Changelog

In a forthcoming release within approximately 3 weeks, pg_graphql will be disabled by default on new Supabase projects.

This change aligns pg_graphql with our security-first approach of minimizing exposed API surface area by default. Services and extensions that expose schema metadata are now opt-in rather than opt-out, reducing the default attack surface for new projects.

Who is affected:

New projects will no longer have pg_graphql enabled automatically

Existing projects older than 30 days with zero graphql requests will also have the extension disabled (where previously it was enabled by default). Existing projects with requests will be unaffected.

Action required: If your application relies on GraphQL, you can enable pg_graphql manually via the Database Extensions page in your dashboard. You can also add create extension pg_graphql to your migrations as well if you wish to keep using pg_graphql

We continue to fully support pg_graphql for projects that need it. This change simply ensures it's an intentional choice rather than a default.

We'll follow up on this thread with links to relevant documents for actions required.

Saving SQL snippets now works in the local Studio! This has been a top community request for a long time, and we’re happy to finally release it.

You can save SQL snippets directly while working in the local Studio via the CLI. Snippets are stored in supabase/snippets, making them easy to commit to Git and share with your team working in the same repo—or ignore entirely with .gitignore if you prefer.

Your saved snippets automatically appear in Studio, just like they do in the hosted Dashboard.

This feature is available since CLI v2.72.7. You can check the version by running supabase -v.

Here’s everything that happened with Supabase in the last month:

Update on security progress and roadmap#

Learn about all the security features we added last year and our 2026 roadmap.

[Blog Post]

Stripe Sync Engine in the Supabase Dashboard#

One-click integration for the Stripe Sync Engine directly in the Supabase dashboard. Query your customers, subscriptions, invoices, and payments using standard SQL.

[Blog Post]

Enhanced docs for the Metrics API#

Better guidance on how to stream Supabase database telemetry into any Prometheus-compatible observability stack.

[Blog Post]

Build ChatGPT apps with Supabase and mcp-use#

Learn how to build ChatGPT apps that connect to your Supabase database. Use mcp-use, an open source SDK that makes it easy to deploy MCP Servers on Supabase Edge Functions.

[Blog Post]

Index Advisor in Table Editor#

It’s now much easier to detect missing indexes in your database.

[Twitter]

Quick Product Announcements#

• Supabase is now in the top-100 repos on GitHub. [Twitter]
• Data API upgraded to PostgREST v14. [GitHub]
• Python Type Generation in the CLI. [Twitter]
• Three new quick starts in docs for Expo React Native, TanStack Start, and Flask. [Twitter]
• Explain/Analyze diagrams are now available in the Supabase Dashboard. [Twitter]

Update: v14 is now available worlwide :world_map:

Hey everyone, PostgREST v14 is now available for new projects on the ap-northeast-1 region. Please try it out and give us your feedback!

v14 will be available for other regions over the next week.

Notable Features#

JWT cache#

This increases throughput of all requests (~20% more RPS for GET requests according to our benchmarks). It's enabled by default.

This comes at the expense of a bit more memory usage, if you see any problems you can disable the JWT cache with:

Faster schema cache loading#

For complex databases, we've improved the schema cache loading time (from 7 minutes to 2 seconds on a complex real-world database). No configuration knob needed for this, it's done by default.

Breaking Changes#

No breaking changes expected for Supabase users.

Full Changelog#

You can see the full changelog at https://github.com/PostgREST/postgrest/releases/tag/v14.0.

Here’s everything that happened with Supabase in the last month. Be sure to keep reading for a special gift:

Supabase ETL#

A change-data-capture pipeline that continuously replicates data from Supabase Postgres to external destinations, starting with Iceberg. Available in private alpha now.

[Blog Post]

Analytics Buckets#

Specialized storage buckets built on Apache Iceberg and AWS S3 Tables that provide columnar storage for analytical workloads while maintaining compatibility with the Postgres interface. Available in public alpha now.

[Blog Post]

Vector Buckets#

Vector Buckets are a specialized bucket type built on Amazon S3 Vectors. They are cold storage for your embeddings, with a query engine attached. Available in public alpha now.

[Blog Post]

iceberg-js#

A minimal, vendor-agnostic JavaScript client for the Apache Iceberg REST Catalog API.

[Blog Post]

Supabase Platform#

A white-label offering that lets platforms provision and manage fully managed backends on behalf of their users

[Blog Post]

New Auth Templates#

We now include more email templates to handle security-sensitive changes to you app, including password changed, email changed, phone number changed, identity linked or unlinked, multi-factor authentication enrolled or unenrolled, and more.

