惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

V2EX - 技术
V2EX - 技术
P
Privacy International News Feed
Security Latest
Security Latest
H
Hacker News: Front Page
T
Tenable Blog
The Hacker News
The Hacker News
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
S
Security @ Cisco Blogs
Project Zero
Project Zero
O
OpenAI News
AI
AI
Spread Privacy
Spread Privacy
C
CERT Recently Published Vulnerability Notes
The Last Watchdog
The Last Watchdog
G
GRAHAM CLULEY
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Scott Helme
Scott Helme
Application and Cybersecurity Blog
Application and Cybersecurity Blog
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
C
CXSECURITY Database RSS Feed - CXSecurity.com
NISL@THU
NISL@THU
A
Arctic Wolf
T
Threat Research - Cisco Blogs
PCI Perspectives
PCI Perspectives
N
News and Events Feed by Topic
C
Cyber Attacks, Cyber Crime and Cyber Security
C
Cybersecurity and Infrastructure Security Agency CISA
Simon Willison's Weblog
Simon Willison's Weblog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Know Your Adversary
Know Your Adversary
Google Online Security Blog
Google Online Security Blog
罗磊的独立博客
L
LINUX DO - 最新话题
U
Unit 42
S
Security Affairs
有赞技术团队
有赞技术团队
WordPress大学
WordPress大学
博客园 - 【当耐特】
T
The Exploit Database - CXSecurity.com
S
Schneier on Security
月光博客
月光博客
Engineering at Meta
Engineering at Meta
腾讯CDC
F
Full Disclosure
Cyberwarzone
Cyberwarzone
S
SegmentFault 最新的问题
Recorded Future
Recorded Future
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
博客园 - 司徒正美
The Cloudflare Blog

Supabase Blog

AI Agents Know About Supabase. They Don't Always Use It Right. Custom OIDC Providers for Supabase Auth 100,000 GitHub stars Supabase docs over SSH Navigating Regional Network Blocks Supabase Joins the Stripe Projects Developer Preview Log Drains: Now available on Pro Supabase Storage: major performance, security, and reliability updates Supabase incident on February 12, 2026 Hydra joins Supabase X / Twitter OAuth 2.0 is now available for Supabase Auth BKND joins Supabase Supabase is now an official Claude connector Supabase PrivateLink is now available Introducing: Postgres Best Practices When to use Read Replicas vs. bigger compute Introducing TRAE SOLO integration with Supabase Supabase Security Retro: 2025 Sync Stripe Data to Your Supabase Database in One Click Building ChatGPT Apps with Supabase Edge Functions and mcp-use Own Your Observability: Supabase Metrics API Introducing iceberg-js: A JavaScript Client for Apache Iceberg Introducing Supabase for Platforms Adding Async Streaming to Postgres Foreign Data Wrappers Build "Sign in with Your App" using Supabase Auth Introducing Seven New Email Templates for Supabase Auth The new Supabase power for Kiro Introducing Supabase ETL Introducing Analytics Buckets Introducing Vector Buckets Snap, Inc. Launches Snap Cloud, Powered by Supabase Triplit joins Supabase Supabase Series E 1000 Y Combinator Founders Choose Supabase gm 👋 web3, welcome aboard to Sign in with Web3 (Solana, Ethereum) Announcing the Supabase Remote MCP Server Enterprise speed, enterprise standards with Bolt Cloud + Supabase PostgREST 13 Lovable Cloud + Supabase: The Default Platform for AI Builders Processing large jobs with Edge Functions, Cron, and Queues Defense in Depth for MCP Servers OrioleDB Patent: now freely available to the Postgres community Supabase Launch Week 15 Hackathon Winner Announcement The Vibe Coder's Guide to Supabase Environments Testing for Vibe Coders: From Zero to Production Confidence The Vibe Coding Master Checklist Vibe Coding: Best Practices for Prompting Supabase Auth: Build vs. Buy Top 10 Launches of Launch Week 15 Supabase Launch Week 15 Hackathon Storage: 10x Larger Uploads, 3x Cheaper Cached Egress, and 2x Egress Quota Persistent Storage and 97% Faster Cold Starts for Edge Functions Algolia Connector for Supabase New Observability Features in Supabase Improved Security Controls and A New Home for Security Introducing Branching 2.0 Stripe-To-Postgres Sync Engine as standalone Library Supabase Analytics Buckets with Iceberg Support Create a Supabase backend using Figma Make Introducing JWT Signing Keys Supabase UI: Platform Kit Build a Personalized AI Assistant with Postgres Announcing Multigres: Vitess for Postgres Building on open table formats Open Data Standards: Postgres, OTel, and Iceberg Simplifying back-end complexity with Supabase Data APIs PostgreSQL Event Triggers without superuser access Top 10 Launches of Launch Week 14 Supabase MCP Server Data API Routes to Nearest Read Replica Declarative Schemas for Simpler Database Management Realtime: Broadcast from Database Keeping Tabs on What's New in Supabase Studio Edge Functions: Deploy from the Dashboard + Deno 2.1 Automatic Embeddings in Postgres Introducing the Supabase UI Library Supabase Auth: Bring Your Own Clerk Postgres Language Server: Initial Release Migrating from Fauna to Supabase Migrating from the MongoDB Data API to Supabase Dedicated Poolers Postgres as a Graph Database: (Ab)using pgRouting AI Hackathon at Y Combinator Calendars in Postgres using Foreign Data Wrappers Supabase Launch Week 13 Hackathon Winners How to Hack the Base! Running Durable Workflows in Postgres using DBOS database.build v2: Bring-your-own-LLM Restore to a New Project Hack the Base! with Supabase Top 10 Launches of Launch Week 13 Supabase Queues High Performance Disk Supabase Cron Supabase CLI v2: Config as Code Supabase Edge Functions: Introducing Background Tasks, Ephemeral Storage, and WebSockets Supabase AI Assistant v2 OrioleDB Public Alpha Executing Dynamic JavaScript Code on Supabase with Edge Functions ClickHouse Partnership, improved Postgres Replication, and Disk Management
supabase-js v2
Inian Parameshwaran, Alaister Young · 2022-08-16 · via Supabase Blog

