Files
backend_supabase/CHANGELOG.md
Elzo codeur cb7c512c57 first commit
2026-06-11 21:28:31 +00:00

32 KiB

Changelog

All notable changes to the Supabase self-hosted Docker configuration.

Changes are grouped by service rather than by change type. See versions.md for complete image version history and rollback information.

See per-service updates below for details. Only the most important changes relevant to self-hosted Supabase are included here. For the full list of changes, refer to the release notes and changelogs of each individual service.

Note: Configuration updates marked with "requires [...] update" are already included in the latest version of the repository. Pull the latest changes or refer to the linked PR for manual updates. After updating docker-compose.yml, pull the latest images and recreate containers - use docker compose pull && docker compose down && docker compose up -d.


Unreleased

⚠️ Upcoming changes: Check the main Supabase changelog for updates:


[2026-06-03]

⚠️ Note: This update includes important changes. Please check the details below.

Configuration

  • ⚠️ Logs and analytics are now optional and were removed from the default docker-compose.yml. A new docker-compose.logs.yml override has been added. Check the main configuration guide and the changes to Studio below for more information - PR #45327 (via @luizfelmach)
  • ⚠️ Added COMPOSE_FILE to .env.example for configuring compose overrides (also used by run.sh) - PR #45603

Documentation

  • Added a new reference list of all configuration environment variables - PR #46124
  • Updated the main installation and configuration guide (added "quick start" path and opt-in for logs and analytics; removed the legacy JWT secrets generator) - PR #46416, PR #45359
  • Updated the logs and analytics how-to guide - PR #46452

Utils

  • Added setup.sh and run.sh to support quick start and easier management of the compose configuration - PR #45603
  • Updated utils/add-new-auth-keys.sh and utils/rotate-new-api-key.sh to remove the dependency on OpenSSL and Node.js - PR #45941
  • Updated tests/test-container-logs.sh to skip checks for kong, analytics and vector when the services are not running - PR #46099

API gateway

  • Updated Envoy version to 1.38.0 (see docker-compose.envoy.yml) - PR #46023
  • Updated Envoy configuration to address a discrepancy in API key checking (requires volumes/api/envoy update) - PR #46023

Studio

  • Updated to 2026.06.03-sha-0bca601
  • ⚠️ Added ENABLED_FEATURES_LOGS_ALL to Studio service configuration (requires docker-compose.yml update) - PR #45327
  • ⚠️ Added SUPABASE_PUBLISHABLE_KEY and SUPABASE_SECRET_KEY to Studio service configuration (requires docker-compose.yml update) - PR #46173
  • ⚠️ Added start_period to Studio healthcheck for more reliable cold-boot on slower hosts (requires docker-compose.yml update) - PR #45327
  • Fixed incorrect connection strings in the connect sheet for self-hosted environments - PR #46217
  • Updated project home and functions page, and added a minimal project settings implementation - PR #46544, PR #46550, PR #46554

Auth

  • Updated to v2.189.0 - Changelog | Release
  • ⚠️ Added GOTRUE_JWT_ISSUER to Auth service configuration (requires docker-compose.yml update) - PR #46020

PostgREST

Realtime

Storage

Postgres Meta

Edge Runtime

Supavisor

  • Updated to 2.9.5 - Release
  • Added POSTGRES_HOST to Supavisor service configuration (requires docker-compose.yml and volumes/pooler/pooler.exs update) - PR #41273

Analytics (Logflare)

  • Updated to 1.43.1 - Release
  • ⚠️ Changed default docker-compose.yml to no longer include logs & analytics. Read more in Supabase's changelog - PR #45327

[2026-04-27]

Configuration

  • ⚠️ Added docker-compose.envoy.yml and volumes/api/envoy. See also the API gateway updates below - PR #43838
  • ⚠️ Changed Studio healthcheck and some other configuration for better compatibility with Podman (requires docker-compose.yml update) - PR #44754
  • ⚠️ Changed Studio configuration to bind to all IPv4 interfaces only (requires docker-compose.yml update) - PR #44772

