Supabase

Edge functions now run fully offline with a bundled Go edge-runtime and automatic retries on cold-start errors. Core database and storage commands (db diff, db pull, db dump, db query, functions, storage operations) are now TypeScript-native with exact Go CLI behavior parity. New configuration options include local SMTP, Auth email templates from file paths, and Docker registry fallbacks.

RS256 signing keys can now be backed by AWS KMS. SAML now supports zero-downtime service provider key rotation, allowing key changes without disrupting active sessions.

High-availability projects can now be created through the CLI for redundancy and better uptime, and new projects use pg-delta as the schema diff engine for db diff and db pull by default. Network reliability improved with IPv4 auto-retry for db dump and db pull on IPv6-only networks, plus bug fixes for symlinked files in storage seeding, blank passwords, and schema backslash escaping.

JSON config file support has been added, and custom OIDC discovery URLs are now supported for non-standard configurations. Also fixed Azure issuer validation and improved WebAuthn configuration handling.

Preserves a valid session on auth refresh failure and cooldown repeat failures. Clarified a realtime httpSend() 404 error and server migration note.

New public schema objects are no longer exposed through the Data API by default, matching the new hosted-project default and requiring explicit GRANTs for access. Function deployments now retry rate limits, and Supabase branches can be linked to Git branches at creation time.

Fixed PostgREST then typing issue.

The auth.resend() method now provides a consistent confirmation flow. Fixed auth errors being logged to console when already returned through the API contract, and request headers are now passed as plain objects for React Native and custom-fetch compatibility.

New local projects now include vector buckets by default. Environment variables for S3 and Supabase key are automatically injected into the local Studio container. Fixed db diff failures with edge-runtime containers due to port binding, and telemetry opt-out preference now persists across CLI sessions. The init, link, unlink, login, and logout commands are now served by the TypeScript shell with behavior matching the Go CLI.

Multigres v0.1 alpha is now open source, delivering a scalable operating system for Postgres with advanced connection pooling, automatic failover, and a Kubernetes operator. The system treats high availability as a consensus problem, supports user-defined durability policies, and includes pgBackRest-based backup orchestration. Sharding, the flagship feature, is planned for future releases; v0.1 is a single-shard cluster with HA and pooling.

Supabase closed a $500M Series F at $10B pre-money valuation, led by GIC with participation from existing investors and new backers including Stripe, Georgian, and Salesforce Ventures. The company released Multigres v0.1 alpha, an open-source, self-hostable scalable operating system for Postgres offering high availability and operational simplicity, with production-readiness targeted in a few months and future Vitess-grade horizontal scaling planned.

Removed navigator.locks-based mutex from auth in favor of a commit guard with dispose() method. Fixed getClaims to return AuthInvalidJwtError for expired JWTs, implicit grant gate to recognize ?error= redirects, and PostgREST to return structured errors for non-JSON bodies on successful responses. Also reverted a prior OAuth client-id encoding fix and updated X-Client-Info to use structured metadata format.

2.102.0 (2026-05-29)

Bug Fixes

• cli: restore completion subcommand tree i...

There has been a growing trend of supply chain attacks on Node Package Manager (NPM). In addition, we have seen other creative attacks, including a ty...

2.106.2 (2026-05-25)

🩹 Fixes

• auth: restore signup user response (#2391)
• **misc:...

2.101.0 (2026-05-21)

Bug Fixes

• alias and telemetry docs link ([#5301](https:...

2.106.1 (2026-05-20)

🩹 Fixes

• auth: encode client-id in oauth requests (#2383)
• *...