From 9637fbad0f8404815534030620e8f205efb96269 Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 10 Jul 2026 12:20:07 +0000 Subject: [PATCH 01/19] chore(ci): pin Supabase CLI version explicitly Bump supabase devDependency to 2.109.1 and pin the same version explicitly in the setup-cli step of both the db-migrate and deploy-edge-functions workflows, since the action's auto-detect from package.json has proven unreliable. Closes #33 --- .github/workflows/_db_migrate.yml | 2 + .github/workflows/_deploy_edge_functions.yml | 2 + package.json | 2 +- pnpm-lock.yaml | 275 +++++++++---------- 4 files changed, 131 insertions(+), 150 deletions(-) diff --git a/.github/workflows/_db_migrate.yml b/.github/workflows/_db_migrate.yml index efa6bb59..8cbfeaf9 100644 --- a/.github/workflows/_db_migrate.yml +++ b/.github/workflows/_db_migrate.yml @@ -29,6 +29,8 @@ jobs: - uses: actions/checkout@v4 - uses: supabase/setup-cli@v2 + with: + version: 2.109.1 - name: Push migrations env: diff --git a/.github/workflows/_deploy_edge_functions.yml b/.github/workflows/_deploy_edge_functions.yml index 55db2176..b52596f4 100644 --- a/.github/workflows/_deploy_edge_functions.yml +++ b/.github/workflows/_deploy_edge_functions.yml @@ -29,6 +29,8 @@ jobs: - uses: actions/checkout@v4 - uses: supabase/setup-cli@v2 + with: + version: 2.109.1 - name: Deploy functions env: diff --git a/package.json b/package.json index 9467473a..73bbf716 100644 --- a/package.json +++ b/package.json @@ -125,7 +125,7 @@ "oxlint": "^1.11.1", "postcss": "^8.4.47", "prettier": "^3.6.2", - "supabase": "^2.58.5", + "supabase": "^2.109.1", "tailwindcss": "^3.4.11", "tsx": "^4.20.3", "typescript": "^5.5.3", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 07c1c869..c2971056 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -283,8 +283,8 @@ importers: specifier: ^3.6.2 version: 3.6.2 supabase: - specifier: ^2.58.5 - version: 2.58.5 + specifier: ^2.109.1 + version: 2.109.1 tailwindcss: specifier: ^3.4.11 version: 3.4.17 @@ -888,6 +888,12 @@ packages: '@date-fns/tz@1.4.1': resolution: {integrity: sha512-P5LUNhtbj6YfI3iJjw5EL9eUAG6OitD0W3fWQcpQjDRc/QIsL0tRNuO1PcDvPccWL1fSTXXdE1ds+l95DV/OFA==} + '@ecies/ciphers@0.2.6': + resolution: {integrity: sha512-patgsRPKGkhhoBjETV4XxD0En4ui5fbX0hzayqI3M8tvNMGUoUvmyYAIWwlxBc1KX5cturfqByYdj5bYGRpN9g==} + engines: {bun: '>=1', deno: '>=2.7.10', node: '>=16'} + peerDependencies: + '@noble/ciphers': ^1.0.0 + '@esbuild/aix-ppc64@0.25.10': resolution: {integrity: sha512-0NFWnA+7l41irNuaSVlLfgNT12caWJVLzp5eAVhZ0z1qpxbockccEt3s+149rE64VUI3Ml2zt8Nv5JVc4QXTsw==} engines: {node: '>=18'} @@ -1224,10 +1230,6 @@ packages: resolution: {integrity: sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==} engines: {node: '>=12'} - '@isaacs/fs-minipass@4.0.1': - resolution: {integrity: sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==} - engines: {node: '>=18.0.0'} - '@jridgewell/gen-mapping@0.3.13': resolution: {integrity: sha512-2kkt/7niJ6MgEPxF0bYdQ6etZaA+fQvDcLKckhy1yIQOzaoKjBBjSj63/aLVjYE3qhRt5dvM+uUyfCg6UKCBbA==} @@ -1247,6 +1249,18 @@ packages: '@jridgewell/trace-mapping@0.3.31': resolution: {integrity: sha512-zzNR+SdQSDJzc8joaeP8QQoCQr8NuYx2dIIytl1QeBEZHJ9uW6hebsrYgbz8hJwUQao3TWCMtmfV8Nu1twOLAw==} + '@noble/ciphers@1.3.0': + resolution: {integrity: sha512-2I0gnIVPtfnMw9ee9h1dJG7tp81+8Ob3OJb3Mv37rx5L40/b0i7djjCVvGOVqc9AEIQyvyu1i6ypKdFw8R8gQw==} + engines: {node: ^14.21.3 || >=16} + + '@noble/curves@1.9.7': + resolution: {integrity: sha512-gbKGcRUYIjA3/zCCNaWDciTMFI0dCkvou3TL8Zmy5Nc7sJ47a0jtOeZoTaMxkuqRo9cRhjOdZJXegxYE5FN/xw==} + engines: {node: ^14.21.3 || >=16} + + '@noble/hashes@1.8.0': + resolution: {integrity: sha512-jCs9ldd7NwzpgXDIf6P3+NrHh9/sD6CQdxHyjQI+h/6rDNo88ypBxxz45UDuZHz9r3tNz7N/VInSVoVdtXEI4A==} + engines: {node: ^14.21.3 || >=16} + '@nodelib/fs.scandir@2.1.5': resolution: {integrity: sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==} engines: {node: '>= 8'} @@ -2108,6 +2122,46 @@ packages: resolution: {integrity: sha512-Ejfa37M5xoIwoxVebxRahnwubPo8g22qkXQ4p50+N9MIvU9UZoN+A8dwVPtczzGf8oV/YXN80ZPxK4aWXuSN/A==} engines: {node: '>=20.0.0'} + '@supabase/cli-darwin-arm64@2.109.1': + resolution: {integrity: sha512-tkn8tfunyqIL7RE+7DVjg6Ql2cJLPkGgh9cPafp2LbXI0qDgds0TaS+UOTHQEjci8JQXXe2wS00+122ko2QI8A==} + cpu: [arm64] + os: [darwin] + + '@supabase/cli-darwin-x64@2.109.1': + resolution: {integrity: sha512-0Q5ZAoWhOyIv4ZzQOU8QbjjdB2JmznnDNyJ3VrIeuLMWoifVfUWaLZhHBNYzr4xXoxBpKrggomuAT8BaEhY3lg==} + cpu: [x64] + os: [darwin] + + '@supabase/cli-linux-arm64-musl@2.109.1': + resolution: {integrity: sha512-cXNOsSU7MS+jmslGQATTD4DfWBEIHiFi7LaBWyBxHmR7tzIiZXimUXgN26ZiQjfAxU+RZq52C3k0qhi7vmqXQw==} + cpu: [arm64] + os: [linux] + + '@supabase/cli-linux-arm64@2.109.1': + resolution: {integrity: sha512-MS1djJjq5laD99+jYJUoARfSZhzRX9aXmo5piZ1yl2JXb9IXTuhiTD5olkFKQcgNckRcAZqMf4fucQGTYC767A==} + cpu: [arm64] + os: [linux] + + '@supabase/cli-linux-x64-musl@2.109.1': + resolution: {integrity: sha512-zeD9MrZpEKJrjkSPcYp4nZeGJ9FQt0i/kiRij4ZprPP6R5l+SLi6Pk20ln+Vj/GZuWTVxX7IHJ11pgViaReAWw==} + cpu: [x64] + os: [linux] + + '@supabase/cli-linux-x64@2.109.1': + resolution: {integrity: sha512-svFmamF/vIq4/oinwY50jDi869itC9/GWrPaGtsHFkK4NUBcQtl1T37WWIivGsXwbBKNC4FjZD3dGqjL7bfW1g==} + cpu: [x64] + os: [linux] + + '@supabase/cli-windows-arm64@2.109.1': + resolution: {integrity: sha512-NeKzgWAOpglnLwMTggTp5t44fbkfxACLkQNlCRx0q332HMM3WqsKQUsHv1MHc6ZbEc5bcMwaYjqPNI/aOWnP5g==} + cpu: [arm64] + os: [win32] + + '@supabase/cli-windows-x64@2.109.1': + resolution: {integrity: sha512-L9/pDLM+4IR8646aT69ZDVcnJeg1lZZsB26ZgI775S3f8jOHP41+1UH9Oq1g9CvKiAQviuaLgtwkuvi0I/cc/A==} + cpu: [x64] + os: [win32] + '@supabase/functions-js@2.105.4': resolution: {integrity: sha512-JVNKbBft3Qkja+WlGaE026AJ2AH9K0UTsxsfvEIHgd4zFrBor4BYRCrYFrv9IDsvVqkF72wKDsODJl5GY/C4tA==} engines: {node: '>=20.0.0'} @@ -2624,10 +2678,6 @@ packages: bidi-js@1.0.3: resolution: {integrity: sha512-RKshQI1R3YQ+n9YJz2QQ147P66ELpa1FQEg20Dk8oW9t2KgLbpDLLp9aGZ7y8WHSshDknG0bknqGw5/tyCs5tw==} - bin-links@6.0.0: - resolution: {integrity: sha512-X4CiKlcV2GjnCMwnKAfbVWpHa++65th9TuzAEYtZoATiOE2DQKhSp4CJlyLoTqdhBKlXjpXjCTYPNNFS33Fi6w==} - engines: {node: ^20.17.0 || >=22.9.0} - binary-extensions@2.3.0: resolution: {integrity: sha512-Ceh+7ox5qe7LJuLHoY0feh3pHuUDHAcRUeyL2VYghZwfpkNIy/+8Ocg0a3UuSoYzavmylwuLWQOf3hl0jjMMIw==} engines: {node: '>=8'} @@ -2677,10 +2727,6 @@ packages: resolution: {integrity: sha512-7VT13fmjotKpGipCW9JEQAusEPE+Ei8nl6/g4FBAmIm0GOOLMua9NDDo/DWp0ZAxCr3cPq5ZpBqmPAQgDda2Pw==} engines: {node: '>= 8.10.0'} - chownr@3.0.0: - resolution: {integrity: sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==} - engines: {node: '>=18'} - class-variance-authority@0.7.1: resolution: {integrity: sha512-Ka+9Trutv7G8M6WT6SeiRWz792K5qEqIGEGzXKhAE6xOWAY6pPH8U+9IY3oCMv6kqTmLsv7Xh/2w2RigkePMsg==} @@ -2696,10 +2742,6 @@ packages: resolution: {integrity: sha512-eYm0QWBtUrBWZWG0d386OGAw16Z995PiOVo2B7bjWSbHedGl5e0ZWaq65kOGgUSNesEIDkB9ISbTg/JK9dhCZA==} engines: {node: '>=6'} - cmd-shim@8.0.0: - resolution: {integrity: sha512-Jk/BK6NCapZ58BKUxlSI+ouKRbjH1NLZCgJkYoab+vEHUY3f6OzpNBN9u7HFSv9J6TRDGs4PLOHezoKGaFRSCA==} - engines: {node: ^20.17.0 || >=22.9.0} - cmdk@1.1.1: resolution: {integrity: sha512-Vsv7kFaXm+ptHDMZ7izaRsP70GgrW9NBNGswt9OZaVBLlE0SNpDq8eu/VGXyF9r7M0azK3Wy7OlYXsuyYLFzHg==} peerDependencies: @@ -2776,10 +2818,6 @@ packages: csstype@3.1.3: resolution: {integrity: sha512-M1uQkMl8rQK/szD0LNhtqxIPLpimGm8sOBwU7lLnCpSbTyY3yeU1Vc7l4KT5zT4s/yOxHH5O7tIuuLOCnLADRw==} - data-uri-to-buffer@4.0.1: - resolution: {integrity: sha512-0R9ikRb668HB7QDxT1vkpuUBtqc53YyAwMwGeUFKRojY/NWKvdZ+9UYtRfGmhqNbRkTSVpMbmyhXipFFv2cb/A==} - engines: {node: '>= 12'} - data-urls@6.0.0: resolution: {integrity: sha512-BnBS08aLUM+DKamupXs3w2tJJoqU+AkaE/+6vQxi/G/DPmIZFJJp9Dkb1kM03AZx8ADehDUZgsNxju3mPXZYIA==} engines: {node: '>=20'} @@ -2861,6 +2899,10 @@ packages: eastasianwidth@0.2.0: resolution: {integrity: sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==} + eciesjs@0.5.0: + resolution: {integrity: sha512-s0J9SEVYAEPg7J63GFMApLYzPH9VNIQIyC6s15JpnqVc0TqcKWdbgFlnAweEBRyMmko2dcs2sfC83Hj4J43tuA==} + engines: {bun: '>=1', deno: '>=2.7.10', node: '>=16'} + ejs@3.1.10: resolution: {integrity: sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==} engines: {node: '>=0.10.0'} @@ -2990,10 +3032,6 @@ packages: picomatch: optional: true - fetch-blob@3.2.0: - resolution: {integrity: sha512-7yAQpD2UMJzLi1Dqv7qFYnPbaPx7ZfFK6PiIxQ4PfkGPyNyl2Ugx+a/umUonmKqjhM4DnfbMvdX6otXq83soQQ==} - engines: {node: ^12.20 || >= 14.13} - fflate@0.4.8: resolution: {integrity: sha512-FJqqoDBR00Mdj9ppamLa/Y7vxm+PRmNWA67N846RvsoYVMKB4q3y/de5PA7gUmRMYK/8CMz2GDZQmCRN1wBcWA==} @@ -3018,10 +3056,6 @@ packages: resolution: {integrity: sha512-gIXjKqtFuWEgzFRJA9WCQeSJLZDjgJUOMCMzxtvFq/37KojM1BFGufqsCy0r4qSQmYLsZYMeyRqzIWOMup03sw==} engines: {node: '>=14'} - formdata-polyfill@4.0.10: - resolution: {integrity: sha512-buewHzMvYL29jdeQTVILecSaZKnt/RJWjoZCF5OW60Z67/GmSLBkOFM7qh1PI3zFNtJbaZL5eQu1vLfazOwj4g==} - engines: {node: '>=12.20.0'} - fraction.js@4.3.7: resolution: {integrity: sha512-ZsDfxO51wGAXREY55a7la9LScWpwv9RxIrYABrlvOFBlH/ShPnrtsXeuUIfXKKOVicNxQ+o8JTbJvjS4M89yew==} @@ -3196,10 +3230,6 @@ packages: idb@8.0.3: resolution: {integrity: sha512-LtwtVyVYO5BqRvcsKuB2iUMnHwPVByPCXFXOpuU96IZPPoPN6xjOGxZQ74pgSVVLQWtUOYgyeL4GE98BY5D3wg==} - imurmurhash@0.1.4: - resolution: {integrity: sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==} - engines: {node: '>=0.8.19'} - indent-string@4.0.0: resolution: {integrity: sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg==} engines: {node: '>=8'} @@ -3388,6 +3418,9 @@ packages: resolution: {integrity: sha512-/imKNG4EbWNrVjoNC/1H5/9GFy+tqjGBHCaSsN+P2RnPqjsLmv6UD3Ej+Kj8nBWaRAwyk7kK5ZUc+OEatnTR3A==} hasBin: true + jose@6.2.3: + resolution: {integrity: sha512-YYVDInQKFJfR/xa3ojUTl8c2KoTwiL1R5Wg9YCydwH0x0B9grbzlg5HC7mMjCtUJjbQ/YnGEZIhI5tCgfTb4Hw==} + js-tokens@10.0.0: resolution: {integrity: sha512-lM/UBzQmfJRo9ABXbPWemivdCW8V2G8FHaHdypQaIy523snUjog0W71ayWXTjiR+ixeMyVHN2XcpnTd/liPg/Q==} @@ -3538,10 +3571,6 @@ packages: resolution: {integrity: sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==} engines: {node: '>=16 || 14 >=14.17'} - minizlib@3.1.0: - resolution: {integrity: sha512-KZxYo1BUkWD2TVFLr0MQoM8vUUigWD3LlD83a/75BqC+4qE0Hb1Vo5v1FgcfaNXvfXzr+5EhQ6ing/CaBijTlw==} - engines: {node: '>= 18'} - motion-dom@12.23.21: resolution: {integrity: sha512-5xDXx/AbhrfgsQmSE7YESMn4Dpo6x5/DTZ4Iyy4xqDvVHWvFVoV+V2Ri2S/ksx+D40wrZ7gPYiMWshkdoqNgNQ==} @@ -3576,15 +3605,6 @@ packages: react: ^16.8 || ^17 || ^18 react-dom: ^16.8 || ^17 || ^18 - node-domexception@1.0.0: - resolution: {integrity: sha512-/jKZoMpw0F8GRwl4/eLROPA3cfcXtLApP0QzLmUT/HuPCZWyB7IY9ZrMeKw2O/nFIqPQB3PVM9aYm0F312AXDQ==} - engines: {node: '>=10.5.0'} - deprecated: Use your platform's native DOMException instead - - node-fetch@3.3.2: - resolution: {integrity: sha512-dRB78srN/l6gqWulah9SrxeYnxeddIG30+GOqK/9OlLVyLg3HPnr6SqOWTWOXKRwC2eGYCkZ59NNuSgvSrpgOA==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - node-releases@2.0.21: resolution: {integrity: sha512-5b0pgg78U3hwXkCM8Z9b2FJdPZlr9Psr9V2gQPESdGHqbntyFJKFW4r5TeWGFzafGY3hzs1JC62VEQMbl1JFkw==} @@ -3596,10 +3616,6 @@ packages: resolution: {integrity: sha512-bdok/XvKII3nUpklnV6P2hxtMNrCboOjAcyBuQnWEhO665FwrSNRxU+AqpsyvO6LgGYPspN+lu5CLtw4jPRKNA==} engines: {node: '>=0.10.0'} - npm-normalize-package-bin@5.0.0: - resolution: {integrity: sha512-CJi3OS4JLsNMmr2u07OJlhcrPxCeOeP/4xq67aWNai6TNWWbTrlNDgl8NcFKVlcBKp18GPj+EzbNIgrBfZhsag==} - engines: {node: ^20.17.0 || >=22.9.0} - object-assign@4.1.1: resolution: {integrity: sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg==} engines: {node: '>=0.10.0'} @@ -3785,10 +3801,6 @@ packages: resolution: {integrity: sha512-Qb1gy5OrP5+zDf2Bvnzdl3jsTf1qXVMazbvCoKhtKqVs4/YK4ozX4gKQJJVyNe+cajNPn0KoC0MC3FUmaHWEmQ==} engines: {node: ^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0} - proc-log@6.0.0: - resolution: {integrity: sha512-KG/XsTDN901PNfPfAMmj6N/Ywg9tM+bHK8pAz+27fS4N4Pcr+4zoYBOcGSBu6ceXYNPxkLpa4ohtfxV1XcLAfA==} - engines: {node: ^20.17.0 || >=22.9.0} - punycode@2.3.1: resolution: {integrity: sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==} engines: {node: '>=6'} @@ -3870,10 +3882,6 @@ packages: read-cache@1.0.0: resolution: {integrity: sha512-Owdv/Ft7IjOgm/i0xvNDZ1LrRANRfew4b2prF3OWMQLxLfu3bS8FVhCsrSCMK4lR56Y9ya+AThoTpDCTxCmpRA==} - read-cmd-shim@6.0.0: - resolution: {integrity: sha512-1zM5HuOfagXCBWMN83fuFI/x+T/UhZ7k+KIzhrHXcQoeX5+7gmaDYjELQHmmzIodumBHeByBJT4QYS7ufAgs7A==} - engines: {node: ^20.17.0 || >=22.9.0} - readdirp@3.6.0: resolution: {integrity: sha512-hOS089on8RduqdbhvQ5Z37A0ESjsqz6qnRcffsMU3495FuTdqSm+7bhJ29JvIOsBDEEnan5DPu9t3To9VRlMzA==} engines: {node: '>=8.10.0'} @@ -4169,9 +4177,8 @@ packages: engines: {node: '>=16 || 14 >=14.17'} hasBin: true - supabase@2.58.5: - resolution: {integrity: sha512-mYZSkUIePTdmwlHd26Pff8wpmjfre8gcuWzrc5QqhZgZvCXugVzAQQhcjaQisw5kusbPQWNIjUwcHYEKmejhPw==} - engines: {npm: '>=8'} + supabase@2.109.1: + resolution: {integrity: sha512-N2yP2MHTxOxXBWhfn3poudpJn4pkPosAUo7J/46FTou/l7wOwFi9tox8NSN6HljWkfM0zhwPRimNNGC9XBMoxQ==} hasBin: true supports-color@7.2.0: @@ -4198,10 +4205,6 @@ packages: engines: {node: '>=14.0.0'} hasBin: true - tar@7.5.2: - resolution: {integrity: sha512-7NyxrTE4Anh8km8iEy7o0QYPs+0JKBTj5ZaqHg6B39erLg0qYXN3BijtShwbsNSvQ+LN75+KV+C4QR/f6Gwnpg==} - engines: {node: '>=18'} - temp-dir@2.0.0: resolution: {integrity: sha512-aoBAniQmmwtcKp/7BzsH8Cxzv8OL736p7v1ihGb5e9DJ9kTwGWHrQrVB5+lfVDzfGrdRzXch+ig7LHaY1JTOrg==} engines: {node: '>=8'} @@ -4483,10 +4486,6 @@ packages: resolution: {integrity: sha512-o8qghlI8NZHU1lLPrpi2+Uq7abh4GGPpYANlalzWxyWteJOCsr/P+oPBA49TOLu5FTZO4d3F9MnWJfiMo4BkmA==} engines: {node: '>=18'} - web-streams-polyfill@3.3.3: - resolution: {integrity: sha512-d2JWLCivmZYTSIoge9MsgFCZrt571BikcWGYkjC1khllbTeDlGqZ2D8vD8E/lJa8WGWbb7Plm8/XJYV7IJHZZw==} - engines: {node: '>= 8'} - web-vitals@4.2.4: resolution: {integrity: sha512-r4DIlprAGwJ7YM11VZp4R884m0Vmgr6EAKe3P+kO0PPj3Unqyvv59rczf6UiGcb9Z8QxZVcqKNwv/g0WNdWwsw==} @@ -4605,10 +4604,6 @@ packages: wrappy@1.0.2: resolution: {integrity: sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==} - write-file-atomic@7.0.0: - resolution: {integrity: sha512-YnlPC6JqnZl6aO4uRc+dx5PHguiR9S6WeoLtpxNT9wIG+BDya7ZNE1q7KOjVgaA73hKhKLpVPgJ5QA9THQ5BRg==} - engines: {node: ^20.17.0 || >=22.9.0} - ws@8.18.3: resolution: {integrity: sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==} engines: {node: '>=10.0.0'} @@ -4631,10 +4626,6 @@ packages: yallist@3.1.1: resolution: {integrity: sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==} - yallist@5.0.0: - resolution: {integrity: sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==} - engines: {node: '>=18'} - yaml@2.8.1: resolution: {integrity: sha512-lcYcMxX2PO9XMGvAJkJ3OsNMw+/7FKes7/hgerGUYWIoWu5j/+YQqcZr5JnPZWzOsEBgMbSbiSTn/dv/69Mkpw==} engines: {node: '>= 14.6'} @@ -5388,6 +5379,10 @@ snapshots: '@date-fns/tz@1.4.1': {} + '@ecies/ciphers@0.2.6(@noble/ciphers@1.3.0)': + dependencies: + '@noble/ciphers': 1.3.0 + '@esbuild/aix-ppc64@0.25.10': optional: true @@ -5574,10 +5569,6 @@ snapshots: wrap-ansi: 8.1.0 wrap-ansi-cjs: wrap-ansi@7.0.0 - '@isaacs/fs-minipass@4.0.1': - dependencies: - minipass: 7.1.2 - '@jridgewell/gen-mapping@0.3.13': dependencies: '@jridgewell/sourcemap-codec': 1.5.5 @@ -5602,6 +5593,14 @@ snapshots: '@jridgewell/resolve-uri': 3.1.2 '@jridgewell/sourcemap-codec': 1.5.5 + '@noble/ciphers@1.3.0': {} + + '@noble/curves@1.9.7': + dependencies: + '@noble/hashes': 1.8.0 + + '@noble/hashes@1.8.0': {} + '@nodelib/fs.scandir@2.1.5': dependencies: '@nodelib/fs.stat': 2.0.5 @@ -6444,6 +6443,30 @@ snapshots: dependencies: tslib: 2.8.1 + '@supabase/cli-darwin-arm64@2.109.1': + optional: true + + '@supabase/cli-darwin-x64@2.109.1': + optional: true + + '@supabase/cli-linux-arm64-musl@2.109.1': + optional: true + + '@supabase/cli-linux-arm64@2.109.1': + optional: true + + '@supabase/cli-linux-x64-musl@2.109.1': + optional: true + + '@supabase/cli-linux-x64@2.109.1': + optional: true + + '@supabase/cli-windows-arm64@2.109.1': + optional: true + + '@supabase/cli-windows-x64@2.109.1': + optional: true + '@supabase/functions-js@2.105.4': dependencies: tslib: 2.8.1 @@ -7020,14 +7043,6 @@ snapshots: dependencies: require-from-string: 2.0.2 - bin-links@6.0.0: - dependencies: - cmd-shim: 8.0.0 - npm-normalize-package-bin: 5.0.0 - proc-log: 6.0.0 - read-cmd-shim: 6.0.0 - write-file-atomic: 7.0.0 - binary-extensions@2.3.0: {} brace-expansion@1.1.12: @@ -7088,8 +7103,6 @@ snapshots: optionalDependencies: fsevents: 2.3.3 - chownr@3.0.0: {} - class-variance-authority@0.7.1: dependencies: clsx: 2.1.1 @@ -7105,8 +7118,6 @@ snapshots: clsx@2.1.1: {} - cmd-shim@8.0.0: {} - cmdk@1.1.1(@types/react-dom@18.3.7(@types/react@18.3.24))(@types/react@18.3.24)(react-dom@18.3.1(react@18.3.1))(react@18.3.1): dependencies: '@radix-ui/react-compose-refs': 1.1.2(@types/react@18.3.24)(react@18.3.1) @@ -7176,8 +7187,6 @@ snapshots: csstype@3.1.3: {} - data-uri-to-buffer@4.0.1: {} - data-urls@6.0.0: dependencies: whatwg-mimetype: 4.0.0 @@ -7251,6 +7260,13 @@ snapshots: eastasianwidth@0.2.0: {} + eciesjs@0.5.0: + dependencies: + '@ecies/ciphers': 0.2.6(@noble/ciphers@1.3.0) + '@noble/ciphers': 1.3.0 + '@noble/curves': 1.9.7 + '@noble/hashes': 1.8.0 + ejs@3.1.10: dependencies: jake: 10.9.4 @@ -7457,11 +7473,6 @@ snapshots: optionalDependencies: picomatch: 4.0.3 - fetch-blob@3.2.0: - dependencies: - node-domexception: 1.0.0 - web-streams-polyfill: 3.3.3 - fflate@0.4.8: {} fflate@0.8.2: {} @@ -7485,10 +7496,6 @@ snapshots: cross-spawn: 7.0.6 signal-exit: 4.1.0 - formdata-polyfill@4.0.10: - dependencies: - fetch-blob: 3.2.0 - fraction.js@4.3.7: {} framer-motion@12.23.22(react-dom@18.3.1(react@18.3.1))(react@18.3.1): @@ -7663,8 +7670,6 @@ snapshots: idb@8.0.3: {} - imurmurhash@0.1.4: {} - indent-string@4.0.0: {} inflight@1.0.6: @@ -7849,6 +7854,8 @@ snapshots: jiti@1.21.7: {} + jose@6.2.3: {} + js-tokens@10.0.0: {} js-tokens@4.0.0: {} @@ -8003,10 +8010,6 @@ snapshots: minipass@7.1.2: {} - minizlib@3.1.0: - dependencies: - minipass: 7.1.2 - motion-dom@12.23.21: dependencies: motion-utils: 12.23.6 @@ -8034,22 +8037,12 @@ snapshots: react: 18.3.1 react-dom: 18.3.1(react@18.3.1) - node-domexception@1.0.0: {} - - node-fetch@3.3.2: - dependencies: - data-uri-to-buffer: 4.0.1 - fetch-blob: 3.2.0 - formdata-polyfill: 4.0.10 - node-releases@2.0.21: {} normalize-path@3.0.0: {} normalize-range@0.1.2: {} - npm-normalize-package-bin@5.0.0: {} - object-assign@4.1.1: {} object-hash@3.0.0: {} @@ -8201,8 +8194,6 @@ snapshots: ansi-styles: 5.2.0 react-is: 17.0.2 - proc-log@6.0.0: {} - punycode@2.3.1: {} queue-microtask@1.2.3: {} @@ -8279,8 +8270,6 @@ snapshots: dependencies: pify: 2.3.0 - read-cmd-shim@6.0.0: {} - readdirp@3.6.0: dependencies: picomatch: 2.3.1 @@ -8653,14 +8642,19 @@ snapshots: pirates: 4.0.7 ts-interface-checker: 0.1.13 - supabase@2.58.5: + supabase@2.109.1: dependencies: - bin-links: 6.0.0 - https-proxy-agent: 7.0.6 - node-fetch: 3.3.2 - tar: 7.5.2 - transitivePeerDependencies: - - supports-color + eciesjs: 0.5.0 + jose: 6.2.3 + optionalDependencies: + '@supabase/cli-darwin-arm64': 2.109.1 + '@supabase/cli-darwin-x64': 2.109.1 + '@supabase/cli-linux-arm64': 2.109.1 + '@supabase/cli-linux-arm64-musl': 2.109.1 + '@supabase/cli-linux-x64': 2.109.1 + '@supabase/cli-linux-x64-musl': 2.109.1 + '@supabase/cli-windows-arm64': 2.109.1 + '@supabase/cli-windows-x64': 2.109.1 supports-color@7.2.0: dependencies: @@ -8703,14 +8697,6 @@ snapshots: transitivePeerDependencies: - ts-node - tar@7.5.2: - dependencies: - '@isaacs/fs-minipass': 4.0.1 - chownr: 3.0.0 - minipass: 7.1.2 - minizlib: 3.1.0 - yallist: 5.0.0 - temp-dir@2.0.0: {} tempy@0.6.0: @@ -8962,8 +8948,6 @@ snapshots: dependencies: xml-name-validator: 5.0.0 - web-streams-polyfill@3.3.3: {} - web-vitals@4.2.4: {} webidl-conversions@4.0.2: {} @@ -9172,11 +9156,6 @@ snapshots: wrappy@1.0.2: {} - write-file-atomic@7.0.0: - dependencies: - imurmurhash: 0.1.4 - signal-exit: 4.1.0 - ws@8.18.3: {} xml-name-validator@5.0.0: {} @@ -9185,8 +9164,6 @@ snapshots: yallist@3.1.1: {} - yallist@5.0.0: {} - yaml@2.8.1: {} zod@3.25.76: {} From ea2af3eecbb6c2333eba367ace430a552a7c5e99 Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 10 Jul 2026 13:15:24 +0000 Subject: [PATCH 02/19] fix(deps): pin supabase CLI to an exact version ^2.109.1 still let local installs drift across the 2.x range, defeating the point of an explicit pin. Match the exact version used in CI. --- package.json | 2 +- pnpm-lock.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index 73bbf716..ab28fdea 100644 --- a/package.json +++ b/package.json @@ -125,7 +125,7 @@ "oxlint": "^1.11.1", "postcss": "^8.4.47", "prettier": "^3.6.2", - "supabase": "^2.109.1", + "supabase": "2.109.1", "tailwindcss": "^3.4.11", "tsx": "^4.20.3", "typescript": "^5.5.3", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index c2971056..ddc94467 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -283,7 +283,7 @@ importers: specifier: ^3.6.2 version: 3.6.2 supabase: - specifier: ^2.109.1 + specifier: 2.109.1 version: 2.109.1 tailwindcss: specifier: ^3.4.11 From e4a1b7eb59ede98b16f2dec75f0b30d9283fd6e5 Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 10 Jul 2026 13:24:40 +0000 Subject: [PATCH 03/19] ci: use supabase/setup-cli@v3 lockfile version detection v3 reads the supabase package version from pnpm-lock.yaml directly, so the explicit version input (which had to be kept in sync by hand) is no longer needed - one source of truth instead of two. --- .github/workflows/_db_migrate.yml | 4 +--- .github/workflows/_deploy_edge_functions.yml | 4 +--- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/.github/workflows/_db_migrate.yml b/.github/workflows/_db_migrate.yml index 8cbfeaf9..bfa5ecab 100644 --- a/.github/workflows/_db_migrate.yml +++ b/.github/workflows/_db_migrate.yml @@ -28,9 +28,7 @@ jobs: - uses: actions/checkout@v4 - - uses: supabase/setup-cli@v2 - with: - version: 2.109.1 + - uses: supabase/setup-cli@v3 - name: Push migrations env: diff --git a/.github/workflows/_deploy_edge_functions.yml b/.github/workflows/_deploy_edge_functions.yml index b52596f4..7ee5bfdb 100644 --- a/.github/workflows/_deploy_edge_functions.yml +++ b/.github/workflows/_deploy_edge_functions.yml @@ -28,9 +28,7 @@ jobs: - uses: actions/checkout@v4 - - uses: supabase/setup-cli@v2 - with: - version: 2.109.1 + - uses: supabase/setup-cli@v3 - name: Deploy functions env: From c340247b06710956048baf6c83ddd06345584392 Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 10 Jul 2026 13:47:08 +0000 Subject: [PATCH 04/19] fix(ci): read the local Supabase publishable key dynamically in e2e tests CLI 2.109.1 now issues new sb_publishable_.../sb_secret_... format keys instead of the old fixed demo JWT anon key, so the hardcoded VITE_SUPABASE_PUBLISHABLE_KEY/TEST_SUPABASE_ANON_KEY literals no longer match what the local instance actually expects - every request from the app's Supabase client fails auth, which is why the e2e auth spec started timing out waiting for the sign-in button after the version bump. Read it from `supabase status -o env` after startup instead of hardcoding a literal, so this doesn't silently break again on the next CLI bump. --- .github/workflows/e2e-tests.yml | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/.github/workflows/e2e-tests.yml b/.github/workflows/e2e-tests.yml index ca67ee68..eea5c1e3 100644 --- a/.github/workflows/e2e-tests.yml +++ b/.github/workflows/e2e-tests.yml @@ -12,7 +12,6 @@ jobs: runs-on: ubuntu-latest env: VITE_SUPABASE_URL: http://127.0.0.1:54321 - VITE_SUPABASE_PUBLISHABLE_KEY: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6ImFub24iLCJleHAiOjE5ODM4MTI5OTZ9.CRXP1A7WOeoJeXxjNni43kdQwgnWNReilDMblYTn_I0 strategy: fail-fast: false matrix: @@ -42,6 +41,22 @@ jobs: sleep 10 npx supabase db reset + - name: Export Supabase local publishable key + run: | + npx supabase status -o env > /tmp/supabase-status.env + cat /tmp/supabase-status.env + KEY_LINE=$(grep -iE "PUBLISHABLE_KEY" /tmp/supabase-status.env | head -1) + if [ -z "$KEY_LINE" ]; then + KEY_LINE=$(grep -iE "ANON_KEY" /tmp/supabase-status.env | head -1) + fi + if [ -z "$KEY_LINE" ]; then + echo "Could not find a publishable/anon key in 'supabase status -o env' output" >&2 + exit 1 + fi + KEY_VALUE=$(echo "$KEY_LINE" | cut -d'=' -f2- | tr -d '"') + echo "VITE_SUPABASE_PUBLISHABLE_KEY=$KEY_VALUE" >> "$GITHUB_ENV" + echo "TEST_SUPABASE_ANON_KEY=$KEY_VALUE" >> "$GITHUB_ENV" + - name: Build project run: pnpm run build @@ -49,7 +64,6 @@ jobs: run: npx playwright test --shard=${{ matrix.shardIndex }}/${{ matrix.shardTotal }} --reporter=blob env: TEST_SUPABASE_URL: http://localhost:54321 - TEST_SUPABASE_ANON_KEY: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCN9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6ImFub24iLCJleHAiOjE5ODM4MTI5OTZ9.CRXP1A7WOeoJeXxjNni43kdQwgnWNReilDMblYTn_I0 - uses: actions/upload-artifact@v4 if: ${{ !cancelled() }} From 70099239e17734265d59b093ff0dbe9b8b71faf0 Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 10 Jul 2026 14:11:43 +0000 Subject: [PATCH 05/19] test(e2e): wait for redirect chain before asserting sign-in button Visiting "/" chains through festival -> edition -> sets redirects before the header mounts; the default 5s toBeVisible timeout was tipping over under CI's parallel load. Wait for the final URL first instead of inflating the assertion timeout blindly. --- tests/e2e/auth.spec.ts | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/e2e/auth.spec.ts