Documentation

  • Added a new how-to describing how to switch from supabase_admin to postgres role for Studio - PR #42975 (via @singh-inder)
  • Added a new how-to for configuring Envoy as the new API gateway - PR #45152
  • Updated the main setup guide and the how-tos to reflect the state of the self-hosted Supabase configuration - PR #45011

Utils

  • ⚠️ Added utils/reassign-owner.sh to update database objects. Read more in the "Remove superuser access" how-to guide - PR #42975
  • ⚠️ Changed utils/add-new-auth-keys.sh to also update docker-compose.yml - PR #45056

API gateway

  • ⚠️ Added Envoy as the new optional API gateway (requires docker-compose.envoy.yml, volumes/api/envoy, and volumes/logs/vector.yml update) - PR #43838 (via @luizfelmach)

Studio

  • Updated to 2026.04.27-sha-5f60601
  • ⚠️ Added 4 new lints to the Security Advisor. Read more about lint rules 0026 - 0029 in the Performance and Security Advisors section of the Supabase documentation - PR #45253, PR #45260

[2026-04-08]

Documentation

Utils

API gateway

  • ⚠️ Added configuration for SAML SSO (requires .env, docker-compose.yml and volumes/api/kong.yml update) - PR #43385 (via @luizfelmach)

Studio

  • Updated to 2026.04.08-sha-205cbe7

PostgREST

Storage

imgproxy

  • Changed IMGPROXY_ENABLE_WEBP_DETECTION environment variable to IMGPROXY_AUTO_WEBP (requires .env and docker-compose.yml update) - PR #43919

Postgres Meta

Analytics (Logflare)

Postgres

  • ⚠️ Added docker-compose.pg17.yml override - PR #44147
  • ⚠️ Added utils/upgrade-pg17.sh - PR #44147
  • ⚠️ Added documentation explaining the upgrade to Postgres 17

[2026-03-16]

⚠️ Note: This update includes important changes. Please check the details below. The following configuration files have been added/updated: utils/add-new-auth-keys.sh, utils/rotate-new-api-keys.sh, docker-compose.yml, .env.example, docker-compose.s3.yml, docker-compose.rustfs.yml, volumes/api/kong.yml, volumes/api/kong-entrypoint.sh, docker-compose.caddy.yml, docker-compose.nginx.yml, volumes/functions/main/index.ts, and volumes/proxy.

Configuration

  • ⚠️ Added scripts and templates to support the new API key format (sb_ API keys) and the new asymmetric authentication. Check the how-to guide for detailed instructions - PR #43554
  • Added optional proxy configuration for Caddy and nginx. Read the how-to guide to learn more - PR #43291

Documentation

Utils and tests

  • Added utils/add-new-auth-keys.sh and utils/rotate-new-api-keys.sh - PR #43554
  • Added tests/ with 100+ test cases - PR #43573

Studio

  • Updated to 2026.03.16-sha-5528817
  • ⚠️ Added the link to the Data API page in Integrations - PR #43268
  • ⚠️ Added PGRST_DB_SCHEMAS, PGRST_DB_EXTRA_SEARCH_PATH, and PGRST_DB_MAX_ROWS to Studio configuration (requires docker-compose.yml update) - PR #43268

MCP Server

API gateway

  • ⚠️ Updated Kong to 3.9.1 - PR #43554

PostgREST

Realtime

  • ⚠️ Added mandatory METRICS_JWT_SECRET environment variable (requires docker-compose.s3.yml update) - PR realtime#1729

Storage

  • Updated to v1.44.2 - Release
  • ⚠️ Added STORAGE_PUBLIC_URL environment variable to simplify proxy configuration (requires docker-compose.s3.yml update) - PR storage#900
  • ⚠️ Added RustFS as an optional S3 backend - PR #42935
  • ⚠️ Changed Docker Compose configuration for S3 backends to use named volumes - PR #43815

