request elevated access during login. For example, you may want to request access to a list of Repositories when users log in with GitHub. Check out the Documentation.

Kaizen#

• You can now manage your PostgREST configuration inside the Dashboard.
• Our website has been redesigned. Check out our new Homepage and Blog, and our new Database, Auth, and Storage product pages.
• We refactored some of our Filter methods to make them even easier to use. Check out the Full Text Search refactor.
• We have added several new sections to our Docs including: Local Dev, Self Hosting, and Postgres Reference docs (all still under development).

Supabase is an open source Firebase alternative. We've now been building for one year. Here's what we released last month.

This is also available as a blog post and a video demo.

Dashboard Sidebars#

We've improved the UX of our Dashboard with sidebars in every section, including the Table view, the Auth section, and the SQL Editor.

SQL Autocomplete#

Writing SQL just got 10x easier. We added autocomplete to the SQL editor, including table & column suggestions.

Auth Redirects#

Redirect your users to specific route within your site on signIn() and signUp().

Learning Resources#

We've released a new Resources section in our docs, as well as two new Auth modules: GoTrue Overview and Google OAuth.

New Region#

Launch your database in South Africa.

Kaizen#

• We filled up our Examples page with a lot of new content.
• We released a Docker Compose file for running Supabase locally. This will be used in our upcoming CLI.
• We have a couple of pending RFCs which you may want to participate in:
  • Planning our CLI and Local Development
  • Connection Pooling on Supabase

New year, new features. We've been busy at Supabase during January and our community has been even busier. Here's a few things you'll find interesting.

This is also available as a blog post and a video demo.

Count functionality#

Anyone who has worked with Firebase long enough has become frustrated over the lack of count functionality. This isn't a problem with PostgreSQL! Our libraries now have support for PostgREST's exact, planned, and estimated counts. A massive thanks to @dshukertjr for this adding support to our client library.

New Auth Providers#

We enabled 2 new Auth providers - Facebook and Azure. Thanks to @Levet for the Azure plugin, and once again to Netlify's amazing work with GoTrue to implement Facebook.

Auth Audit Trail#

We have exposed the audit trail directly in the dashboard, as well as the GoTrue logs. Great for security and debugging.

Auth UI widget#

In case our Auth endpoints aren't easy enough already, we've built a React Auth Widget for you to drop into your app and to get up-and-running in minutes.

New auth.email() function#

We added a helper function for extracting the logged in user's email address.

New Regions#

Launch your database in London or Sydney!

Copy rows as Markdown#

You can now copy SQL results as Markdown - super useful for adding to blogs and issues.

React server components#

If you're excited by React Server components then check out the Supabase + Server Components experimental repo. https://github.com/supabase/next-server-components

Learn#

We know that Auth can be a bit daunting when you're just starting out, so we have created some intro videos to get you up to speed in no time:

• Supabase Auth Deep Dive Part 1: JWTs
• Supabase Auth Deep Dive Part 2: Restrict Table Access
• Supabase Auth Deep Dive Part 3: User Based Access Policies

Kaizen#

• Performance: We migrated all of our subdomains to Route53, implementing custom Let's Encrypt certs for your APIs. As a result, our read benchmarks are measuring up 12% faster.
• Performance: We upgrade your databases to the new GP3 storage for faster and more consistent throughput.