supabase-js v2

Today we're publishing a release candidate for supabase-js v2, which focuses on “quality-of-life” improvements for developers.

Try it out by running npm i @supabase/supabase-js@rc

Nearly 2 years ago we released supabase-js v1. Since then it has been used in over 17K repositories and has grown to 50K weekly downloads. Supabase users give a lot of great feedback and we've learned some of the largest pain-points as a result.

This release focuses on solving these pain-points. At the same time we want to make the upgrade path for supabase-js as easy as possible, so we've been strategic about the changes we're making. We plan to follow this model going forward: incremental changes over huge rewrites.

Type support#

If you followed yesterday's announcement, you will have noticed that we added type generators to the CLI.


_10

supabase start

_10

supabase gen types typescript --local > DatabaseDefinitions.ts


These types can now be used to enrich your development experience:


_10

import type { Database } from './DatabaseDefinitions'

_10

_10

const supabase = createClient<Database>(SUPABASE_URL, ANON_KEY)

_10

_10

const { data } = await supabase.from('messages').select().match({ id: 1 })


ℹ️ Differences from v1

v1 also supported types, but the types were generated from the API rather than the database, so it lost a lot of detailed information. The library also required you to specify the definition in every method call, rather than at the client level.


_10

supabase.from<Database['Message']>('messages').select('*')



New Auth methods#

We're removing the signIn() method in favor of more explicit method signatures: signInWithPassword(), and signInWithOtp().


_11

// v2

_11

const { data } = await supabase.auth.signInWithPassword({

_11

email: 'hello@example',

_11

password: 'pass',

_11

})

_11

_11

// v1

_11

const { data } = await supabase.auth.signIn({

_11

email: 'hello@example',

_11

password: 'pass',

_11

})


This helps with type hinting. Previously it was difficult for developers to know what they were missing. A lot of developers didn't even realize they could use passwordless magic links.


Data methods return minimal by default#

The insert(), update(), and upsert() methods now require you to explicitly append select() if you want the data to be returned.


_10

// v2

_10

const { data } = await supabase.from('messages').insert({ id: 1, message: 'Hello world' }).select() // select is now explicitly required

_10

_10

// v1

_10

const { data } = await supabase.from('messages').insert({ id: 1, message: 'Hello world' }) // insert would also "select()"


This was another common question in our GitHub Discussions. While the idea of automatically returning data is great, developers often turn on Row Level Security (which is great), and then they forget to add a select Policy. It is a bit surprising that you need to add a select policy to do an insert, so we opted for the “principle of least surprise”. If you don't append select(), the data value will be an empty object: {}.

ℹ️ Differences from v1

Previously you could pass a returning: 'minimal' option to the insert(), update(), and upsert() statements. We've now made this the default behaviour.