b/tests/e2e/auth.spec.ts index 06cb9f98..22b82310 100644 --- a/tests/e2e/auth.spec.ts +++ b/tests/e2e/auth.spec.ts @@ -4,6 +4,10 @@ test.describe("Authentication", () => { test("should show login dialog when clicking sign in", async ({ page }) => { await page.goto("/"); + // "/" chains through several redirects (festival -> edition -> sets) before + // the header renders, so wait for that to settle before looking for the button. + await expect(page).toHaveURL(/\/editions\/[^/]+\/sets$/, { timeout: 15000 }); + // Look for a sign in button or link const signInButton = page .getByRole("button", { name: /sign in/i }) From dfd6ba6c10bbde825b336421e7f784f28dfb1d20 Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 10 Jul 2026 14:20:18 +0000 Subject: [PATCH 06/19] Revert "test(e2e): wait for redirect chain before asserting sign-in button" This reverts commit 70099239e17734265d59b093ff0dbe9b8b71faf0. --- tests/e2e/auth.spec.ts | 4 ---- 1 file changed, 4 deletions(-) diff --git a/tests/e2e/auth.spec.ts b/tests/e2e/auth.spec.ts index 22b82310..06cb9f98 100644 --- a/tests/e2e/auth.spec.ts +++ b/tests/e2e/auth.spec.ts @@ -4,10 +4,6 @@ test.describe("Authentication", () => { test("should show login dialog when clicking sign in", async ({ page }) => { await page.goto("/"); - // "/" chains through several redirects (festival -> edition -> sets) before - // the header renders, so wait for that to settle before looking for the button. - await expect(page).toHaveURL(/\/editions\/[^/]+\/sets$/, { timeout: 15000 }); - // Look for a sign in button or link const signInButton = page .getByRole("button", { name: /sign in/i }) From f1eb54d032f474a8ebbb579057c48920a2a14fa0 Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 10 Jul 2026 14:28:27 +0000 Subject: [PATCH 07/19] Revert "fix(ci): read the local Supabase publishable key dynamically in e2e tests" This reverts commit c340247b06710956048baf6c83ddd06345584392. --- .github/workflows/e2e-tests.yml | 18 ++---------------- 1 file changed, 2 insertions(+), 16 deletions(-) diff --git a/.github/workflows/e2e-tests.yml b/.github/workflows/e2e-tests.yml index eea5c1e3..ca67ee68 100644 --- a/.github/workflows/e2e-tests.yml +++ b/.github/workflows/e2e-tests.yml @@ -12,6 +12,7 @@ jobs: runs-on: ubuntu-latest env: VITE_SUPABASE_URL: http://127.0.0.1:54321 + VITE_SUPABASE_PUBLISHABLE_KEY: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6ImFub24iLCJleHAiOjE5ODM4MTI5OTZ9.CRXP1A7WOeoJeXxjNni43kdQwgnWNReilDMblYTn_I0 strategy: fail-fast: false matrix: @@ -41,22 +42,6 @@ jobs: sleep 10 npx supabase db reset - - name: Export Supabase local publishable key - run: | - npx supabase status -o env > /tmp/supabase-status.env - cat /tmp/supabase-status.env - KEY_LINE=$(grep -iE "PUBLISHABLE_KEY" /tmp/supabase-status.env | head -1) - if [ -z "$KEY_LINE" ]; then - KEY_LINE=$(grep -iE "ANON_KEY" /tmp/supabase-status.env | head -1) - fi - if [ -z "$KEY_LINE" ]; then - echo "Could not find a publishable/anon key in 'supabase status -o env' output" >&2 - exit 1 - fi - KEY_VALUE=$(echo "$KEY_LINE" | cut -d'=' -f2- | tr -d '"') - echo "VITE_SUPABASE_PUBLISHABLE_KEY=$KEY_VALUE" >> "$GITHUB_ENV" - echo "TEST_SUPABASE_ANON_KEY=$KEY_VALUE" >> "$GITHUB_ENV" - - name: Build project run: pnpm run build @@ -64,6 +49,7 @@ jobs: run: npx playwright test --shard=${{ matrix.shardIndex }}/${{ matrix.shardTotal }} --reporter=blob env: TEST_SUPABASE_URL: http://localhost:54321 + TEST_SUPABASE_ANON_KEY: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCN9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6ImFub24iLCJleHAiOjE5ODM4MTI5OTZ9.CRXP1A7WOeoJeXxjNni43kdQwgnWNReilDMblYTn_I0 - uses: actions/upload-artifact@v4 if: ${{ !cancelled() }} From a28c158b5c79d4d3bd980eb919129d9854a6f615 Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 10 Jul 2026 14:28:28 +0000 Subject: [PATCH 08/19] Revert "ci: use supabase/setup-cli@v3 lockfile version detection" This reverts commit e4a1b7eb59ede98b16f2dec75f0b30d9283fd6e5. --- .github/workflows/_db_migrate.yml | 4 +++- .github/workflows/_deploy_edge_functions.yml | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/_db_migrate.yml b/.github/workflows/_db_migrate.yml index bfa5ecab..8cbfeaf9 100644 --- a/.github/workflows/_db_migrate.yml +++ b/.github/workflows/_db_migrate.yml @@ -28,7 +28,9 @@ jobs: - uses: actions/checkout@v4 - - uses: supabase/setup-cli@v3 + - uses: supabase/setup-cli@v2 + with: + version: 2.109.1 - name: Push migrations env: diff --git a/.github/workflows/_deploy_edge_functions.yml b/.github/workflows/_deploy_edge_functions.yml index 7ee5bfdb..b52596f4 100644 --- a/.github/workflows/_deploy_edge_functions.yml +++ b/.github/workflows/_deploy_edge_functions.yml @@ -28,7 +28,9 @@ jobs: - uses: actions/checkout@v4 - - uses: supabase/setup-cli@v3 + - uses: supabase/setup-cli@v2 + with: + version: 2.109.1 - name: Deploy functions env: From 02e15bf0e5e137a408c1e7ccf4bc5e02178bb4f9 Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 10 Jul 2026 14:28:28 +0000 Subject: [PATCH 09/19] Revert "fix(deps): pin supabase CLI to an exact version" This reverts commit ea2af3eecbb6c2333eba367ace430a552a7c5e99. --- package.json | 2 +- pnpm-lock.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index ab28fdea..73bbf716 100644 --- a/package.json +++ b/package.json @@ -125,7 +125,7 @@ "oxlint": "^1.11.1", "postcss": "^8.4.47", "prettier": "^3.6.2", - "supabase": "2.109.1", + "supabase": "^2.109.1", "tailwindcss": "^3.4.11", "tsx": "^4.20.3", "typescript": "^5.5.3", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index ddc94467..c2971056 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -283,7 +283,7 @@ importers: specifier: ^3.6.2 version: 3.6.2 supabase: - specifier: 2.109.1 + specifier: ^2.109.1 version: 2.109.1 tailwindcss: specifier: ^3.4.11 From 2855e79fae7b0d544b82d5d7dd1385dff028c589 Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 10 Jul 2026 14:28:28 +0000 Subject: [PATCH 10/19] Revert "chore(ci): pin Supabase CLI version explicitly" This reverts commit 9637fbad0f8404815534030620e8f205efb96269. --- .github/workflows/_db_migrate.yml | 2 - .github/workflows/_deploy_edge_functions.yml | 2 - package.json | 2 +- pnpm-lock.yaml | 275 ++++++++++--------- 4 files changed, 150 insertions(+), 131 deletions(-) diff --git a/.github/workflows/_db_migrate.yml b/.github/workflows/_db_migrate.yml index 8cbfeaf9..efa6bb59 100644 --- a/.github/workflows/_db_migrate.yml +++ b/.github/workflows/_db_migrate.yml @@ -29,8 +29,6 @@ jobs: - uses: actions/checkout@v4 - uses: supabase/setup-cli@v2 - with: - version: 2.109.1 - name: Push migrations env: diff --git a/.github/workflows/_deploy_edge_functions.yml b/.github/workflows/_deploy_edge_functions.yml index b52596f4..55db2176 100644 --- a/.github/workflows/_deploy_edge_functions.yml +++ b/.github/workflows/_deploy_edge_functions.yml @@ -29,8 +29,6 @@ jobs: - uses: actions/checkout@v4 - uses: supabase/setup-cli@v2 - with: - version: 2.109.1 - name: Deploy functions env: diff --git a/package.json b/package.json index 73bbf716..9467473a 100644 --- a/package.json +++ b/package.json @@ -125,7 +125,7 @@ "oxlint": "^1.11.1", "postcss": "^8.4.47", "prettier": "^3.6.2", - "supabase": "^2.109.1", + "supabase": "^2.58.5", "tailwindcss": "^3.4.11", "tsx": "^4.20.3", "typescript": "^5.5.3", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index c2971056..07c1c869 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -283,8 +283,8 @@ importers: specifier: ^3.6.2 version: 3.6.2 supabase: - specifier: ^2.109.1 - version: 2.109.1 + specifier: ^2.58.5 + version: 2.58.5 tailwindcss: specifier: ^3.4.11 version: 3.4.17 @@ -888,12 +888,6 @@ packages: '@date-fns/tz@1.4.1': resolution: {integrity: sha512-P5LUNhtbj6YfI3iJjw5EL9eUAG6OitD0W3fWQcpQjDRc/QIsL0tRNuO1PcDvPccWL1fSTXXdE1ds+l95DV/OFA==} - '@ecies/ciphers@0.2.6': - resolution: {integrity: sha512-patgsRPKGkhhoBjETV4XxD0En4ui5fbX0hzayqI3M8tvNMGUoUvmyYAIWwlxBc1KX5cturfqByYdj5bYGRpN9g==} - engines: {bun: '>=1', deno: '>=2.7.10', node: '>=16'} - peerDependencies: - '@noble/ciphers': ^1.0.0 - '@esbuild/aix-ppc64@0.25.10': resolution: {integrity: sha512-0NFWnA+7l41irNuaSVlLfgNT12caWJVLzp5eAVhZ0z1qpxbockccEt3s+149rE64VUI3Ml2zt8Nv5JVc4QXTsw==} engines: {node: '>=18'} @@ -1230,6 +1224,10 @@ packages: resolution: {integrity: sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==} engines: {node: '>=12'} + '@isaacs/fs-minipass@4.0.1': + resolution: {integrity: sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==} + engines: {node: '>=18.0.0'} + '@jridgewell/gen-mapping@0.3.13': resolution: {integrity: sha512-2kkt/7niJ6MgEPxF0bYdQ6etZaA+fQvDcLKckhy1yIQOzaoKjBBjSj63/aLVjYE3qhRt5dvM+uUyfCg6UKCBbA==} @@ -1249,18 +1247,6 @@ packages: '@jridgewell/trace-mapping@0.3.31': resolution: {integrity: sha512-zzNR+SdQSDJzc8joaeP8QQoCQr8NuYx2dIIytl1QeBEZHJ9uW6hebsrYgbz8hJwUQao3TWCMtmfV8Nu1twOLAw==} - '@noble/ciphers@1.3.0': - resolution: {integrity: sha512-2I0gnIVPtfnMw9ee9h1dJG7tp81+8Ob3OJb3Mv37rx5L40/b0i7djjCVvGOVqc9AEIQyvyu1i6ypKdFw8R8gQw==} - engines: {node: ^14.21.3 || >=16} - - '@noble/curves@1.9.7': - resolution: {integrity: sha512-gbKGcRUYIjA3/zCCNaWDciTMFI0dCkvou3TL8Zmy5Nc7sJ47a0jtOeZoTaMxkuqRo9cRhjOdZJXegxYE5FN/xw==} - engines: {node: ^14.21.3 || >=16} - - '@noble/hashes@1.8.0': - resolution: {integrity: sha512-jCs9ldd7NwzpgXDIf6P3+NrHh9/sD6CQdxHyjQI+h/6rDNo88ypBxxz45UDuZHz9r3tNz7N/VInSVoVdtXEI4A==} - engines: {node: ^14.21.3 || >=16} - '@nodelib/fs.scandir@2.1.5': resolution: {integrity: sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==} engines: {node: '>= 8'} @@ -2122,46 +2108,6 @@ packages: resolution: {integrity: sha512-Ejfa37M5xoIwoxVebxRahnwubPo8g22qkXQ4p50+N9MIvU9UZoN+A8dwVPtczzGf8oV/YXN80ZPxK4aWXuSN/A==} engines: {node: '>=20.0.0'} - '@supabase/cli-darwin-arm64@2.109.1': - resolution: {integrity: sha512-tkn8tfunyqIL7RE+7DVjg6Ql2cJLPkGgh9cPafp2LbXI0qDgds0TaS+UOTHQEjci8JQXXe2wS00+122ko2QI8A==} - cpu: [arm64] - os: [darwin] - - '@supabase/cli-darwin-x64@2.109.1': - resolution: {integrity: sha512-0Q5ZAoWhOyIv4ZzQOU8QbjjdB2JmznnDNyJ3VrIeuLMWoifVfUWaLZhHBNYzr4xXoxBpKrggomuAT8BaEhY3lg==} - cpu: [x64] - os: [darwin] - - '@supabase/cli-linux-arm64-musl@2.109.1': - resolution: {integrity: sha512-cXNOsSU7MS+jmslGQATTD4DfWBEIHiFi7LaBWyBxHmR7tzIiZXimUXgN26ZiQjfAxU+RZq52C3k0qhi7vmqXQw==} - cpu: [arm64] - os: [linux] - - '@supabase/cli-linux-arm64@2.109.1': - resolution: {integrity: sha512-MS1djJjq5laD99+jYJUoARfSZhzRX9aXmo5piZ1yl2JXb9IXTuhiTD5olkFKQcgNckRcAZqMf4fucQGTYC767A==} - cpu: [arm64] - os: [linux] - - '@supabase/cli-linux-x64-musl@2.109.1': - resolution: {integrity: sha512-zeD9MrZpEKJrjkSPcYp4nZeGJ9FQt0i/kiRij4ZprPP6R5l+SLi6Pk20ln+Vj/GZuWTVxX7IHJ11pgViaReAWw==} - cpu: [x64] - os: [linux] - - '@supabase/cli-linux-x64@2.109.1': - resolution: {integrity: sha512-svFmamF/vIq4/oinwY50jDi869itC9/GWrPaGtsHFkK4NUBcQtl1T37WWIivGsXwbBKNC4FjZD3dGqjL7bfW1g==} - cpu: [x64] - os: [linux] - - '@supabase/cli-windows-arm64@2.109.1': - resolution: {integrity: sha512-NeKzgWAOpglnLwMTggTp5t44fbkfxACLkQNlCRx0q332HMM3WqsKQUsHv1MHc6ZbEc5bcMwaYjqPNI/aOWnP5g==} - cpu: [arm64] - os: [win32] - - '@supabase/cli-windows-x64@2.109.1': - resolution: {integrity: sha512-L9/pDLM+4IR8646aT69ZDVcnJeg1lZZsB26ZgI775S3f8jOHP41+1UH9Oq1g9CvKiAQviuaLgtwkuvi0I/cc/A==} - cpu: [x64] - os: [win32] - '@supabase/functions-js@2.105.4': resolution: {integrity: sha512-JVNKbBft3Qkja+WlGaE026AJ2AH9K0UTsxsfvEIHgd4zFrBor4BYRCrYFrv9IDsvVqkF72wKDsODJl5GY/C4tA==} engines: {node: '>=20.0.0'} @@ -2678,6 +2624,10 @@ packages: bidi-js@1.0.3: resolution: {integrity: sha512-RKshQI1R3YQ+n9YJz2QQ147P66ELpa1FQEg20Dk8oW9t2KgLbpDLLp9aGZ7y8WHSshDknG0bknqGw5/tyCs5tw==} + bin-links@6.0.0: + resolution: {integrity: sha512-X4CiKlcV2GjnCMwnKAfbVWpHa++65th9TuzAEYtZoATiOE2DQKhSp4CJlyLoTqdhBKlXjpXjCTYPNNFS33Fi6w==} + engines: {node: ^20.17.0 || >=22.9.0} + binary-extensions@2.3.0: resolution: {integrity: sha512-Ceh+7ox5qe7LJuLHoY0feh3pHuUDHAcRUeyL2VYghZwfpkNIy/+8Ocg0a3UuSoYzavmylwuLWQOf3hl0jjMMIw==} engines: {node: '>=8'} @@ -2727,6 +2677,10 @@ packages: resolution: {integrity: sha512-7VT13fmjotKpGipCW9JEQAusEPE+Ei8nl6/g4FBAmIm0GOOLMua9NDDo/DWp0ZAxCr3cPq5ZpBqmPAQgDda2Pw==} engines: {node: '>= 8.10.0'} + chownr@3.0.0: + resolution: {integrity: sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==} + engines: {node: '>=18'} + class-variance-authority@0.7.1: resolution: {integrity: sha512-Ka+9Trutv7G8M6WT6SeiRWz792K5qEqIGEGzXKhAE6xOWAY6pPH8U+9IY3oCMv6kqTmLsv7Xh/2w2RigkePMsg==} @@ -2742,6 +2696,10 @@ packages: resolution: {integrity: sha512-eYm0QWBtUrBWZWG0d386OGAw16Z995PiOVo2B7bjWSbHedGl5e0ZWaq65kOGgUSNesEIDkB9ISbTg/JK9dhCZA==} engines: {node: '>=6'} + cmd-shim@8.0.0: + resolution: {integrity: sha512-Jk/BK6NCapZ58BKUxlSI+ouKRbjH1NLZCgJkYoab+vEHUY3f6OzpNBN9u7HFSv9J6TRDGs4PLOHezoKGaFRSCA==} + engines: {node: ^20.17.0 || >=22.9.0} + cmdk@1.1.1: resolution: {integrity: sha512-Vsv7kFaXm+ptHDMZ7izaRsP70GgrW9NBNGswt9OZaVBLlE0SNpDq8eu/VGXyF9r7M0azK3Wy7OlYXsuyYLFzHg==} peerDependencies: @@ -2818,6 +2776,10 @@ packages: csstype@3.1.3: resolution: {integrity: sha512-M1uQkMl8rQK/szD0LNhtqxIPLpimGm8sOBwU7lLnCpSbTyY3yeU1Vc7l4KT5zT4s/yOxHH5O7tIuuLOCnLADRw==} + data-uri-to-buffer@4.0.1: + resolution: {integrity: sha512-0R9ikRb668HB7QDxT1vkpuUBtqc53YyAwMwGeUFKRojY/NWKvdZ+9UYtRfGmhqNbRkTSVpMbmyhXipFFv2cb/A==} + engines: {node: '>= 12'} + data-urls@6.0.0: resolution: {integrity: sha512-BnBS08aLUM+DKamupXs3w2tJJoqU+AkaE/+6vQxi/G/DPmIZFJJp9Dkb1kM03AZx8ADehDUZgsNxju3mPXZYIA==} engines: {node: '>=20'} @@ -2899,10 +2861,6 @@ packages: eastasianwidth@0.2.0: resolution: {integrity: sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==} - eciesjs@0.5.0: - resolution: {integrity: sha512-s0J9SEVYAEPg7J63GFMApLYzPH9VNIQIyC6s15JpnqVc0TqcKWdbgFlnAweEBRyMmko2dcs2sfC83Hj4J43tuA==} - engines: {bun: '>=1', deno: '>=2.7.10', node: '>=16'} - ejs@3.1.10: resolution: {integrity: sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==} engines: {node: '>=0.10.0'} @@ -3032,6 +2990,10 @@ packages: picomatch: optional: true + fetch-blob@3.2.0: + resolution: {integrity: sha512-7yAQpD2UMJzLi1Dqv7qFYnPbaPx7ZfFK6PiIxQ4PfkGPyNyl2Ugx+a/umUonmKqjhM4DnfbMvdX6otXq83soQQ==} + engines: {node: ^12.20 || >= 14.13} + fflate@0.4.8: resolution: {integrity: sha512-FJqqoDBR00Mdj9ppamLa/Y7vxm+PRmNWA67N846RvsoYVMKB4q3y/de5PA7gUmRMYK/8CMz2GDZQmCRN1wBcWA==} @@ -3056,6 +3018,10 @@ packages: resolution: {integrity: sha512-gIXjKqtFuWEgzFRJA9WCQeSJLZDjgJUOMCMzxtvFq/37KojM1BFGufqsCy0r4qSQmYLsZYMeyRqzIWOMup03sw==} engines: {node: '>=14'} + formdata-polyfill@4.0.10: + resolution: {integrity: sha512-buewHzMvYL29jdeQTVILecSaZKnt/RJWjoZCF5OW60Z67/GmSLBkOFM7qh1PI3zFNtJbaZL5eQu1vLfazOwj4g==} + engines: {node: '>=12.20.0'} + fraction.js@4.3.7: resolution: {integrity: sha512-ZsDfxO51wGAXREY55a7la9LScWpwv9RxIrYABrlvOFBlH/ShPnrtsXeuUIfXKKOVicNxQ+o8JTbJvjS4M89yew==} @@ -3230,6 +3196,10 @@ packages: idb@8.0.3: resolution: {integrity: sha512-LtwtVyVYO5BqRvcsKuB2iUMnHwPVByPCXFXOpuU96IZPPoPN6xjOGxZQ74pgSVVLQWtUOYgyeL4GE98BY5D3wg==} + imurmurhash@0.1.4: + resolution: {integrity: sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==} + engines: {node: '>=0.8.19'} + indent-string@4.0.0: resolution: {integrity: sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg==} engines: {node: '>=8'} @@ -3418,9 +3388,6 @@ packages: resolution: {integrity: sha512-/imKNG4EbWNrVjoNC/1H5/9GFy+tqjGBHCaSsN+P2RnPqjsLmv6UD3Ej+Kj8nBWaRAwyk7kK5ZUc+OEatnTR3A==} hasBin: true - jose@6.2.3: - resolution: {integrity: sha512-YYVDInQKFJfR/xa3ojUTl8c2KoTwiL1R5Wg9YCydwH0x0B9grbzlg5HC7mMjCtUJjbQ/YnGEZIhI5tCgfTb4Hw==} - js-tokens@10.0.0: resolution: {integrity: sha512-lM/UBzQmfJRo9ABXbPWemivdCW8V2G8FHaHdypQaIy523snUjog0W71ayWXTjiR+ixeMyVHN2XcpnTd/liPg/Q==} @@ -3571,6 +3538,10 @@ packages: resolution: {integrity: sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==} engines: {node: '>=16 || 14 >=14.17'} + minizlib@3.1.0: + resolution: {integrity: sha512-KZxYo1BUkWD2TVFLr0MQoM8vUUigWD3LlD83a/75BqC+4qE0Hb1Vo5v1FgcfaNXvfXzr+5EhQ6ing/CaBijTlw==} + engines: {node: '>= 18'} + motion-dom@12.23.21: resolution: {integrity: sha512-5xDXx/AbhrfgsQmSE7YESMn4Dpo6x5/DTZ4Iyy4xqDvVHWvFVoV+V2Ri2S/ksx+D40wrZ7gPYiMWshkdoqNgNQ==} @@ -3605,6 +3576,15 @@ packages: react: ^16.8 || ^17 || ^18 react-dom: ^16.8 || ^17 || ^18 + node-domexception@1.0.0: + resolution: {integrity: sha512-/jKZoMpw0F8GRwl4/eLROPA3cfcXtLApP0QzLmUT/HuPCZWyB7IY9ZrMeKw2O/nFIqPQB3PVM9aYm0F312AXDQ==} + engines: {node: '>=10.5.0'} + deprecated: Use your platform's native DOMException instead + + node-fetch@3.3.2: + resolution: {integrity: sha512-dRB78srN/l6gqWulah9SrxeYnxeddIG30+GOqK/9OlLVyLg3HPnr6SqOWTWOXKRwC2eGYCkZ59NNuSgvSrpgOA==} + engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} + node-releases@2.0.21: resolution: {integrity: sha512-5b0pgg78U3hwXkCM8Z9b2FJdPZlr9Psr9V2gQPESdGHqbntyFJKFW4r5TeWGFzafGY3hzs1JC62VEQMbl1JFkw==} @@ -3616,6 +3596,10 @@ packages: resolution: {integrity: sha512-bdok/XvKII3nUpklnV6P2hxtMNrCboOjAcyBuQnWEhO665FwrSNRxU+AqpsyvO6LgGYPspN+lu5CLtw4jPRKNA==} engines: {node: '>=0.10.0'} + npm-normalize-package-bin@5.0.0: + resolution: {integrity: sha512-CJi3OS4JLsNMmr2u07OJlhcrPxCeOeP/4xq67aWNai6TNWWbTrlNDgl8NcFKVlcBKp18GPj+EzbNIgrBfZhsag==} + engines: {node: ^20.17.0 || >=22.9.0} + object-assign@4.1.1: resolution: {integrity: sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg==} engines: {node: '>=0.10.0'} @@ -3801,6 +3785,10 @@ packages: resolution: {integrity: sha512-Qb1gy5OrP5+zDf2Bvnzdl3jsTf1qXVMazbvCoKhtKqVs4/YK4ozX4gKQJJVyNe+cajNPn0KoC0MC3FUmaHWEmQ==} engines: {node: ^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0} + proc-log@6.0.0: + resolution: {integrity: sha512-KG/XsTDN901PNfPfAMmj6N/Ywg9tM+bHK8pAz+27fS4N4Pcr+4zoYBOcGSBu6ceXYNPxkLpa4ohtfxV1XcLAfA==} + engines: {node: ^20.17.0 || >=22.9.0} + punycode@2.3.1: resolution: {integrity: sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==} engines: {node: '>=6'} @@ -3882,6 +3870,10 @@ packages: read-cache@1.0.0: resolution: {integrity: sha512-Owdv/Ft7IjOgm/i0xvNDZ1LrRANRfew4b2prF3OWMQLxLfu3bS8FVhCsrSCMK4lR56Y9ya+AThoTpDCTxCmpRA==} + read-cmd-shim@6.0.0: + resolution: {integrity: sha512-1zM5HuOfagXCBWMN83fuFI/x+T/UhZ7k+KIzhrHXcQoeX5+7gmaDYjELQHmmzIodumBHeByBJT4QYS7ufAgs7A==} + engines: {node: ^20.17.0 || >=22.9.0} + readdirp@3.6.0: resolution: {integrity: sha512-hOS089on8RduqdbhvQ5Z37A0ESjsqz6qnRcffsMU3495FuTdqSm+7bhJ29JvIOsBDEEnan5DPu9t3To9VRlMzA==} engines: {node: '>=8.10.0'} @@ -4177,8 +4169,9 @@ packages: engines: {node: '>=16 || 14 >=14.17'} hasBin: true - supabase@2.109.1: - resolution: {integrity: sha512-N2yP2MHTxOxXBWhfn3poudpJn4pkPosAUo7J/46FTou/l7wOwFi9tox8NSN6HljWkfM0zhwPRimNNGC9XBMoxQ==} + supabase@2.58.5: + resolution: {integrity: sha512-mYZSkUIePTdmwlHd26Pff8wpmjfre8gcuWzrc5QqhZgZvCXugVzAQQhcjaQisw5kusbPQWNIjUwcHYEKmejhPw==} + engines: {npm: '>=8'} hasBin: true supports-color@7.2.0: @@ -4205,6 +4198,10 @@ packages: engines: {node: '>=14.0.0'} hasBin: true + tar@7.5.2: + resolution: {integrity: sha512-7NyxrTE4Anh8km8iEy7o0QYPs+0JKBTj5ZaqHg6B39erLg0qYXN3BijtShwbsNSvQ+LN75+KV+C4QR/f6Gwnpg==} + engines: {node: '>=18'} + temp-dir@2.0.0: resolution: {integrity: sha512-aoBAniQmmwtcKp/7BzsH8Cxzv8OL736p7v1ihGb5e9DJ9kTwGWHrQrVB5+lfVDzfGrdRzXch+ig7LHaY1JTOrg==} engines: {node: '>=8'} @@ -4486,6 +4483,10 @@ packages: resolution: {integrity: sha512-o8qghlI8NZHU1lLPrpi2+Uq7abh4GGPpYANlalzWxyWteJOCsr/P+oPBA49TOLu5FTZO4d3F9MnWJfiMo4BkmA==} engines: {node: '>=18'} + web-streams-polyfill@3.3.3: + resolution: {integrity: sha512-d2JWLCivmZYTSIoge9MsgFCZrt571BikcWGYkjC1khllbTeDlGqZ2D8vD8E/lJa8WGWbb7Plm8/XJYV7IJHZZw==} + engines: {node: '>= 8'} + web-vitals@4.2.4: resolution: {integrity: sha512-r4DIlprAGwJ7YM11VZp4R884m0Vmgr6EAKe3P+kO0PPj3Unqyvv59rczf6UiGcb9Z8QxZVcqKNwv/g0WNdWwsw==} @@ -4604,6 +4605,10 @@ packages: wrappy@1.0.2: resolution: {integrity: sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==} + write-file-atomic@7.0.0: + resolution: {integrity: sha512-YnlPC6JqnZl6aO4uRc+dx5PHguiR9S6WeoLtpxNT9wIG+BDya7ZNE1q7KOjVgaA73hKhKLpVPgJ5QA9THQ5BRg==} + engines: {node: ^20.17.0 || >=22.9.0} + ws@8.18.3: resolution: {integrity: sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==} engines: {node: '>=10.0.0'} @@ -4626,6 +4631,10 @@ packages: yallist@3.1.1: resolution: {integrity: sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==} + yallist@5.0.0: + resolution: {integrity: sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==} + engines: {node: '>=18'} + yaml@2.8.1: resolution: {integrity: sha512-lcYcMxX2PO9XMGvAJkJ3OsNMw+/7FKes7/hgerGUYWIoWu5j/+YQqcZr5JnPZWzOsEBgMbSbiSTn/dv/69Mkpw==} engines: {node: '>= 14.6'} @@ -5379,10 +5388,6 @@ snapshots: '@date-fns/tz@1.4.1': {} - '@ecies/ciphers@0.2.6(@noble/ciphers@1.3.0)': - dependencies: - '@noble/ciphers': 1.3.0 - '@esbuild/aix-ppc64@0.25.10': optional: true @@ -5569,6 +5574,10 @@ snapshots: wrap-ansi: 8.1.0 wrap-ansi-cjs: wrap-ansi@7.0.0 + '@isaacs/fs-minipass@4.0.1': + dependencies: + minipass: 7.1.2 + '@jridgewell/gen-mapping@0.3.13': dependencies: '@jridgewell/sourcemap-codec': 1.5.5 @@ -5593,14 +5602,6 @@ snapshots: '@jridgewell/resolve-uri': 3.1.2 '@jridgewell/sourcemap-codec': 1.5.5 - '@noble/ciphers@1.3.0': {} - - '@noble/curves@1.9.7': - dependencies: - '@noble/hashes': 1.8.0 - - '@noble/hashes@1.8.0': {} - '@nodelib/fs.scandir@2.1.5': dependencies: '@nodelib/fs.stat': 2.0.5 @@ -6443,30 +6444,6 @@ snapshots: dependencies: tslib: 2.8.1 - '@supabase/cli-darwin-arm64@2.109.1': - optional: true - - '@supabase/cli-darwin-x64@2.109.1': - optional: true - - '@supabase/cli-linux-arm64-musl@2.109.1': - optional: true - - '@supabase/cli-linux-arm64@2.109.1': - optional: true - - '@supabase/cli-linux-x64-musl@2.109.1': - optional: true - - '@supabase/cli-linux-x64@2.109.1': - optional: true - - '@supabase/cli-windows-arm64@2.109.1': - optional: true - - '@supabase/cli-windows-x64@2.109.1': - optional: true - '@supabase/functions-js@2.105.4': dependencies: tslib: 2.8.1 @@ -7043,6 +7020,14 @@ snapshots: dependencies: require-from-string: 2.0.2 + bin-links@6.0.0: + dependencies: + cmd-shim: 8.0.0 + npm-normalize-package-bin: 5.0.0 + proc-log: 6.0.0 + read-cmd-shim: 6.0.0 + write-file-atomic: 7.0.0 + binary-extensions@2.3.0: {} brace-expansion@1.1.12: @@ -7103,6 +7088,8 @@ snapshots: optionalDependencies: fsevents: 2.3.3 + chownr@3.0.0: {} + class-variance-authority@0.7.1: dependencies: clsx: 2.1.1 @@ -7118,6 +7105,8 @@ snapshots: clsx@2.1.1: {} + cmd-shim@8.0.0: {} + cmdk@1.1.1(@types/react-dom@18.3.7(@types/react@18.3.24))(@types/react@18.3.24)(react-dom@18.3.1(react@18.3.1))(react@18.3.1): dependencies: '@radix-ui/react-compose-refs': 1.1.2(@types/react@18.3.24)(react@18.3.1) @@ -7187,6 +7176,8 @@ snapshots: csstype@3.1.3: {} + data-uri-to-buffer@4.0.1: {} + data-urls@6.0.0: dependencies: whatwg-mimetype: 4.0.0 @@ -7260,13 +7251,6 @@ snapshots: eastasianwidth@0.2.0: {} - eciesjs@0.5.0: - dependencies: - '@ecies/ciphers': 0.2.6(@noble/ciphers@1.3.0) - '@noble/ciphers': 1.3.0 - '@noble/curves': 1.9.7 - '@noble/hashes': 1.8.0 - ejs@3.1.10: dependencies: jake: 10.9.4 @@ -7473,6 +7457,11 @@ snapshots: optionalDependencies: picomatch: 4.0.3 + fetch-blob@3.2.0: + dependencies: + node-domexception: 1.0.0 + web-streams-polyfill: 3.3.3 + fflate@0.4.8: {} fflate@0.8.2: {} @@ -7496,6 +7485,10 @@ snapshots: cross-spawn: 7.0.6 signal-exit: 4.1.0 + formdata-polyfill@4.0.10: + dependencies: + fetch-blob: 3.2.0 + fraction.js@4.3.7: {} framer-motion@12.23.22(react-dom@18.3.1(react@18.3.1))(react@18.3.1): @@ -7670,6 +7663,8 @@ snapshots: idb@8.0.3: {} + imurmurhash@0.1.4: {} + indent-string@4.0.0: {} inflight@1.0.6: @@ -7854,8 +7849,6 @@ snapshots: jiti@1.21.7: {} - jose@6.2.3: {} - js-tokens@10.0.0: {} js-tokens@4.0.0: {} @@ -8010,6 +8003,10 @@ snapshots: minipass@7.1.2: {} + minizlib@3.1.0: + dependencies: + minipass: 7.1.2 + motion-dom@12.23.21: dependencies: motion-utils: 12.23.6 @@ -8037,12 +8034,22 @@ snapshots: react: 18.3.1 react-dom: 18.3.1(react@18.3.1) + node-domexception@1.0.0: {} + + node-fetch@3.3.2: + dependencies: + data-uri-to-buffer: 4.0.1 + fetch-blob: 3.2.0 + formdata-polyfill: 4.0.10 + node-releases@2.0.21: {} normalize-path@3.0.0: {} normalize-range@0.1.2: {} + npm-normalize-package-bin@5.0.0: {} + object-assign@4.1.1: {} object-hash@3.0.0: {} @@ -8194,6 +8201,8 @@ snapshots: ansi-styles: 5.2.0 react-is: 17.0.2 + proc-log@6.0.0: {} + punycode@2.3.1: {} queue-microtask@1.2.3: {} @@ -8270,6 +8279,8 @@ snapshots: dependencies: pify: 2.3.0 + read-cmd-shim@6.0.0: {} + readdirp@3.6.0: dependencies: picomatch: 2.3.1 @@ -8642,19 +8653,14 @@ snapshots: pirates: 4.0.7 ts-interface-checker: 0.1.13 - supabase@2.109.1: + supabase@2.58.5: dependencies: - eciesjs: 0.5.0 - jose: 6.2.3 - optionalDependencies: - '@supabase/cli-darwin-arm64': 2.109.1 - '@supabase/cli-darwin-x64': 2.109.1 - '@supabase/cli-linux-arm64': 2.109.1 - '@supabase/cli-linux-arm64-musl': 2.109.1 - '@supabase/cli-linux-x64': 2.109.1 - '@supabase/cli-linux-x64-musl': 2.109.1 - '@supabase/cli-windows-arm64': 2.109.1 - '@supabase/cli-windows-x64': 2.109.1 + bin-links: 6.0.0 + https-proxy-agent: 7.0.6 + node-fetch: 3.3.2 + tar: 7.5.2 + transitivePeerDependencies: + - supports-color supports-color@7.2.0: dependencies: @@ -8697,6 +8703,14 @@ snapshots: transitivePeerDependencies: - ts-node + tar@7.5.2: + dependencies: + '@isaacs/fs-minipass': 4.0.1 + chownr: 3.0.0 + minipass: 7.1.2 + minizlib: 3.1.0 + yallist: 5.0.0 + temp-dir@2.0.0: {} tempy@0.6.0: @@ -8948,6 +8962,8 @@ snapshots: dependencies: xml-name-validator: 5.0.0 + web-streams-polyfill@3.3.3: {} + web-vitals@4.2.4: {} webidl-conversions@4.0.2: {} @@ -9156,6 +9172,11 @@ snapshots: wrappy@1.0.2: {} + write-file-atomic@7.0.0: + dependencies: + imurmurhash: 0.1.4 + signal-exit: 4.1.0 + ws@8.18.3: {} xml-name-validator@5.0.0: {} @@ -9164,6 +9185,8 @@ snapshots: yallist@3.1.1: {} + yallist@5.0.0: {} + yaml@2.8.1: {} zod@3.25.76: {} From f8eec6f90898dde25d9c15fa4be3a81ea88c5b57 Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 10 Jul 2026 14:38:06 +0000 Subject: [PATCH 11/19] Reapply "chore(ci): pin Supabase CLI version explicitly" This reverts commit 2855e79fae7b0d544b82d5d7dd1385dff028c589. --- .github/workflows/_db_migrate.yml | 2 + .github/workflows/_deploy_edge_functions.yml | 2 + package.json | 2 +- pnpm-lock.yaml | 275 +++++++++---------- 4 files changed, 131 insertions(+), 150 deletions(-) diff --git a/.github/workflows/_db_migrate.yml b/.github/workflows/_db_migrate.yml index efa6bb59..8cbfeaf9 100644 --- a/.github/workflows/_db_migrate.yml +++ b/.github/workflows/_db_migrate.yml @@ -29,6 +29,8 @@ jobs: - uses: actions/checkout@v4 - uses: supabase/setup-cli@v2 + with: + version: 2.109.1 - name: Push migrations env: diff --git a/.github/workflows/_deploy_edge_functions.yml b/.github/workflows/_deploy_edge_functions.yml index 55db2176..b52596f4 100644 --- a/.github/workflows/_deploy_edge_functions.yml +++ b/.github/workflows/_deploy_edge_functions.yml @@ -29,6 +29,8 @@ jobs: - uses: actions/checkout@v4 - uses: supabase/setup-cli@v2 + with: + version: 2.109.1 - name: Deploy functions env: diff --git a/package.json b/package.json index 9467473a..73bbf716 100644 --- a/package.json +++ b/package.json @@ -125,7 +125,7 @@ "oxlint": "^1.11.1", "postcss": "^8.4.47", "prettier": "^3.6.2", - "supabase": "^2.58.5", + "supabase": "^2.109.1", "tailwindcss": "^3.4.11", "tsx": "^4.20.3", "typescript": "^5.5.3", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 07c1c869..c2971056 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -283,8 +283,8 @@ importers: specifier: ^3.6.2 version: 3.6.2 supabase: - specifier: ^2.58.5 - version: 2.58.5 + specifier: ^2.109.1 + version: 2.109.1 tailwindcss: specifier: ^3.4.11 version: 3.4.17 @@ -888,6 +888,12 @@ packages: '@date-fns/tz@1.4.1': resolution: {integrity: sha512-P5LUNhtbj6YfI3iJjw5EL9eUAG6OitD0W3fWQcpQjDRc/QIsL0tRNuO1PcDvPccWL1fSTXXdE1ds+l95DV/OFA==} + '@ecies/ciphers@0.2.6': + resolution: {integrity: sha512-patgsRPKGkhhoBjETV4XxD0En4ui5fbX0hzayqI3M8tvNMGUoUvmyYAIWwlxBc1KX5cturfqByYdj5bYGRpN9g==} + engines: {bun: '>=1', deno: '>=2.7.10', node: '>=16'} + peerDependencies: + '@noble/ciphers': ^1.0.0 + '@esbuild/aix-ppc64@0.25.10': resolution: {integrity: sha512-0NFWnA+7l41irNuaSVlLfgNT12caWJVLzp5eAVhZ0z1qpxbockccEt3s+149rE64VUI3Ml2zt8Nv5JVc4QXTsw==} engines: {node: '>=18'} @@ -1224,10 +1230,6 @@ packages: resolution: {integrity: sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==} engines: {node: '>=12'} - '@isaacs/fs-minipass@4.0.1': - resolution: {integrity: sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==} - engines: {node: '>=18.0.0'} - '@jridgewell/gen-mapping@0.3.13': resolution: {integrity: sha512-2kkt/7niJ6MgEPxF0bYdQ6etZaA+fQvDcLKckhy1yIQOzaoKjBBjSj63/aLVjYE3qhRt5dvM+uUyfCg6UKCBbA==} @@ -1247,6 +1249,18 @@ packages: '@jridgewell/trace-mapping@0.3.31': resolution: {integrity: sha512-zzNR+SdQSDJzc8joaeP8QQoCQr8NuYx2dIIytl1QeBEZHJ9uW6hebsrYgbz8hJwUQao3TWCMtmfV8Nu1twOLAw==} + '@noble/ciphers@1.3.0': + resolution: {integrity: sha512-2I0gnIVPtfnMw9ee9h1dJG7tp81+8Ob3OJb3Mv37rx5L40/b0i7djjCVvGOVqc9AEIQyvyu1i6ypKdFw8R8gQw==} + engines: {node: ^14.21.3 || >=16} + + '@noble/curves@1.9.7': + resolution: {integrity: sha512-gbKGcRUYIjA3/zCCNaWDciTMFI0dCkvou3TL8Zmy5Nc7sJ47a0jtOeZoTaMxkuqRo9cRhjOdZJXegxYE5FN/xw==} + engines: {node: ^14.21.3 || >=16} + + '@noble/hashes@1.8.0': + resolution: {integrity: sha512-jCs9ldd7NwzpgXDIf6P3+NrHh9/sD6CQdxHyjQI+h/6rDNo88ypBxxz45UDuZHz9r3tNz7N/VInSVoVdtXEI4A==} + engines: {node: ^14.21.3 || >=16} + '@nodelib/fs.scandir@2.1.5': resolution: {integrity: sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==} engines: {node: '>= 8'} @@ -2108,6 +2122,46 @@ packages: resolution: {integrity: sha512-Ejfa37M5xoIwoxVebxRahnwubPo8g22qkXQ4p50+N9MIvU9UZoN+A8dwVPtczzGf8oV/YXN80ZPxK4aWXuSN/A==} engines: {node: '>=20.0.0'} + '@supabase/cli-darwin-arm64@2.109.1': + resolution: {integrity: sha512-tkn8tfunyqIL7RE+7DVjg6Ql2cJLPkGgh9cPafp2LbXI0qDgds0TaS+UOTHQEjci8JQXXe2wS00+122ko2QI8A==} + cpu: [arm64] + os: [darwin] + + '@supabase/cli-darwin-x64@2.109.1': + resolution: {integrity: sha512-0Q5ZAoWhOyIv4ZzQOU8QbjjdB2JmznnDNyJ3VrIeuLMWoifVfUWaLZhHBNYzr4xXoxBpKrggomuAT8BaEhY3lg==} + cpu: [x64] + os: [darwin] + + '@supabase/cli-linux-arm64-musl@2.109.1': + resolution: {integrity: sha512-cXNOsSU7MS+jmslGQATTD4DfWBEIHiFi7LaBWyBxHmR7tzIiZXimUXgN26ZiQjfAxU+RZq52C3k0qhi7vmqXQw==} + cpu: [arm64] + os: [linux] + + '@supabase/cli-linux-arm64@2.109.1': + resolution: {integrity: sha512-MS1djJjq5laD99+jYJUoARfSZhzRX9aXmo5piZ1yl2JXb9IXTuhiTD5olkFKQcgNckRcAZqMf4fucQGTYC767A==} + cpu: [arm64] + os: [linux] + + '@supabase/cli-linux-x64-musl@2.109.1': + resolution: {integrity: sha512-zeD9MrZpEKJrjkSPcYp4nZeGJ9FQt0i/kiRij4ZprPP6R5l+SLi6Pk20ln+Vj/GZuWTVxX7IHJ11pgViaReAWw==} + cpu: [x64] + os: [linux] + + '@supabase/cli-linux-x64@2.109.1': + resolution: {integrity: sha512-svFmamF/vIq4/oinwY50jDi869itC9/GWrPaGtsHFkK4NUBcQtl1T37WWIivGsXwbBKNC4FjZD3dGqjL7bfW1g==} + cpu: [x64] + os: [linux] + + '@supabase/cli-windows-arm64@2.109.1': + resolution: {integrity: sha512-NeKzgWAOpglnLwMTggTp5t44fbkfxACLkQNlCRx0q332HMM3WqsKQUsHv1MHc6ZbEc5bcMwaYjqPNI/aOWnP5g==} + cpu: [arm64] + os: [win32] + + '@supabase/cli-windows-x64@2.109.1': + resolution: {integrity: sha512-L9/pDLM+4IR8646aT69ZDVcnJeg1lZZsB26ZgI775S3f8jOHP41+1UH9Oq1g9CvKiAQviuaLgtwkuvi0I/cc/A==} + cpu: [x64] + os: [win32] + '@supabase/functions-js@2.105.4': resolution: {integrity: sha512-JVNKbBft3Qkja+WlGaE026AJ2AH9K0UTsxsfvEIHgd4zFrBor4BYRCrYFrv9IDsvVqkF72wKDsODJl5GY/C4tA==} engines: {node: '>=20.0.0'} @@ -2624,10 +2678,6 @@ packages: bidi-js@1.0.3: resolution: {integrity: sha512-RKshQI1R3YQ+n9YJz2QQ147P66ELpa1FQEg20Dk8oW9t2KgLbpDLLp9aGZ7y8WHSshDknG0bknqGw5/tyCs5tw==} - bin-links@6.0.0: - resolution: {integrity: sha512-X4CiKlcV2GjnCMwnKAfbVWpHa++65th9TuzAEYtZoATiOE2DQKhSp4CJlyLoTqdhBKlXjpXjCTYPNNFS33Fi6w==} - engines: {node: ^20.17.0 || >=22.9.0} - binary-extensions@2.3.0: resolution: {integrity: sha512-Ceh+7ox5qe7LJuLHoY0feh3pHuUDHAcRUeyL2VYghZwfpkNIy/+8Ocg0a3UuSoYzavmylwuLWQOf3hl0jjMMIw==} engines: {node: '>=8'} @@ -2677,10 +2727,6 @@ packages: resolution: {integrity: sha512-7VT13fmjotKpGipCW9JEQAusEPE+Ei8nl6/g4FBAmIm0GOOLMua9NDDo/DWp0ZAxCr3cPq5ZpBqmPAQgDda2Pw==} engines: {node: '>= 8.10.0'} - chownr@3.0.0: - resolution: {integrity: sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==} - engines: {node: '>=18'} - class-variance-authority@0.7.1: resolution: {integrity: sha512-Ka+9Trutv7G8M6WT6SeiRWz792K5qEqIGEGzXKhAE6xOWAY6pPH8U+9IY3oCMv6kqTmLsv7Xh/2w2RigkePMsg==} @@ -2696,10 +2742,6 @@ packages: resolution: {integrity: sha512-eYm0QWBtUrBWZWG0d386OGAw16Z995PiOVo2B7bjWSbHedGl5e0ZWaq65kOGgUSNesEIDkB9ISbTg/JK9dhCZA==} engines: {node: '>=6'} - cmd-shim@8.0.0: - resolution: {integrity: sha512-Jk/BK6NCapZ58BKUxlSI+ouKRbjH1NLZCgJkYoab+vEHUY3f6OzpNBN9u7HFSv9J6TRDGs4PLOHezoKGaFRSCA==} - engines: {node: ^20.17.0 || >=22.9.0} - cmdk@1.1.1: resolution: {integrity: sha512-Vsv7kFaXm+ptHDMZ7izaRsP70GgrW9NBNGswt9OZaVBLlE0SNpDq8eu/VGXyF9r7M0azK3Wy7OlYXsuyYLFzHg==} peerDependencies: @@ -2776,10 +2818,6 @@ packages: csstype@3.1.3: resolution: {integrity: sha512-M1uQkMl8rQK/szD0LNhtqxIPLpimGm8sOBwU7lLnCpSbTyY3yeU1Vc7l4KT5zT4s/yOxHH5O7tIuuLOCnLADRw==} - data-uri-to-buffer@4.0.1: - resolution: {integrity: sha512-0R9ikRb668HB7QDxT1vkpuUBtqc53YyAwMwGeUFKRojY/NWKvdZ+9UYtRfGmhqNbRkTSVpMbmyhXipFFv2cb/A==} - engines: {node: '>= 12'} - data-urls@6.0.0: resolution: {integrity: sha512-BnBS08aLUM+DKamupXs3w2tJJoqU+AkaE/+6vQxi/G/DPmIZFJJp9Dkb1kM03AZx8ADehDUZgsNxju3mPXZYIA==} engines: {node: '>=20'} @@ -2861,6 +2899,10 @@ packages: eastasianwidth@0.2.0: resolution: {integrity: sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==} + eciesjs@0.5.0: + resolution: {integrity: sha512-s0J9SEVYAEPg7J63GFMApLYzPH9VNIQIyC6s15JpnqVc0TqcKWdbgFlnAweEBRyMmko2dcs2sfC83Hj4J43tuA==} + engines: {bun: '>=1', deno: '>=2.7.10', node: '>=16'} + ejs@3.1.10: resolution: {integrity: sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==} engines: {node: '>=0.10.0'} @@ -2990,10 +3032,6 @@ packages: picomatch: optional: true - fetch-blob@3.2.0: - resolution: {integrity: sha512-7yAQpD2UMJzLi1Dqv7qFYnPbaPx7ZfFK6PiIxQ4PfkGPyNyl2Ugx+a/umUonmKqjhM4DnfbMvdX6otXq83soQQ==} - engines: {node: ^12.20 || >= 14.13} - fflate@0.4.8: resolution: {integrity: sha512-FJqqoDBR00Mdj9ppamLa/Y7vxm+PRmNWA67N846RvsoYVMKB4q3y/de5PA7gUmRMYK/8CMz2GDZQmCRN1wBcWA==} @@ -3018,10 +3056,6 @@ packages: resolution: {integrity: sha512-gIXjKqtFuWEgzFRJA9WCQeSJLZDjgJUOMCMzxtvFq/37KojM1BFGufqsCy0r4qSQmYLsZYMeyRqzIWOMup03sw==} engines: {node: '>=14'} - formdata-polyfill@4.0.10: - resolution: {integrity: sha512-buewHzMvYL29jdeQTVILecSaZKnt/RJWjoZCF5OW60Z67/GmSLBkOFM7qh1PI3zFNtJbaZL5eQu1vLfazOwj4g==} - engines: {node: '>=12.20.0'} - fraction.js@4.3.7: resolution: {integrity: sha512-ZsDfxO51wGAXREY55a7la9LScWpwv9RxIrYABrlvOFBlH/ShPnrtsXeuUIfXKKOVicNxQ+o8JTbJvjS4M89yew==} @@ -3196,10 +3230,6 @@ packages: idb@8.0.3: resolution: {integrity: sha512-LtwtVyVYO5BqRvcsKuB2iUMnHwPVByPCXFXOpuU96IZPPoPN6xjOGxZQ74pgSVVLQWtUOYgyeL4GE98BY5D3wg==} - imurmurhash@0.1.4: - resolution: {integrity: sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==} - engines: {node: '>=0.8.19'} - indent-string@4.0.0: resolution: {integrity: sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg==} engines: {node: '>=8'} @@ -3388,6 +3418,9 @@ packages: resolution: {integrity: sha512-/imKNG4EbWNrVjoNC/1H5/9GFy+tqjGBHCaSsN+P2RnPqjsLmv6UD3Ej+Kj8nBWaRAwyk7kK5ZUc+OEatnTR3A==} hasBin: true + jose@6.2.3: + resolution: {integrity: sha512-YYVDInQKFJfR/xa3ojUTl8c2KoTwiL1R5Wg9YCydwH0x0B9grbzlg5HC7mMjCtUJjbQ/YnGEZIhI5tCgfTb4Hw==} + js-tokens@10.0.0: resolution: {integrity: sha512-lM/UBzQmfJRo9ABXbPWemivdCW8V2G8FHaHdypQaIy523snUjog0W71ayWXTjiR+ixeMyVHN2XcpnTd/liPg/Q==} @@ -3538,10 +3571,6 @@ packages: resolution: {integrity: sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==} engines: {node: '>=16 || 14 >=14.17'} - minizlib@3.1.0: - resolution: {integrity: sha512-KZxYo1BUkWD2TVFLr0MQoM8vUUigWD3LlD83a/75BqC+4qE0Hb1Vo5v1FgcfaNXvfXzr+5EhQ6ing/CaBijTlw==} - engines: {node: '>= 18'} - motion-dom@12.23.21: resolution: {integrity: sha512-5xDXx/AbhrfgsQmSE7YESMn4Dpo6x5/DTZ4Iyy4xqDvVHWvFVoV+V2Ri2S/ksx+D40wrZ7gPYiMWshkdoqNgNQ==} @@ -3576,15 +3605,6 @@ packages: react: ^16.8 || ^17 || ^18 react-dom: ^16.8 || ^17 || ^18 - node-domexception@1.0.0: - resolution: {integrity: sha512-/jKZoMpw0F8GRwl4/eLROPA3cfcXtLApP0QzLmUT/HuPCZWyB7IY9ZrMeKw2O/nFIqPQB3PVM9aYm0F312AXDQ==} - engines: {node: '>=10.5.0'} - deprecated: Use your platform's native DOMException instead - - node-fetch@3.3.2: - resolution: {integrity: sha512-dRB78srN/l6gqWulah9SrxeYnxeddIG30+GOqK/9OlLVyLg3HPnr6SqOWTWOXKRwC2eGYCkZ59NNuSgvSrpgOA==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - node-releases@2.0.21: resolution: {integrity: sha512-5b0pgg78U3hwXkCM8Z9b2FJdPZlr9Psr9V2gQPESdGHqbntyFJKFW4r5TeWGFzafGY3hzs1JC62VEQMbl1JFkw==} @@ -3596,10 +3616,6 @@ packages: resolution: {integrity: sha512-bdok/XvKII3nUpklnV6P2hxtMNrCboOjAcyBuQnWEhO665FwrSNRxU+AqpsyvO6LgGYPspN+lu5CLtw4jPRKNA==} engines: {node: '>=0.10.0'} - npm-normalize-package-bin@5.0.0: - resolution: {integrity: sha512-CJi3OS4JLsNMmr2u07OJlhcrPxCeOeP/4xq67aWNai6TNWWbTrlNDgl8NcFKVlcBKp18GPj+EzbNIgrBfZhsag==} - engines: {node: ^20.17.0 || >=22.9.0} - object-assign@4.1.1: resolution: {integrity: sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg==} engines: {node: '>=0.10.0'} @@ -3785,10 +3801,6 @@ packages: resolution: {integrity: sha512-Qb1gy5OrP5+zDf2Bvnzdl3jsTf1qXVMazbvCoKhtKqVs4/YK4ozX4gKQJJVyNe+cajNPn0KoC0MC3FUmaHWEmQ==} engines: {node: ^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0} - proc-log@6.0.0: - resolution: {integrity: sha512-KG/XsTDN901PNfPfAMmj6N/Ywg9tM+bHK8pAz+27fS4N4Pcr+4zoYBOcGSBu6ceXYNPxkLpa4ohtfxV1XcLAfA==} - engines: {node: ^20.17.0 || >=22.9.0} - punycode@2.3.1: resolution: {integrity: sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==} engines: {node: '>=6'} @@ -3870,10 +3882,6 @@ packages: read-cache@1.0.0: resolution: {integrity: sha512-Owdv/Ft7IjOgm/i0xvNDZ1LrRANRfew4b2prF3OWMQLxLfu3bS8FVhCsrSCMK4lR56Y9ya+AThoTpDCTxCmpRA==} - read-cmd-shim@6.0.0: - resolution: {integrity: sha512-1zM5HuOfagXCBWMN83fuFI/x+T/UhZ7k+KIzhrHXcQoeX5+7gmaDYjELQHmmzIodumBHeByBJT4QYS7ufAgs7A==} - engines: {node: ^20.17.0 || >=22.9.0} - readdirp@3.6.0: resolution: {integrity: sha512-hOS089on8RduqdbhvQ5Z37A0ESjsqz6qnRcffsMU3495FuTdqSm+7bhJ29JvIOsBDEEnan5DPu9t3To9VRlMzA==} engines: {node: '>=8.10.0'} @@ -4169,9 +4177,8 @@ packages: engines: {node: '>=16 || 14 >=14.17'} hasBin: true - supabase@2.58.5: - resolution: {integrity: sha512-mYZSkUIePTdmwlHd26Pff8wpmjfre8gcuWzrc5QqhZgZvCXugVzAQQhcjaQisw5kusbPQWNIjUwcHYEKmejhPw==} - engines: {npm: '>=8'} + supabase@2.109.1: + resolution: {integrity: sha512-N2yP2MHTxOxXBWhfn3poudpJn4pkPosAUo7J/46FTou/l7wOwFi9tox8NSN6HljWkfM0zhwPRimNNGC9XBMoxQ==} hasBin: true supports-color@7.2.0: @@ -4198,10 +4205,6 @@ packages: engines: {node: '>=14.0.0'} hasBin: true - tar@7.5.2: - resolution: {integrity: sha512-7NyxrTE4Anh8km8iEy7o0QYPs+0JKBTj5ZaqHg6B39erLg0qYXN3BijtShwbsNSvQ+LN75+KV+C4QR/f6Gwnpg==} - engines: {node: '>=18'} - temp-dir@2.0.0: resolution: {integrity: sha512-aoBAniQmmwtcKp/7BzsH8Cxzv8OL736p7v1ihGb5e9DJ9kTwGWHrQrVB5+lfVDzfGrdRzXch+ig7LHaY1JTOrg==} engines: {node: '>=8'} @@ -4483,10 +4486,6 @@ packages: resolution: {integrity: sha512-o8qghlI8NZHU1lLPrpi2+Uq7abh4GGPpYANlalzWxyWteJOCsr/P+oPBA49TOLu5FTZO4d3F9MnWJfiMo4BkmA==} engines: {node: '>=18'} - web-streams-polyfill@3.3.3: - resolution: {integrity: sha512-d2JWLCivmZYTSIoge9MsgFCZrt571BikcWGYkjC1khllbTeDlGqZ2D8vD8E/lJa8WGWbb7Plm8/XJYV7IJHZZw==} - engines: {node: '>= 8'} - web-vitals@4.2.4: resolution: {integrity: sha512-r4DIlprAGwJ7YM11VZp4R884m0Vmgr6EAKe3P+kO0PPj3Unqyvv59rczf6UiGcb9Z8QxZVcqKNwv/g0WNdWwsw==} @@ -4605,10 +4604,6 @@ packages: wrappy@1.0.2: resolution: {integrity: sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==} - write-file-atomic@7.0.0: - resolution: {integrity: sha512-YnlPC6JqnZl6aO4uRc+dx5PHguiR9S6WeoLtpxNT9wIG+BDya7ZNE1q7KOjVgaA73hKhKLpVPgJ5QA9THQ5BRg==} - engines: {node: ^20.17.0 || >=22.9.0} - ws@8.18.3: resolution: {integrity: sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==} engines: {node: '>=10.0.0'} @@ -4631,10 +4626,6 @@ packages: yallist@3.1.1: resolution: {integrity: sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==} - yallist@5.0.0: - resolution: {integrity: sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==} - engines: {node: '>=18'} - yaml@2.8.1: resolution: {integrity: sha512-lcYcMxX2PO9XMGvAJkJ3OsNMw+/7FKes7/hgerGUYWIoWu5j/+YQqcZr5JnPZWzOsEBgMbSbiSTn/dv/69Mkpw==} engines: {node: '>= 14.6'} @@ -5388,6 +5379,10 @@ snapshots: '@date-fns/tz@1.4.1': {} + '@ecies/ciphers@0.2.6(@noble/ciphers@1.3.0)': + dependencies: + '@noble/ciphers': 1.3.0 + '@esbuild/aix-ppc64@0.25.10': optional: true @@ -5574,10 +5569,6 @@ snapshots: wrap-ansi: 8.1.0 wrap-ansi-cjs: wrap-ansi@7.0.0 - '@isaacs/fs-minipass@4.0.1': - dependencies: - minipass: 7.1.2 - '@jridgewell/gen-mapping@0.3.13': dependencies: '@jridgewell/sourcemap-codec': 1.5.5 @@ -5602,6 +5593,14 @@ snapshots: '@jridgewell/resolve-uri': 3.1.2 '@jridgewell/sourcemap-codec': 1.5.5 + '@noble/ciphers@1.3.0': {} + + '@noble/curves@1.9.7': + dependencies: + '@noble/hashes': 1.8.0 + + '@noble/hashes@1.8.0': {} + '@nodelib/fs.scandir@2.1.5': dependencies: '@nodelib/fs.stat': 2.0.5 @@ -6444,6 +6443,30 @@ snapshots: dependencies: tslib: 2.8.1 + '@supabase/cli-darwin-arm64@2.109.1': + optional: true + + '@supabase/cli-darwin-x64@2.109.1': + optional: true + + '@supabase/cli-linux-arm64-musl@2.109.1': + optional: true + + '@supabase/cli-linux-arm64@2.109.1': + optional: true + + '@supabase/cli-linux-x64-musl@2.109.1': + optional: true + + '@supabase/cli-linux-x64@2.109.1': + optional: true + + '@supabase/cli-windows-arm64@2.109.1': + optional: true + + '@supabase/cli-windows-x64@2.109.1': + optional: true + '@supabase/functions-js@2.105.4': dependencies: tslib: 2.8.1 @@ -7020,14 +7043,6 @@ snapshots: dependencies: require-from-string: 2.0.2 - bin-links@6.0.0: - dependencies: - cmd-shim: 8.0.0 - npm-normalize-package-bin: 5.0.0 - proc-log: 6.0.0 - read-cmd-shim: 6.0.0 - write-file-atomic: 7.0.0 - binary-extensions@2.3.0: {} brace-expansion@1.1.12: @@ -7088,8 +7103,6 @@ snapshots: optionalDependencies: fsevents: 2.3.3 - chownr@3.0.0: {} - class-variance-authority@0.7.1: dependencies: clsx: 2.1.1 @@ -7105,8 +7118,6 @@ snapshots: clsx@2.1.1: {} - cmd-shim@8.0.0: {} - cmdk@1.1.1(@types/react-dom@18.3.7(@types/react@18.3.24))(@types/react@18.3.24)(react-dom@18.3.1(react@18.3.1))(react@18.3.1): dependencies: '@radix-ui/react-compose-refs': 1.1.2(@types/react@18.3.24)(react@18.3.1) @@ -7176,8 +7187,6 @@ snapshots: csstype@3.1.3: {} - data-uri-to-buffer@4.0.1: {} - data-urls@6.0.0: dependencies: whatwg-mimetype: 4.0.0 @@ -7251,6 +7260,13 @@ snapshots: eastasianwidth@0.2.0: {} + eciesjs@0.5.0: + dependencies: + '@ecies/ciphers': 0.2.6(@noble/ciphers@1.3.0) + '@noble/ciphers': 1.3.0 + '@noble/curves': 1.9.7 + '@noble/hashes': 1.8.0 + ejs@3.1.10: dependencies: jake: 10.9.4 @@ -7457,11 +7473,6 @@ snapshots: optionalDependencies: picomatch: 4.0.3 - fetch-blob@3.2.0: - dependencies: - node-domexception: 1.0.0 - web-streams-polyfill: 3.3.3 - fflate@0.4.8: {} fflate@0.8.2: {} @@ -7485,10 +7496,6 @@ snapshots: cross-spawn: 7.0.6 signal-exit: 4.1.0 - formdata-polyfill@4.0.10: - dependencies: - fetch-blob: 3.2.0 - fraction.js@4.3.7: {} framer-motion@12.23.22(react-dom@18.3.1(react@18.3.1))(react@18.3.1): @@ -7663,8 +7670,6 @@ snapshots: idb@8.0.3: {} - imurmurhash@0.1.4: {} - indent-string@4.0.0: {} inflight@1.0.6: @@ -7849,6 +7854,8 @@ snapshots: jiti@1.21.7: {} + jose@6.2.3: {} + js-tokens@10.0.0: {} js-tokens@4.0.0: {} @@ -8003,10 +8010,6 @@ snapshots: minipass@7.1.2: {} - minizlib@3.1.0: - dependencies: - minipass: 7.1.2 - motion-dom@12.23.21: dependencies: motion-utils: 12.23.6 @@ -8034,22 +8037,12 @@ snapshots: react: 18.3.1 react-dom: 18.3.1(react@18.3.1) - node-domexception@1.0.0: {} - - node-fetch@3.3.2: - dependencies: - data-uri-to-buffer: 4.0.1 - fetch-blob: 3.2.0 - formdata-polyfill: 4.0.10 - node-releases@2.0.21: {} normalize-path@3.0.0: {} normalize-range@0.1.2: {} - npm-normalize-package-bin@5.0.0: {} - object-assign@4.1.1: {} object-hash@3.0.0: {} @@ -8201,8 +8194,6 @@ snapshots: ansi-styles: 5.2.0 react-is: 17.0.2 - proc-log@6.0.0: {} - punycode@2.3.1: {} queue-microtask@1.2.3: {} @@ -8279,8 +8270,6 @@ snapshots: dependencies: pify: 2.3.0 - read-cmd-shim@6.0.0: {} - readdirp@3.6.0: dependencies: picomatch: 2.3.1 @@ -8653,14 +8642,19 @@ snapshots: pirates: 4.0.7 ts-interface-checker: 0.1.13 - supabase@2.58.5: + supabase@2.109.1: dependencies: - bin-links: 6.0.0 - https-proxy-agent: 7.0.6 - node-fetch: 3.3.2 - tar: 7.5.2 - transitivePeerDependencies: - - supports-color + eciesjs: 0.5.0 + jose: 6.2.3 + optionalDependencies: + '@supabase/cli-darwin-arm64': 2.109.1 + '@supabase/cli-darwin-x64': 2.109.1 + '@supabase/cli-linux-arm64': 2.109.1 + '@supabase/cli-linux-arm64-musl': 2.109.1 + '@supabase/cli-linux-x64': 2.109.1 + '@supabase/cli-linux-x64-musl': 2.109.1 + '@supabase/cli-windows-arm64': 2.109.1 + '@supabase/cli-windows-x64': 2.109.1 supports-color@7.2.0: dependencies: @@ -8703,14 +8697,6 @@ snapshots: transitivePeerDependencies: - ts-node - tar@7.5.2: - dependencies: - '@isaacs/fs-minipass': 4.0.1 - chownr: 3.0.0 - minipass: 7.1.2 - minizlib: 3.1.0 - yallist: 5.0.0 - temp-dir@2.0.0: {} tempy@0.6.0: @@ -8962,8 +8948,6 @@ snapshots: dependencies: xml-name-validator: 5.0.0 - web-streams-polyfill@3.3.3: {} - web-vitals@4.2.4: {} webidl-conversions@4.0.2: {} @@ -9172,11 +9156,6 @@ snapshots: wrappy@1.0.2: {} - write-file-atomic@7.0.0: - dependencies: - imurmurhash: 0.1.4 - signal-exit: 4.1.0 - ws@8.18.3: {} xml-name-validator@5.0.0: {} @@ -9185,8 +9164,6 @@ snapshots: yallist@3.1.1: {} - yallist@5.0.0: {} - yaml@2.8.1: {} zod@3.25.76: {} From 6c7550b661110b795152b65ba4480ce2a0bedda5 Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 10 Jul 2026 14:38:06 +0000 Subject: [PATCH 12/19] Reapply "fix(deps): pin supabase CLI to an exact version" This reverts commit 02e15bf0e5e137a408c1e7ccf4bc5e02178bb4f9. --- package.json | 2 +- pnpm-lock.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index 73bbf716..ab28fdea 100644 --- a/package.json +++ b/package.json @@ -125,7 +125,7 @@ "oxlint": "^1.11.1", "postcss": "^8.4.47", "prettier": "^3.6.2", - "supabase": "^2.109.1", + "supabase": "2.109.1", "tailwindcss": "^3.4.11", "tsx": "^4.20.3", "typescript": "^5.5.3", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index c2971056..ddc94467 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -283,7 +283,7 @@ importers: specifier: ^3.6.2 version: 3.6.2 supabase: - specifier: ^2.109.1 + specifier: 2.109.1 version: 2.109.1 tailwindcss: specifier: ^3.4.11 From f8baa53f284bede8fb11700bae784f79b846e8ce Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 10 Jul 2026 14:38:06 +0000 Subject: [PATCH 13/19] Reapply "ci: use supabase/setup-cli@v3 lockfile version detection" This reverts commit a28c158b5c79d4d3bd980eb919129d9854a6f615. --- .github/workflows/_db_migrate.yml | 4 +--- .github/workflows/_deploy_edge_functions.yml | 4 +--- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/.github/workflows/_db_migrate.yml b/.github/workflows/_db_migrate.yml index 8cbfeaf9..bfa5ecab 100644 --- a/.github/workflows/_db_migrate.yml +++ b/.github/workflows/_db_migrate.yml @@ -28,9 +28,7 @@ jobs: - uses: actions/checkout@v4 - - uses: supabase/setup-cli@v2 - with: - version: 2.109.1 + - uses: supabase/setup-cli@v3 - name: Push migrations env: diff --git a/.github/workflows/_deploy_edge_functions.yml b/.github/workflows/_deploy_edge_functions.yml index b52596f4..7ee5bfdb 100644 --- a/.github/workflows/_deploy_edge_functions.yml +++ b/.github/workflows/_deploy_edge_functions.yml @@ -28,9 +28,7 @@ jobs: - uses: actions/checkout@v4 - - uses: supabase/setup-cli@v2 - with: - version: 2.109.1 + - uses: supabase/setup-cli@v3 - name: Deploy functions env: From a4687a8d94e3cd06f1abc4c2e21f167e4334d652 Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 10 Jul 2026 14:38:07 +0000 Subject: [PATCH 14/19] Reapply "fix(ci): read the local Supabase publishable key dynamically in e2e tests" This reverts commit f1eb54d032f474a8ebbb579057c48920a2a14fa0. --- .github/workflows/e2e-tests.yml | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/.github/workflows/e2e-tests.yml b/.github/workflows/e2e-tests.yml index ca67ee68..eea5c1e3 100644 --- a/.github/workflows/e2e-tests.yml +++ b/.github/workflows/e2e-tests.yml @@ -12,7 +12,6 @@ jobs: runs-on: ubuntu-latest env: VITE_SUPABASE_URL: http://127.0.0.1:54321 - VITE_SUPABASE_PUBLISHABLE_KEY: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6ImFub24iLCJleHAiOjE5ODM4MTI5OTZ9.CRXP1A7WOeoJeXxjNni43kdQwgnWNReilDMblYTn_I0 strategy: fail-fast: false matrix: @@ -42,6 +41,22 @@ jobs: sleep 10 npx supabase db reset + - name: Export Supabase local publishable key + run: | + npx supabase status -o env > /tmp/supabase-status.env + cat /tmp/supabase-status.env + KEY_LINE=$(grep -iE "PUBLISHABLE_KEY" /tmp/supabase-status.env | head -1) + if [ -z "$KEY_LINE" ]; then + KEY_LINE=$(grep -iE "ANON_KEY" /tmp/supabase-status.env | head -1) + fi + if [ -z "$KEY_LINE" ]; then + echo "Could not find a publishable/anon key in 'supabase status -o env' output" >&2 + exit 1 + fi + KEY_VALUE=$(echo "$KEY_LINE" | cut -d'=' -f2- | tr -d '"') + echo "VITE_SUPABASE_PUBLISHABLE_KEY=$KEY_VALUE" >> "$GITHUB_ENV" + echo "TEST_SUPABASE_ANON_KEY=$KEY_VALUE" >> "$GITHUB_ENV" + - name: Build project run: pnpm run build @@ -49,7 +64,6 @@ jobs: run: npx playwright test --shard=${{ matrix.shardIndex }}/${{ matrix.shardTotal }} --reporter=blob env: TEST_SUPABASE_URL: http://localhost:54321 - TEST_SUPABASE_ANON_KEY: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCN9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6ImFub24iLCJleHAiOjE5ODM4MTI5OTZ9.CRXP1A7WOeoJeXxjNni43kdQwgnWNReilDMblYTn_I0 - uses: actions/upload-artifact@v4 if: ${{ !cancelled() }} From 935aa62cb1ee4ea4ea24e63ad26abe91f1e599bb Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 10 Jul 2026 14:38:59 +0000 Subject: [PATCH 15/19] fix(deps): pin supabase CLI to 2.58.5, before the new API-key rollout 2.109.1 defaults local `supabase start` to sb_publishable_/sb_secret_ keys, and the anon-role auth path for those keys against this repo's local Postgrest/RLS setup doesn't work (every client request hangs/ fails, which is why the e2e auth spec timed out waiting on the header). 