Supabase
Supabase JS
The SDK shifted toward hardening the error-handling pipeline and expanding type safety across PostgREST and storage. Error objects now serialize correctly to JSON across auth, functions, and storage modules, preventing silent failures in logging and debugging. PostgREST gained automatic retries for transient server errors and a stripNulls method to filter null values from queries, while signed URL handling improved with cacheNonce parameters for cache-busting and stricter type inference for computed columns. Realtime added copyBindings to duplicate channel subscriptions and now blocks postgres_changes listeners after joining, preventing accidental race conditions.
March brought resilience improvements to PostgREST and expanded auth capabilities. Automatic retries for transient errors now handle 503 responses and connection issues in PostgREST queries, while the auth module graduated custom OIDC/OAuth provider admin CRUD methods for managing identity providers. Realtime gained copyBindings functionality and now blocks setting postgres_changes listeners after channel join to prevent state inconsistencies.
Auth expanded its custom OAuth capabilities with admin CRUD methods for managing custom OIDC/OAuth providers, plus new controls like token_endpoint_auth_method and support for the custom: provider prefix. Storage gained a setHeader method on BaseApiClient, PostgREST enforced stricter type safety for table names in from(), and auth fixed Firefox content script security errors in lock handling along with a more lenient 5-second lock acquisition timeout.