Auth Admin methods#

We've move all server-side Auth methods from supabase.auth.api to supabase.auth.admin:


_10

// v2

_10

const { data: user, error } = await supabase.auth.admin.listUsers()

_10

_10

// v1

_10

const { data: user, error } = await supabase.auth.api.listUsers()


All admin methods expect a SERVICE_ROLE key. This change makes it clear that any methods under the admin namespace should only be used on a trusted server-side environment.


Async Auth overhaul#

We've rebuilt the Auth library, making it async for almost all methods.


_10

// v2

_10

const { data } = await supabase.auth.getSession()

_10

_10

// v1

_10

const { data } = supabase.auth.session()


This solves the “getting logged out” issue, which has been a recurring challenge in our GitHub Discussions.

ℹ️ Improvements from v1

The previous implementation had a race condition when refreshing the auth token across multiple tabs. The async re-write forces the library to wait for a valid/invalid session before taking any action.


Scoped constructor config#

We're being much more explicit about the modular approach that supabase-js uses:


_18

const supabase = createClient(apiURL, apiKey, {

_18

db: {

_18

schema: 'public',

_18

},

_18

auth: {

_18

autoRefreshToken: true,

_18

persistSession: true,

_18

},

_18

realtime: {

_18

channels,

_18

endpoint,

_18

},

_18

// common across all libraries

_18

global: {

_18

fetch: customFetch,

_18

headers: DEFAULT_HEADERS,

_18

},

_18

})


This is clearer for developers - if you're only using some parts of Supabase, you only receive the hints for those parts.

ℹ️ Improvements from v1

We noticed a lot of confusion for the variable naming between each library. For example, Auth has a config parameter called "storageKey", which was was often confused with the storage-js library bundled in the supabase-js library.


Better Errors#

We've created error types for all of the sub-libraries in supabase-js. Here's a example for Edge Functions:


_11

import { FunctionsHttpError, FunctionsRelayError, FunctionsFetchError } from '@supabase/supabase-js'

_11

_11

const { data: user, error } = await supabase.functions.invoke('hello')

_11

_11

if (error instanceof FunctionsHttpError) {

_11

console.log('Function returned an error', error.message)

_11

} else if (error instanceof FunctionsRelayError) {

_11

console.log('Relay error:', error.message)

_11

} else if (error instanceof FunctionsFetchError) {

_11

console.log('Fetch error:', error.message)

_11

}



Improvements for Edge Functions#

supabase-js now automatically detects the content type for the request/response bodies for all Edge Function invocations:


_10

// v2

_10

const { data: user, error } = await supabase.functions.invoke('hello', {

_10

body: { foo: 'bar' },

_10

})

_10

_10

// v1

_10

const { data: user, error } = await supabase.functions.invoke('hello', {

_10

headers: { 'Content-Type': 'application/json' }

_10

body: JSON.stringify({ foo: 'bar' }),

_10

})


This improvement inspired by a Supabase community member. Thanks @vejja!


Multiplayer Sneak Peek#

There is a new channel() interface which are releasing in v2. This is a "preparatory" release for our upcoming multiplayer features.


_10

supabase

_10

.channel('any_string_you_want')

_10

.on('presence', { event: 'track' }, (payload) => {

_10

console.log(payload)

_10

})

_10

.subscribe()


As part of this change, the old from().on().subscribe() method for listening to database changes will be changing:


_23

// v2

_23

supabase

_23

.channel('any_string_you_want')

_23

.on(

_23

'postgres_changes',

_23

{

_23

event: 'INSERT',

_23

schema: 'public',

_23

table: 'movies',

_23

},

_23

(payload) => {

_23

console.log(payload)

_23

}

_23

)

_23

.subscribe()

_23

_23

// v1

_23

supabase

_23

.from('movies')

_23

.on('INSERT', (payload) => {

_23

console.log(payload)

_23

})

_23

.subscribe()


You can listen to PostgreSQL database changes on any channel you want by subscribing to the 'postgres_changes' event. For now, we will continue to support from().on().subscribe(), but in the future we will deprecate this in favor of the channel().on().subscribe() method.


Version 2.0 is the result of the combined work of over 100 contributors to our libraries, and over 450 contributors to our docs and websites. If you're one of those contributors, thank you.

Special shout outs to: @vejja, @pixtron, @bnjmnt4n, and @karlseguin.

Update today by running:


_10

npm i @supabase/supabase-js@2


Migration guide

We'll continuing merging security fixes to v1, with maintenance patches for the next three months.