2.58.5 is the last version confirmed working against this stack; keep the setup-cli@v3 lockfile-based version detection and the dynamic `supabase status -o env` key export from the rest of this PR so this doesn't hand-drift out of sync again. --- package.json | 2 +- pnpm-lock.yaml | 269 ++++++++++++++++++++++++++----------------------- 2 files changed, 144 insertions(+), 127 deletions(-) diff --git a/package.json b/package.json index ab28fdea..5b19f744 100644 --- a/package.json +++ b/package.json @@ -125,7 +125,7 @@ "oxlint": "^1.11.1", "postcss": "^8.4.47", "prettier": "^3.6.2", - "supabase": "2.109.1", + "supabase": "2.58.5", "tailwindcss": "^3.4.11", "tsx": "^4.20.3", "typescript": "^5.5.3", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index ddc94467..0249cbf7 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -283,8 +283,8 @@ importers: specifier: ^3.6.2 version: 3.6.2 supabase: - specifier: 2.109.1 - version: 2.109.1 + specifier: 2.58.5 + version: 2.58.5 tailwindcss: specifier: ^3.4.11 version: 3.4.17 @@ -888,12 +888,6 @@ packages: '@date-fns/tz@1.4.1': resolution: {integrity: sha512-P5LUNhtbj6YfI3iJjw5EL9eUAG6OitD0W3fWQcpQjDRc/QIsL0tRNuO1PcDvPccWL1fSTXXdE1ds+l95DV/OFA==} - '@ecies/ciphers@0.2.6': - resolution: {integrity: sha512-patgsRPKGkhhoBjETV4XxD0En4ui5fbX0hzayqI3M8tvNMGUoUvmyYAIWwlxBc1KX5cturfqByYdj5bYGRpN9g==} - engines: {bun: '>=1', deno: '>=2.7.10', node: '>=16'} - peerDependencies: - '@noble/ciphers': ^1.0.0 - '@esbuild/aix-ppc64@0.25.10': resolution: {integrity: sha512-0NFWnA+7l41irNuaSVlLfgNT12caWJVLzp5eAVhZ0z1qpxbockccEt3s+149rE64VUI3Ml2zt8Nv5JVc4QXTsw==} engines: {node: '>=18'} @@ -1230,6 +1224,10 @@ packages: resolution: {integrity: sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==} engines: {node: '>=12'} + '@isaacs/fs-minipass@4.0.1': + resolution: {integrity: sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==} + engines: {node: '>=18.0.0'} + '@jridgewell/gen-mapping@0.3.13': resolution: {integrity: sha512-2kkt/7niJ6MgEPxF0bYdQ6etZaA+fQvDcLKckhy1yIQOzaoKjBBjSj63/aLVjYE3qhRt5dvM+uUyfCg6UKCBbA==} @@ -1249,18 +1247,6 @@ packages: '@jridgewell/trace-mapping@0.3.31': resolution: {integrity: sha512-zzNR+SdQSDJzc8joaeP8QQoCQr8NuYx2dIIytl1QeBEZHJ9uW6hebsrYgbz8hJwUQao3TWCMtmfV8Nu1twOLAw==} - '@noble/ciphers@1.3.0': - resolution: {integrity: sha512-2I0gnIVPtfnMw9ee9h1dJG7tp81+8Ob3OJb3Mv37rx5L40/b0i7djjCVvGOVqc9AEIQyvyu1i6ypKdFw8R8gQw==} - engines: {node: ^14.21.3 || >=16} - - '@noble/curves@1.9.7': - resolution: {integrity: sha512-gbKGcRUYIjA3/zCCNaWDciTMFI0dCkvou3TL8Zmy5Nc7sJ47a0jtOeZoTaMxkuqRo9cRhjOdZJXegxYE5FN/xw==} - engines: {node: ^14.21.3 || >=16} - - '@noble/hashes@1.8.0': - resolution: {integrity: sha512-jCs9ldd7NwzpgXDIf6P3+NrHh9/sD6CQdxHyjQI+h/6rDNo88ypBxxz45UDuZHz9r3tNz7N/VInSVoVdtXEI4A==} - engines: {node: ^14.21.3 || >=16} - '@nodelib/fs.scandir@2.1.5': resolution: {integrity: sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==} engines: {node: '>= 8'} @@ -2122,46 +2108,6 @@ packages: resolution: {integrity: sha512-Ejfa37M5xoIwoxVebxRahnwubPo8g22qkXQ4p50+N9MIvU9UZoN+A8dwVPtczzGf8oV/YXN80ZPxK4aWXuSN/A==} engines: {node: '>=20.0.0'} - '@supabase/cli-darwin-arm64@2.109.1': - resolution: {integrity: sha512-tkn8tfunyqIL7RE+7DVjg6Ql2cJLPkGgh9cPafp2LbXI0qDgds0TaS+UOTHQEjci8JQXXe2wS00+122ko2QI8A==} - cpu: [arm64] - os: [darwin] - - '@supabase/cli-darwin-x64@2.109.1': - resolution: {integrity: sha512-0Q5ZAoWhOyIv4ZzQOU8QbjjdB2JmznnDNyJ3VrIeuLMWoifVfUWaLZhHBNYzr4xXoxBpKrggomuAT8BaEhY3lg==} - cpu: [x64] - os: [darwin] - - '@supabase/cli-linux-arm64-musl@2.109.1': - resolution: {integrity: sha512-cXNOsSU7MS+jmslGQATTD4DfWBEIHiFi7LaBWyBxHmR7tzIiZXimUXgN26ZiQjfAxU+RZq52C3k0qhi7vmqXQw==} - cpu: [arm64] - os: [linux] - - '@supabase/cli-linux-arm64@2.109.1': - resolution: {integrity: sha512-MS1djJjq5laD99+jYJUoARfSZhzRX9aXmo5piZ1yl2JXb9IXTuhiTD5olkFKQcgNckRcAZqMf4fucQGTYC767A==} - cpu: [arm64] - os: [linux] - - '@supabase/cli-linux-x64-musl@2.109.1': - resolution: {integrity: sha512-zeD9MrZpEKJrjkSPcYp4nZeGJ9FQt0i/kiRij4ZprPP6R5l+SLi6Pk20ln+Vj/GZuWTVxX7IHJ11pgViaReAWw==} - cpu: [x64] - os: [linux] - - '@supabase/cli-linux-x64@2.109.1': - resolution: {integrity: sha512-svFmamF/vIq4/oinwY50jDi869itC9/GWrPaGtsHFkK4NUBcQtl1T37WWIivGsXwbBKNC4FjZD3dGqjL7bfW1g==} - cpu: [x64] - os: [linux] - - '@supabase/cli-windows-arm64@2.109.1': - resolution: {integrity: sha512-NeKzgWAOpglnLwMTggTp5t44fbkfxACLkQNlCRx0q332HMM3WqsKQUsHv1MHc6ZbEc5bcMwaYjqPNI/aOWnP5g==} - cpu: [arm64] - os: [win32] - - '@supabase/cli-windows-x64@2.109.1': - resolution: {integrity: sha512-L9/pDLM+4IR8646aT69ZDVcnJeg1lZZsB26ZgI775S3f8jOHP41+1UH9Oq1g9CvKiAQviuaLgtwkuvi0I/cc/A==} - cpu: [x64] - os: [win32] - '@supabase/functions-js@2.105.4': resolution: {integrity: sha512-JVNKbBft3Qkja+WlGaE026AJ2AH9K0UTsxsfvEIHgd4zFrBor4BYRCrYFrv9IDsvVqkF72wKDsODJl5GY/C4tA==} engines: {node: '>=20.0.0'} @@ -2678,6 +2624,10 @@ packages: bidi-js@1.0.3: resolution: {integrity: sha512-RKshQI1R3YQ+n9YJz2QQ147P66ELpa1FQEg20Dk8oW9t2KgLbpDLLp9aGZ7y8WHSshDknG0bknqGw5/tyCs5tw==} + bin-links@6.0.2: + resolution: {integrity: sha512-frE1t78WOwJ45PKV2cF2tNPjTcs9L1J9s6VkrV59wanRP4GlaomuxYPVma7BwthMg8WnfSory4w5PTE6FZZ81w==} + engines: {node: ^20.17.0 || >=22.9.0} + binary-extensions@2.3.0: resolution: {integrity: sha512-Ceh+7ox5qe7LJuLHoY0feh3pHuUDHAcRUeyL2VYghZwfpkNIy/+8Ocg0a3UuSoYzavmylwuLWQOf3hl0jjMMIw==} engines: {node: '>=8'} @@ -2727,6 +2677,10 @@ packages: resolution: {integrity: sha512-7VT13fmjotKpGipCW9JEQAusEPE+Ei8nl6/g4FBAmIm0GOOLMua9NDDo/DWp0ZAxCr3cPq5ZpBqmPAQgDda2Pw==} engines: {node: '>= 8.10.0'} + chownr@3.0.0: + resolution: {integrity: sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==} + engines: {node: '>=18'} + class-variance-authority@0.7.1: resolution: {integrity: sha512-Ka+9Trutv7G8M6WT6SeiRWz792K5qEqIGEGzXKhAE6xOWAY6pPH8U+9IY3oCMv6kqTmLsv7Xh/2w2RigkePMsg==} @@ -2742,6 +2696,10 @@ packages: resolution: {integrity: sha512-eYm0QWBtUrBWZWG0d386OGAw16Z995PiOVo2B7bjWSbHedGl5e0ZWaq65kOGgUSNesEIDkB9ISbTg/JK9dhCZA==} engines: {node: '>=6'} + cmd-shim@8.0.0: + resolution: {integrity: sha512-Jk/BK6NCapZ58BKUxlSI+ouKRbjH1NLZCgJkYoab+vEHUY3f6OzpNBN9u7HFSv9J6TRDGs4PLOHezoKGaFRSCA==} + engines: {node: ^20.17.0 || >=22.9.0} + cmdk@1.1.1: resolution: {integrity: sha512-Vsv7kFaXm+ptHDMZ7izaRsP70GgrW9NBNGswt9OZaVBLlE0SNpDq8eu/VGXyF9r7M0azK3Wy7OlYXsuyYLFzHg==} peerDependencies: @@ -2818,6 +2776,10 @@ packages: csstype@3.1.3: resolution: {integrity: sha512-M1uQkMl8rQK/szD0LNhtqxIPLpimGm8sOBwU7lLnCpSbTyY3yeU1Vc7l4KT5zT4s/yOxHH5O7tIuuLOCnLADRw==} + data-uri-to-buffer@4.0.1: + resolution: {integrity: sha512-0R9ikRb668HB7QDxT1vkpuUBtqc53YyAwMwGeUFKRojY/NWKvdZ+9UYtRfGmhqNbRkTSVpMbmyhXipFFv2cb/A==} + engines: {node: '>= 12'} + data-urls@6.0.0: resolution: {integrity: sha512-BnBS08aLUM+DKamupXs3w2tJJoqU+AkaE/+6vQxi/G/DPmIZFJJp9Dkb1kM03AZx8ADehDUZgsNxju3mPXZYIA==} engines: {node: '>=20'} @@ -2899,10 +2861,6 @@ packages: eastasianwidth@0.2.0: resolution: {integrity: sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==} - eciesjs@0.5.0: - resolution: {integrity: sha512-s0J9SEVYAEPg7J63GFMApLYzPH9VNIQIyC6s15JpnqVc0TqcKWdbgFlnAweEBRyMmko2dcs2sfC83Hj4J43tuA==} - engines: {bun: '>=1', deno: '>=2.7.10', node: '>=16'} - ejs@3.1.10: resolution: {integrity: sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==} engines: {node: '>=0.10.0'} @@ -3032,6 +2990,10 @@ packages: picomatch: optional: true + fetch-blob@3.2.0: + resolution: {integrity: sha512-7yAQpD2UMJzLi1Dqv7qFYnPbaPx7ZfFK6PiIxQ4PfkGPyNyl2Ugx+a/umUonmKqjhM4DnfbMvdX6otXq83soQQ==} + engines: {node: ^12.20 || >= 14.13} + fflate@0.4.8: resolution: {integrity: sha512-FJqqoDBR00Mdj9ppamLa/Y7vxm+PRmNWA67N846RvsoYVMKB4q3y/de5PA7gUmRMYK/8CMz2GDZQmCRN1wBcWA==} @@ -3056,6 +3018,10 @@ packages: resolution: {integrity: sha512-gIXjKqtFuWEgzFRJA9WCQeSJLZDjgJUOMCMzxtvFq/37KojM1BFGufqsCy0r4qSQmYLsZYMeyRqzIWOMup03sw==} engines: {node: '>=14'} + formdata-polyfill@4.0.10: + resolution: {integrity: sha512-buewHzMvYL29jdeQTVILecSaZKnt/RJWjoZCF5OW60Z67/GmSLBkOFM7qh1PI3zFNtJbaZL5eQu1vLfazOwj4g==} + engines: {node: '>=12.20.0'} + fraction.js@4.3.7: resolution: {integrity: sha512-ZsDfxO51wGAXREY55a7la9LScWpwv9RxIrYABrlvOFBlH/ShPnrtsXeuUIfXKKOVicNxQ+o8JTbJvjS4M89yew==} @@ -3418,9 +3384,6 @@ packages: resolution: {integrity: sha512-/imKNG4EbWNrVjoNC/1H5/9GFy+tqjGBHCaSsN+P2RnPqjsLmv6UD3Ej+Kj8nBWaRAwyk7kK5ZUc+OEatnTR3A==} hasBin: true - jose@6.2.3: - resolution: {integrity: sha512-YYVDInQKFJfR/xa3ojUTl8c2KoTwiL1R5Wg9YCydwH0x0B9grbzlg5HC7mMjCtUJjbQ/YnGEZIhI5tCgfTb4Hw==} - js-tokens@10.0.0: resolution: {integrity: sha512-lM/UBzQmfJRo9ABXbPWemivdCW8V2G8FHaHdypQaIy523snUjog0W71ayWXTjiR+ixeMyVHN2XcpnTd/liPg/Q==} @@ -3571,6 +3534,10 @@ packages: resolution: {integrity: sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==} engines: {node: '>=16 || 14 >=14.17'} + minizlib@3.1.0: + resolution: {integrity: sha512-KZxYo1BUkWD2TVFLr0MQoM8vUUigWD3LlD83a/75BqC+4qE0Hb1Vo5v1FgcfaNXvfXzr+5EhQ6ing/CaBijTlw==} + engines: {node: '>= 18'} + motion-dom@12.23.21: resolution: {integrity: sha512-5xDXx/AbhrfgsQmSE7YESMn4Dpo6x5/DTZ4Iyy4xqDvVHWvFVoV+V2Ri2S/ksx+D40wrZ7gPYiMWshkdoqNgNQ==} @@ -3605,6 +3572,15 @@ packages: react: ^16.8 || ^17 || ^18 react-dom: ^16.8 || ^17 || ^18 + node-domexception@1.0.0: + resolution: {integrity: sha512-/jKZoMpw0F8GRwl4/eLROPA3cfcXtLApP0QzLmUT/HuPCZWyB7IY9ZrMeKw2O/nFIqPQB3PVM9aYm0F312AXDQ==} + engines: {node: '>=10.5.0'} + deprecated: Use your platform's native DOMException instead + + node-fetch@3.3.2: + resolution: {integrity: sha512-dRB78srN/l6gqWulah9SrxeYnxeddIG30+GOqK/9OlLVyLg3HPnr6SqOWTWOXKRwC2eGYCkZ59NNuSgvSrpgOA==} + engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} + node-releases@2.0.21: resolution: {integrity: sha512-5b0pgg78U3hwXkCM8Z9b2FJdPZlr9Psr9V2gQPESdGHqbntyFJKFW4r5TeWGFzafGY3hzs1JC62VEQMbl1JFkw==} @@ -3616,6 +3592,10 @@ packages: resolution: {integrity: sha512-bdok/XvKII3nUpklnV6P2hxtMNrCboOjAcyBuQnWEhO665FwrSNRxU+AqpsyvO6LgGYPspN+lu5CLtw4jPRKNA==} engines: {node: '>=0.10.0'} + npm-normalize-package-bin@5.0.0: + resolution: {integrity: sha512-CJi3OS4JLsNMmr2u07OJlhcrPxCeOeP/4xq67aWNai6TNWWbTrlNDgl8NcFKVlcBKp18GPj+EzbNIgrBfZhsag==} + engines: {node: ^20.17.0 || >=22.9.0} + object-assign@4.1.1: resolution: {integrity: sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg==} engines: {node: '>=0.10.0'} @@ -3801,6 +3781,10 @@ packages: resolution: {integrity: sha512-Qb1gy5OrP5+zDf2Bvnzdl3jsTf1qXVMazbvCoKhtKqVs4/YK4ozX4gKQJJVyNe+cajNPn0KoC0MC3FUmaHWEmQ==} engines: {node: ^10.13.0 || ^12.13.0 || ^14.15.0 || >=15.0.0} + proc-log@6.1.0: + resolution: {integrity: sha512-iG+GYldRf2BQ0UDUAd6JQ/RwzaQy6mXmsk/IzlYyal4A4SNFw54MeH4/tLkF4I5WoWG9SQwuqWzS99jaFQHBuQ==} + engines: {node: ^20.17.0 || >=22.9.0} + punycode@2.3.1: resolution: {integrity: sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==} engines: {node: '>=6'} @@ -3882,6 +3866,10 @@ packages: read-cache@1.0.0: resolution: {integrity: sha512-Owdv/Ft7IjOgm/i0xvNDZ1LrRANRfew4b2prF3OWMQLxLfu3bS8FVhCsrSCMK4lR56Y9ya+AThoTpDCTxCmpRA==} + read-cmd-shim@6.0.0: + resolution: {integrity: sha512-1zM5HuOfagXCBWMN83fuFI/x+T/UhZ7k+KIzhrHXcQoeX5+7gmaDYjELQHmmzIodumBHeByBJT4QYS7ufAgs7A==} + engines: {node: ^20.17.0 || >=22.9.0} + readdirp@3.6.0: resolution: {integrity: sha512-hOS089on8RduqdbhvQ5Z37A0ESjsqz6qnRcffsMU3495FuTdqSm+7bhJ29JvIOsBDEEnan5DPu9t3To9VRlMzA==} engines: {node: '>=8.10.0'} @@ -4177,8 +4165,9 @@ packages: engines: {node: '>=16 || 14 >=14.17'} hasBin: true - supabase@2.109.1: - resolution: {integrity: sha512-N2yP2MHTxOxXBWhfn3poudpJn4pkPosAUo7J/46FTou/l7wOwFi9tox8NSN6HljWkfM0zhwPRimNNGC9XBMoxQ==} + supabase@2.58.5: + resolution: {integrity: sha512-mYZSkUIePTdmwlHd26Pff8wpmjfre8gcuWzrc5QqhZgZvCXugVzAQQhcjaQisw5kusbPQWNIjUwcHYEKmejhPw==} + engines: {npm: '>=8'} hasBin: true supports-color@7.2.0: @@ -4205,6 +4194,11 @@ packages: engines: {node: '>=14.0.0'} hasBin: true + tar@7.5.2: + resolution: {integrity: sha512-7NyxrTE4Anh8km8iEy7o0QYPs+0JKBTj5ZaqHg6B39erLg0qYXN3BijtShwbsNSvQ+LN75+KV+C4QR/f6Gwnpg==} + engines: {node: '>=18'} + deprecated: Old versions of tar are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me + temp-dir@2.0.0: resolution: {integrity: sha512-aoBAniQmmwtcKp/7BzsH8Cxzv8OL736p7v1ihGb5e9DJ9kTwGWHrQrVB5+lfVDzfGrdRzXch+ig7LHaY1JTOrg==} engines: {node: '>=8'} @@ -4486,6 +4480,10 @@ packages: resolution: {integrity: sha512-o8qghlI8NZHU1lLPrpi2+Uq7abh4GGPpYANlalzWxyWteJOCsr/P+oPBA49TOLu5FTZO4d3F9MnWJfiMo4BkmA==} engines: {node: '>=18'} + web-streams-polyfill@3.3.3: + resolution: {integrity: sha512-d2JWLCivmZYTSIoge9MsgFCZrt571BikcWGYkjC1khllbTeDlGqZ2D8vD8E/lJa8WGWbb7Plm8/XJYV7IJHZZw==} + engines: {node: '>= 8'} + web-vitals@4.2.4: resolution: {integrity: sha512-r4DIlprAGwJ7YM11VZp4R884m0Vmgr6EAKe3P+kO0PPj3Unqyvv59rczf6UiGcb9Z8QxZVcqKNwv/g0WNdWwsw==} @@ -4604,6 +4602,10 @@ packages: wrappy@1.0.2: resolution: {integrity: sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==} + write-file-atomic@7.0.1: + resolution: {integrity: sha512-OTIk8iR8/aCRWBqvxrzxR0hgxWpnYBblY1S5hDWBQfk/VFmJwzmJgQFN3WsoUKHISv2eAwe+PpbUzyL1CKTLXg==} + engines: {node: ^20.17.0 || >=22.9.0} + ws@8.18.3: resolution: {integrity: sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==} engines: {node: '>=10.0.0'} @@ -4626,6 +4628,10 @@ packages: yallist@3.1.1: resolution: {integrity: sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==} + yallist@5.0.0: + resolution: {integrity: sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==} + engines: {node: '>=18'} + yaml@2.8.1: resolution: {integrity: sha512-lcYcMxX2PO9XMGvAJkJ3OsNMw+/7FKes7/hgerGUYWIoWu5j/+YQqcZr5JnPZWzOsEBgMbSbiSTn/dv/69Mkpw==} engines: {node: '>= 14.6'} @@ -5379,10 +5385,6 @@ snapshots: '@date-fns/tz@1.4.1': {} - '@ecies/ciphers@0.2.6(@noble/ciphers@1.3.0)': - dependencies: - '@noble/ciphers': 1.3.0 - '@esbuild/aix-ppc64@0.25.10': optional: true @@ -5569,6 +5571,10 @@ snapshots: wrap-ansi: 8.1.0 wrap-ansi-cjs: wrap-ansi@7.0.0 + '@isaacs/fs-minipass@4.0.1': + dependencies: + minipass: 7.1.2 + '@jridgewell/gen-mapping@0.3.13': dependencies: '@jridgewell/sourcemap-codec': 1.5.5 @@ -5593,14 +5599,6 @@ snapshots: '@jridgewell/resolve-uri': 3.1.2 '@jridgewell/sourcemap-codec': 1.5.5 - '@noble/ciphers@1.3.0': {} - - '@noble/curves@1.9.7': - dependencies: - '@noble/hashes': 1.8.0 - - '@noble/hashes@1.8.0': {} - '@nodelib/fs.scandir@2.1.5': dependencies: '@nodelib/fs.stat': 2.0.5 @@ -6443,30 +6441,6 @@ snapshots: dependencies: tslib: 2.8.1 - '@supabase/cli-darwin-arm64@2.109.1': - optional: true - - '@supabase/cli-darwin-x64@2.109.1': - optional: true - - '@supabase/cli-linux-arm64-musl@2.109.1': - optional: true - - '@supabase/cli-linux-arm64@2.109.1': - optional: true - - '@supabase/cli-linux-x64-musl@2.109.1': - optional: true - - '@supabase/cli-linux-x64@2.109.1': - optional: true - - '@supabase/cli-windows-arm64@2.109.1': - optional: true - - '@supabase/cli-windows-x64@2.109.1': - optional: true - '@supabase/functions-js@2.105.4': dependencies: tslib: 2.8.1 @@ -7043,6 +7017,14 @@ snapshots: dependencies: require-from-string: 2.0.2 + bin-links@6.0.2: + dependencies: + cmd-shim: 8.0.0 + npm-normalize-package-bin: 5.0.0 + proc-log: 6.1.0 + read-cmd-shim: 6.0.0 + write-file-atomic: 7.0.1 + binary-extensions@2.3.0: {} brace-expansion@1.1.12: @@ -7103,6 +7085,8 @@ snapshots: optionalDependencies: fsevents: 2.3.3 + chownr@3.0.0: {} + class-variance-authority@0.7.1: dependencies: clsx: 2.1.1 @@ -7118,6 +7102,8 @@ snapshots: clsx@2.1.1: {} + cmd-shim@8.0.0: {} + cmdk@1.1.1(@types/react-dom@18.3.7(@types/react@18.3.24))(@types/react@18.3.24)(react-dom@18.3.1(react@18.3.1))(react@18.3.1): dependencies: '@radix-ui/react-compose-refs': 1.1.2(@types/react@18.3.24)(react@18.3.1) @@ -7187,6 +7173,8 @@ snapshots: csstype@3.1.3: {} + data-uri-to-buffer@4.0.1: {} + data-urls@6.0.0: dependencies: whatwg-mimetype: 4.0.0 @@ -7260,13 +7248,6 @@ snapshots: eastasianwidth@0.2.0: {} - eciesjs@0.5.0: - dependencies: - '@ecies/ciphers': 0.2.6(@noble/ciphers@1.3.0) - '@noble/ciphers': 1.3.0 - '@noble/curves': 1.9.7 - '@noble/hashes': 1.8.0 - ejs@3.1.10: dependencies: jake: 10.9.4 @@ -7473,6 +7454,11 @@ snapshots: optionalDependencies: picomatch: 4.0.3 + fetch-blob@3.2.0: + dependencies: + node-domexception: 1.0.0 + web-streams-polyfill: 3.3.3 + fflate@0.4.8: {} fflate@0.8.2: {} @@ -7496,6 +7482,10 @@ snapshots: cross-spawn: 7.0.6 signal-exit: 4.1.0 + formdata-polyfill@4.0.10: + dependencies: + fetch-blob: 3.2.0 + fraction.js@4.3.7: {} framer-motion@12.23.22(react-dom@18.3.1(react@18.3.1))(react@18.3.1): @@ -7854,8 +7844,6 @@ snapshots: jiti@1.21.7: {} - jose@6.2.3: {} - js-tokens@10.0.0: {} js-tokens@4.0.0: {} @@ -8010,6 +7998,10 @@ snapshots: minipass@7.1.2: {} + minizlib@3.1.0: + dependencies: + minipass: 7.1.2 + motion-dom@12.23.21: dependencies: motion-utils: 12.23.6 @@ -8037,12 +8029,22 @@ snapshots: react: 18.3.1 react-dom: 18.3.1(react@18.3.1) + node-domexception@1.0.0: {} + + node-fetch@3.3.2: + dependencies: + data-uri-to-buffer: 4.0.1 + fetch-blob: 3.2.0 + formdata-polyfill: 4.0.10 + node-releases@2.0.21: {} normalize-path@3.0.0: {} normalize-range@0.1.2: {} + npm-normalize-package-bin@5.0.0: {} + object-assign@4.1.1: {} object-hash@3.0.0: {} @@ -8194,6 +8196,8 @@ snapshots: ansi-styles: 5.2.0 react-is: 17.0.2 + proc-log@6.1.0: {} + punycode@2.3.1: {} queue-microtask@1.2.3: {} @@ -8270,6 +8274,8 @@ snapshots: dependencies: pify: 2.3.0 + read-cmd-shim@6.0.0: {} + readdirp@3.6.0: dependencies: picomatch: 2.3.1 @@ -8642,19 +8648,14 @@ snapshots: pirates: 4.0.7 ts-interface-checker: 0.1.13 - supabase@2.109.1: + supabase@2.58.5: dependencies: - eciesjs: 0.5.0 - jose: 6.2.3 - optionalDependencies: - '@supabase/cli-darwin-arm64': 2.109.1 - '@supabase/cli-darwin-x64': 2.109.1 - '@supabase/cli-linux-arm64': 2.109.1 - '@supabase/cli-linux-arm64-musl': 2.109.1 - '@supabase/cli-linux-x64': 2.109.1 - '@supabase/cli-linux-x64-musl': 2.109.1 - '@supabase/cli-windows-arm64': 2.109.1 - '@supabase/cli-windows-x64': 2.109.1 + bin-links: 6.0.2 + https-proxy-agent: 7.0.6 + node-fetch: 3.3.2 + tar: 7.5.2 + transitivePeerDependencies: + - supports-color supports-color@7.2.0: dependencies: @@ -8697,6 +8698,14 @@ snapshots: transitivePeerDependencies: - ts-node + tar@7.5.2: + dependencies: + '@isaacs/fs-minipass': 4.0.1 + chownr: 3.0.0 + minipass: 7.1.2 + minizlib: 3.1.0 + yallist: 5.0.0 + temp-dir@2.0.0: {} tempy@0.6.0: @@ -8948,6 +8957,8 @@ snapshots: dependencies: xml-name-validator: 5.0.0 + web-streams-polyfill@3.3.3: {} + web-vitals@4.2.4: {} webidl-conversions@4.0.2: {} @@ -9156,6 +9167,10 @@ snapshots: wrappy@1.0.2: {} + write-file-atomic@7.0.1: + dependencies: + signal-exit: 4.1.0 + ws@8.18.3: {} xml-name-validator@5.0.0: {} @@ -9164,6 +9179,8 @@ snapshots: yallist@3.1.1: {} + yallist@5.0.0: {} + yaml@2.8.1: {} zod@3.25.76: {} From 222202f3fd11f2bb2b59ca467e5c22bd60e80363 Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 10 Jul 2026 14:40:37 +0000 Subject: [PATCH 16/19] revert(ci): drop dynamic key export from e2e workflow Unneeded now that the CLI is pinned back to 2.58.5 - that version works fine with the original hardcoded demo JWT anon key, so there's no need for the extra `supabase status -o env` parsing step this PR had added to work around 2.109.1's new key format. --- .github/workflows/e2e-tests.yml | 18 ++---------------- 1 file changed, 2 insertions(+), 16 deletions(-) diff --git a/.github/workflows/e2e-tests.yml b/.github/workflows/e2e-tests.yml index eea5c1e3..ca67ee68 100644 --- a/.github/workflows/e2e-tests.yml +++ b/.github/workflows/e2e-tests.yml @@ -12,6 +12,7 @@ jobs: runs-on: ubuntu-latest env: VITE_SUPABASE_URL: http://127.0.0.1:54321 + VITE_SUPABASE_PUBLISHABLE_KEY: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6ImFub24iLCJleHAiOjE5ODM4MTI5OTZ9.CRXP1A7WOeoJeXxjNni43kdQwgnWNReilDMblYTn_I0 strategy: fail-fast: false matrix: @@ -41,22 +42,6 @@ jobs: sleep 10 npx supabase db reset - - name: Export Supabase local publishable key - run: | - npx supabase status -o env > /tmp/supabase-status.env - cat /tmp/supabase-status.env - KEY_LINE=$(grep -iE "PUBLISHABLE_KEY" /tmp/supabase-status.env | head -1) - if [ -z "$KEY_LINE" ]; then - KEY_LINE=$(grep -iE "ANON_KEY" /tmp/supabase-status.env | head -1) - fi - if [ -z "$KEY_LINE" ]; then - echo "Could not find a publishable/anon key in 'supabase status -o env' output" >&2 - exit 1 - fi - KEY_VALUE=$(echo "$KEY_LINE" | cut -d'=' -f2- | tr -d '"') - echo "VITE_SUPABASE_PUBLISHABLE_KEY=$KEY_VALUE" >> "$GITHUB_ENV" - echo "TEST_SUPABASE_ANON_KEY=$KEY_VALUE" >> "$GITHUB_ENV" - - name: Build project run: pnpm run build @@ -64,6 +49,7 @@ jobs: run: npx playwright test --shard=${{ matrix.shardIndex }}/${{ matrix.shardTotal }} --reporter=blob env: TEST_SUPABASE_URL: http://localhost:54321 + TEST_SUPABASE_ANON_KEY: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCN9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6ImFub24iLCJleHAiOjE5ODM4MTI5OTZ9.CRXP1A7WOeoJeXxjNni43kdQwgnWNReilDMblYTn_I0 - uses: actions/upload-artifact@v4 if: ${{ !cancelled() }} From df16595b2d5043c9322aeabe0caf99e1fd087630 Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 10 Jul 2026 15:29:29 +0000 Subject: [PATCH 17/19] fix(deps): bump pinned supabase CLI to 2.70.0 2.58.5 confirmed the JWT-key regression was CLI-version-specific, not this repo's setup. 2.71.1 flipped the default local JWT signing algorithm from HS256 to ES256 with no opt-out (supabase/cli#4726), which breaks the hardcoded demo anon key's signature - so 2.70.0 is the newest version that stays on the working HS256 default while still picking up ~150 patch releases of fixes over 2.58.5. --- package.json | 2 +- pnpm-lock.yaml | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/package.json b/package.json index 5b19f744..64275e62 100644 --- a/package.json +++ b/package.json @@ -125,7 +125,7 @@ "oxlint": "^1.11.1", "postcss": "^8.4.47", "prettier": "^3.6.2", - "supabase": "2.58.5", + "supabase": "2.70.0", "tailwindcss": "^3.4.11", "tsx": "^4.20.3", "typescript": "^5.5.3", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 0249cbf7..9debb2d6 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -283,8 +283,8 @@ importers: specifier: ^3.6.2 version: 3.6.2 supabase: - specifier: 2.58.5 - version: 2.58.5 + specifier: 2.70.0 + version: 2.70.0 tailwindcss: specifier: ^3.4.11 version: 3.4.17 @@ -4165,8 +4165,8 @@ packages: engines: {node: '>=16 || 14 >=14.17'} hasBin: true - supabase@2.58.5: - resolution: {integrity: sha512-mYZSkUIePTdmwlHd26Pff8wpmjfre8gcuWzrc5QqhZgZvCXugVzAQQhcjaQisw5kusbPQWNIjUwcHYEKmejhPw==} + supabase@2.70.0: + resolution: {integrity: sha512-Hxe+owAKqX3DOmJy9mcVFwL6RYHZqJvZecZK72MYaMQ2D8gEhN7GoFUEmfJLmlBb0x5euT0eUOTBei5LAVIT0g==} engines: {npm: '>=8'} hasBin: true @@ -8648,7 +8648,7 @@ snapshots: pirates: 4.0.7 ts-interface-checker: 0.1.13 - supabase@2.58.5: + supabase@2.70.0: dependencies: bin-links: 6.0.2 https-proxy-agent: 7.0.6 From 18fbf204b303c4b30a48299b982f70a142b76e05 Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 10 Jul 2026 15:37:50 +0000 Subject: [PATCH 18/19] test(deps): try supabase CLI 2.71.1 to confirm the ES256-flip theory Deliberately bumping to the exact version that switched local JWT signing from HS256 to ES256 by default, to confirm this is the version where e2e breaks (as expected from supabase/cli#4726). Diagnostic only. --- package.json | 2 +- pnpm-lock.yaml | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/package.json b/package.json index 64275e62..3a68683b 100644 --- a/package.json +++ b/package.json @@ -125,7 +125,7 @@ "oxlint": "^1.11.1", "postcss": "^8.4.47", "prettier": "^3.6.2", - "supabase": "2.70.0", + "supabase": "2.71.1", "tailwindcss": "^3.4.11", "tsx": "^4.20.3", "typescript": "^5.5.3", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 9debb2d6..b1f015ed 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -283,8 +283,8 @@ importers: specifier: ^3.6.2 version: 3.6.2 supabase: - specifier: 2.70.0 - version: 2.70.0 + specifier: 2.71.1 + version: 2.71.1 tailwindcss: specifier: ^3.4.11 version: 3.4.17 @@ -4165,8 +4165,8 @@ packages: engines: {node: '>=16 || 14 >=14.17'} hasBin: true - supabase@2.70.0: - resolution: {integrity: sha512-Hxe+owAKqX3DOmJy9mcVFwL6RYHZqJvZecZK72MYaMQ2D8gEhN7GoFUEmfJLmlBb0x5euT0eUOTBei5LAVIT0g==} + supabase@2.71.1: + resolution: {integrity: sha512-ICuVAkCrGde9gulis5JcqpN8osGllbFStcMjssOq97Kn/TMGX6Ngoo4mhHva9CZY/UvYyfcbph9QbY8fzZ8b/Q==} engines: {npm: '>=8'} hasBin: true @@ -8648,7 +8648,7 @@ snapshots: pirates: 4.0.7 ts-interface-checker: 0.1.13 - supabase@2.70.0: + supabase@2.71.1: dependencies: bin-links: 6.0.2 https-proxy-agent: 7.0.6 From 4f11c4fc8bc5b0b2397f4a63bab882a6c21fcb4b Mon Sep 17 00:00:00 2001 From: Claude Date: Fri, 10 Jul 2026 15:42:30 +0000 Subject: [PATCH 19/19] Revert "test(deps): try supabase CLI 2.71.1 to confirm the ES256-flip theory" This reverts commit 18fbf204b303c4b30a48299b982f70a142b76e05. --- package.json | 2 +- pnpm-lock.yaml | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/package.json b/package.json index 3a68683b..64275e62 100644 --- a/package.json +++ b/package.json @@ -125,7 +125,7 @@ "oxlint": "^1.11.1", "postcss": "^8.4.47", "prettier": "^3.6.2", - "supabase": "2.71.1", + "supabase": "2.70.0", "tailwindcss": "^3.4.11", "tsx": "^4.20.3", "typescript": "^5.5.3", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index b1f015ed..9debb2d6 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -283,8 +283,8 @@ importers: specifier: ^3.6.2 version: 3.6.2 supabase: - specifier: 2.71.1 - version: 2.71.1 + specifier: 2.70.0 + version: 2.70.0 tailwindcss: specifier: ^3.4.11 version: 3.4.17 @@ -4165,8 +4165,8 @@ packages: engines: {node: '>=16 || 14 >=14.17'} hasBin: true - supabase@2.71.1: - resolution: {integrity: sha512-ICuVAkCrGde9gulis5JcqpN8osGllbFStcMjssOq97Kn/TMGX6Ngoo4mhHva9CZY/UvYyfcbph9QbY8fzZ8b/Q==} + supabase@2.70.0: + resolution: {integrity: sha512-Hxe+owAKqX3DOmJy9mcVFwL6RYHZqJvZecZK72MYaMQ2D8gEhN7GoFUEmfJLmlBb0x5euT0eUOTBei5LAVIT0g==} engines: {npm: '>=8'} hasBin: true @@ -8648,7 +8648,7 @@ snapshots: pirates: 4.0.7 ts-interface-checker: 0.1.13 - supabase@2.71.1: + supabase@2.70.0: dependencies: bin-links: 6.0.2 https-proxy-agent: 7.0.6