[Blog Post]

Sign in with [Your App]#

You can now turn your project into a full-fledged identity provider. You’ve heard about “Sign in With Google,” now you can build “Sign in With [Your App].” The immediate catalyst for this is that soon you can build MCP servers that use Supabase Auth in your app to authenticate the user.

[Blog Post]

Supabase power for Amazon Kiro#

With these powers for [Amazon’s Kiro IDE](https://www.kiro.dev), you can build full-stack applications faster by giving Kiro deep knowledge of your Supabase project, best practices for database migrations, edge functions, and security policies.

[Blog Post]

Supabase in the AWS Marketplace#

You can now purchase Supabase through the AWS Marketplace, which means that if your company has an AWS spend-commit you can use it to purchase Supabase.

[LinkedIn]

Quick Product Announcements#

• We’ve added asynchronous streaming to Postgres Foreign Data Wrappers. [Blog Post]
• We now support deploying legacy NodeJS applications as Edge Functions.
• You can now download Edge Functions from the Supabase CLI without Docker.
• You can now bulk paste and edit individual secrets for Edge Functions.

Manage Vector Buckets from the dashboard#

We're rolling out management of Vector Buckets where you can store, index, and query your vector embeddings at scale! 📈

Vector Buckets is currently in Public Alpha, hence expect rapid changes and possible breaking updates as we expand access to make this increasingly available to everyone. 🙂🙏

Analytics Buckets is also currently in Public Alpha if that might interest you too! 🙏

What we'd like to know from you#

• Any bugs / issues that you might run into when using Vector Buckets
• Any UX friction that you might run into when managing Vector Buckets through the dashboard
• Any use cases for Analytics Buckets, and how we might be able to improve the DX to support your development / workflow

Related Links#

Dashboard: https://supabase.com/dashboard/project/_/storage/vectors Documentation: https://supabase.com/docs/guides/storage/vector/introduction

Another brief summary of changes that went into the dashboard over the past 2 weeks 🙂 🙏

Update to the Storage UI#

This was mentioned in the previous changelog announcement but we've recently updated the UI of the storage section in the dashboard as we're expanding the product with 2 new types of buckets - Analytics and Vectors 🙂

We'll have more information regarding these 2 buckets in the near future, but if you might be interested in Analytics Buckets, we've got a separate discussion here where we're hoping to get some feedback once it becomes available! 🙏🙂 Watch this space!

PR: https://github.com/supabase/supabase/pull/40076

Link: https://supabase.com/dashboard/project/_/storage/files

Other bug fixes and improvements#

Account

• Add settings to toggle Inline SQL Editor Panel via keyboard shortcut (PR)

Auth

• Support toggling security emails from respective templates page (Feature is behind a feature preview) (PR)
• Default users search to be on the emails column instead of user ID (PR)

Storage

• Virtualize rendering of buckets to support rendering a large number of buckets in UI (PR)
• Added search support to search on bucket names for bucket policies page (PR)

Database

• Adds a link from trigger list to the corresponding database function, and a link to the table in the Table Editor (PR)

Edge Functions

• Fix code editor warnings overflowing issue (PR)

Table Editor

• Fix mobile menu closing when changing schema (PR)
• Hide row actions and separators for tables in protected schemas (PR)
• Fix empty state drag drop zone to handle non CSV file types (PR)
• Fix Table Editor not horizontally scrollable when there's no rows (PR)
• Link to policies page to use table name as search param instead of table ID (PR)
• Persist sort preferences within "Select foreign key record" sheet (PR)

Support Form

• Automatically select the organization in the support form if navigating to support form from an organization page (PR)

Letting users know about security-sensitive actions on their account is an increasingly common authentication feature.

We’re excited to announce an expansion of our email templates to handle these these types of events, beginning with:

• Password changed
• Email changed
• Phone number changed
• Identity linked or unlinked
• Multi-factor authentication enrolled or unenrolled

You can find documentation—including for our API—here. The list of templates will continue to grow as our feature-set changes, and as we gather feedback from our community.

[!NOTE] To enable the feature preview, click your profile avatar, click Feature previews and enable Security notification templates.