Edge Runtime

  • Updated to v1.71.2 - Release
  • ⚠️ Added SUPABASE_PUBLISHABLE_KEYS, SUPABASE_SECRET_KEYS, and SUPABASE_PUBLIC_URL environment variables (requires docker-compose.yml update)
  • ⚠️ Added an option for a "hybrid" JWT verification following the addition of the new API keys and the new asymmetric authentication (requires volumes/functions/main/index.ts update) - PR #42130
  • ⚠️ Added optional rate limiter - PR edge-runtime#670

[2026-02-18]

Storage

  • Changed MinIO image to use Chainguard minio and minio-client (requires docker-compose.s3.yml update) - PR #42942
  • Updated Storage image version to v1.37.8 in docker-compose.s3.yml
  • Removed imgproxy service from docker-compose.s3.yml to minimize redundancy - PR #42942
  • Fixed inconsistent storage service entry ordering in docker-compose.yml and docker-compose.s3.yml to improve diff readability - PR #42942

Edge Runtime

  • Added a deno-cache named volume to avoid re-downloading dependencies (requires docker-compose.yml and volumes/functions/* update) - PR #40822

[2026-02-16]

⚠️ Note: This update includes several breaking changes, including a security fix for Analytics. Please check the details below. The following configuration files have been updated: docker-compose.yml, .env.example, docker-compose.s3.yml, volumes/api/kong.yml, and volumes/logs/vector.yml.

Studio

  • Updated to 2026.02.16-sha-26c615c
  • Added Edge Functions management UI (requires docker-compose.yml update) - PR #40690, PR #42322, PR #42349, PR #42350

MCP Server

Auth

PostgREST

Realtime

Storage

  • Updated to v1.37.8 - Release
  • ⚠️ Changed environment variable configuration for Storage (requires docker-compose.yml, .env.example and .env update) - PR #37185, PR #42862
  • ⚠️ Added default configuration to access buckets via /storage/v1/s3 endpoint (requires docker-compose.yml and .env update) - PR #37185
  • ⚠️ Changed MinIO configuration for the S3 backend (requires docker-compose.s3.yml and .env update) - PR #37185

Edge Runtime

Analytics (Logflare)

  • Updated to 1.31.2 - Release
  • ⚠️ Changed default configuration to disable Logflare on 0.0.0.0:4000 to prevent access to /dashboard (requires docker-compose.yml update). Read more in the "Production Recommendations" section of Logflare documentation - PR #42857
  • ⚠️ Changed Kong routes to not include /analytics/v1 by default (requires /volumes/api/kong.yml update) - PR #42857

Vector

  • Updated to 0.53.0-alpine - Changelog | Release
  • ⚠️ Major version jump from 0.28.1 (requires volumes/logs/vector.yml update) - PR #42525
  • ⚠️ Changed Postgres sink configuration to bypass Kong (requires volumes/logs/vector.yml update) - PR #42857
  • ⚠️ Changed retry settings for all sinks to increase timeouts (requires volumes/logs/vector.yml update) - PR #42857

[2026-02-05]

Storage

  • Updated to v1.37.1 - Release
  • Fixed an issue with Storage not starting because of an issue with migrations - PR storage#845

[2026-01-27]

Studio

Auth

  • Updated to v2.185.0 - Changelog | Release
  • ⚠️ Fixed security-related issues

PostgREST

Realtime

  • Updated to v2.72.0 - Release
  • Changed healthchecks logging to off by default (requires docker-compose.yml update) - PR realtime#1677, PR #42156
  • Changed logging configuration and healthcheck frequency to reduce log volume (requires docker-compose.yml update) - PR #42112

Storage

imgproxy

Postgres Meta

Edge Runtime

Analytics (Logflare)

Postgres

  • No image update
  • Fixed Postgres logging configuration (requires volumes/logs/vector.yml update) - PR #41800

[2025-12-18]

Documentation

  • Updated self-hosting installation and configuration guide - PR #40901, PR #41438

Utils

  • Added utils/generate-keys.sh - PR #41363
  • Added utils/db-passwd.sh - PR #41432
  • Changed reset.sh to POSIX and added more checks - PR #41361

Studio

  • Updated to 2025.12.17-sha-43f4f7f
  • ⚠️ Fixed additional issues related to React2Shell
  • Fixed an issue with the Users page not being updated on changes - PR #41254

MCP Server

Auth

Postgres Meta

Analytics (Logflare)

  • Updated to 1.27.0 - Release
  • Fixed multiple issues, including a race condition

[2025-12-10]

Studio

  • Updated to 2025.12.09-sha-434634f
  • ⚠️ Fixed security issues related to React2Shell

MCP Server

  • Updated to v0.5.9 - Release
  • ⚠️ Changed MCP tool get_anon_key to get_publishable_keys

PostgREST

  • Updated to v14.1 - Changelog | Release
  • ⚠️ Major upgrade from v13.x to v14.x - please report any unexpected behavior

Realtime

Storage

Edge Runtime

Analytics (Logflare)


[2025-12-08]

Realtime

  • No image update
  • Changed boolean values to strings in Docker Compose for better compatibility with Podman - PR #40994, also PR realtime#1614
  • Changed healthcheck in Docker Compose for better compatibility with Podman - PR #41159

[2025-11-26]

Studio

  • Updated to 2025.11.26-sha-8f096b5
  • Fixed MCP get_advisors tool - PR #40783
  • Fixed AI Assistant request schema - PR #40830
  • Fixed log drains page - PR #40835

Realtime

Analytics (Logflare)

  • Updated to 1.26.13 - Release
  • Fixed crashdump when POSTGRES_BACKEND_URL is malformed - PR logflare#2954

[2025-11-25]

Studio

Auth

Realtime

Storage

Edge Runtime

Analytics (Logflare)

  • Updated to 1.26.12 - Release
  • Fixed Auth logs query - PR logflare#2936
  • Fixed build configuration to prevent crashes with "Illegal instruction (core dumped)" - PR logflare#2942

[2025-11-17]

Storage

  • No image update
  • Fixed resumable uploads for files larger than 6MB (requires docker-compose.yml update) - PR #40500

[2025-11-12]

Studio

  • Updated to 2025.11.10-sha-5291fe3 - Dashboard updates
  • Added log drains - PR #28297
  • Fixed Studio using postgres role instead of supabase_admin - PR #39946

Auth

Realtime

Storage

Edge Runtime

Supavisor


[2025-11-05]

Studio

  • No image update
  • Fixed Studio failing to connect to Postgres with non-default settings (requires docker-compose.yml update) - PR #40169

Realtime

  • No image update
  • Fixed realtime logs not showing in Studio (requires volumes/logs/vector.yml update) - PR #39963

[2025-10-28]

Studio

  • Updated to 2025.10.27-sha-85b84e0 - Dashboard updates
  • Fixed broken authentication when uploading files to Storage - PR #39829

Realtime

Storage

Postgres Meta

Edge Runtime


[2025-10-27]

Studio

  • No image update
  • Added Kong configuration for MCP server routes (requires volumes/api/kong.yml update) - PR #39849
  • Added documentation page for MCP server configuration - PR #39952

[2025-10-21]

Studio

Realtime

Storage

Postgres Meta

Edge Runtime

Supavisor


[2025-10-13]

Analytics (Logflare)


[2025-10-08]

Studio

  • Updated to 2025.10.01-sha-8460121 - Dashboard updates
  • Added "local" remote MCP server - PR #38797, PR #39041
  • ⚠️ Changed Studio connection method to postgres-meta - affects non-standard database port configurations

Auth

PostgREST

Realtime

Storage

Postgres Meta

Analytics (Logflare)

Postgres

Supavisor