What we’d like to know from you#

• Any bugs or issues you run into when using email templates
• Any friction you run into when managing email templates through the Supabase dashboard
• Any additional use cases for email templates, and how we might be able to better support your workflow

Rollout plan#

• Changes are behind a feature preview in the dashboard
• Starting from 13th Nov 2025, we will roll out to the hosted platform first as incremental % rollout where users will be opted into the feature preview by default
• If you might want opt out of the changes, you may disable the changes via the feature previews which you can access through the user dropdown in the header here:

Related links#

• Dashboard: https://supabase.com/dashboard/project/_/auth/templates
• Documentation:
  • Email templates: https://supabase.com/docs/guides/auth/auth-email-templates
  • Send email hook: https://supabase.com/docs/guides/auth/auth-hooks/send-email-hook
  • Local Dev / CLI: https://supabase.com/docs/guides/local-development/customizing-email-templates

Manage Analytics Buckets from the dashboard#

We previously announced Supabase Analytics Bucket in Launch Week 15 and we've made much progress since then! You can use these buckets to store large datasets for analytics and reporting 📊

Analytics Buckets is currently in Public Alpha, hence expect rapid changes and possible breaking updates as we expand access to make this increasingly available to everyone. 🙂🙏

Vector Buckets are also now in Public Alpha if you might be interested as well 😄

What we'd like to know from you#

• Any bugs / issues that you might run into when using Analytics Buckets
• Any UX friction that you might run into when managing Analytics Buckets through the dashboard
• Any use cases for Analytics Buckets, and how we might be able to improve the DX to support your development / workflow

Related Links#

Dashboard: https://supabase.com/dashboard/project/_/storage/analytics

Waitlist: https://forms.supabase.com/analytics-buckets Youtube: https://www.youtube.com/watch?v=8poJ0f3Ucik Blog: https://supabase.com/blog/analytics-buckets Documentation: https://supabase.com/docs/guides/storage/analytics/introduction

Here's another brief summary of changes that went into the dashboard over the past 2 weeks 😄🙏

Upcoming: Storage UI update#

We'll be pushing out an update to our Storage UI within this week as part of revisiting the information architecture of the dashboard, given that Supabase Storage isn't only about file storage but also analytics and vectors! 😉🗂️. This sets up the necessary changes required to support the other storage types that will come soon to the dashboard some time this week (or next)! 🙏 There's no other changes besides this (the file explorer of your file buckets remains the same 🙂🙏)

PR: https://github.com/supabase/supabase/pull/40076

Link: https://supabase.com/dashboard/project/_/storage/buckets

Auth Reports improvements#

We've shipped a number of updates to the Auth Reports, splitting reports into sections and making it easier to find the information that you need! 🙂🕵️ (Usage, Monitoring, Performance) These changes will allow you to see spikes in errors in the API and Auth servers, and you may also select a part of the chart to open them in the logs pages (Way more easier than combing through them in the Logs Explorer)

PR: https://github.com/supabase/supabase/pull/39013

Link: https://supabase.com/dashboard/project/_/reports/auth

Additional settings for Realtime#

We've added the following 3 settings that can be configured for your project through the realtime settings page! ⚙️💨 Information regarding all configurable settings for Realtime can be found in our documentation here!

• Enable / Disable Realtime service
  • If disabled, no clients will be able to connect and new connections will be rejected
• Max presence events per second
  • Maximum number of presence events per second that can be sent to your Realtime service
• Max payload size in KB
  • Maximum number of payload size in KB that can be sent to your Realtime service

PR: https://github.com/supabase/supabase/pull/39566

Link: https://supabase.com/dashboard/project/_/realtime/settings

Support for Sentry Log Drains#

You can now send your project logs to Sentry as a third party destination! 🙂🪵 Read more about this in our documentation here!

PR: https://github.com/supabase/supabase/pull/39442

Link: https://supabase.com/dashboard/project/_/settings/log-drains

Other bug fixes and improvements#

General

• Simplified UI for project while in a paused state (PR)

Auth

• Persist sort by search configuration, but only if number of users in database is < 10,000 (PR)

Database

• Add support for duplicating database functions (PR)
• Add support for duplicating database triggers (PR)
• Database functions link to triggers list if function has trigger return type (PR)
• Database triggers link to table editor and functions list if for the table and function of the trigger respectively (PR)

Edge Functions

• Added support for drag and drop to add files while editing an edge function (PR)

Storage

• Add virtualization for buckets to support rendering a large number of buckets (PR)

Table Editor

• Fix schema not persisting when creating a table outside of the public schema (PR)

Reports

• Fix database reports "Database Connections" charts (PR)

Realtime

• Improved error messages when channel fails to join (PR)
• Add warning when updating realtime settings that clients will be disconnected (PR)