This is maybe a silly question, but i'd love to have multiple seed.sql files just to keep some of the requests a bit cleaner and easier to read. Is this possible?

I'm trying to authenticate with OAuth on an app I was working on a couple of weeks ago but I now get a

NET::ERR_CERT_AUTHORITY_INVALID

error. My project was paused on supabase due to inactivity the last couple of weeks but after reactivating it a couple of minutes ago I still get this error. Here's my project: https://habits-psi.vercel.app/ Error occurs when clicking on

Sign in with Github

button Anyone know what to do?

Hello, i have a user page like '/user/[slug]' , and i get user data based on that url, however it is not look so pretty. Is there any way to put unique number rather than uuid in [slug]?

I want to make a column which only take english, number, underscore, periods. How can i do that?

I can't find the option to activate the custom SMTP. Where can I find it?

When a user signs up, some additional data is passed into the options of the request, as so:

js
const signupResult = await supabaseClient.auth.signUp({
  email,
  password,
  options: {
    data: {
      username
    }
  }
});

I am trying to create a function that will take this

username

when the user signs up, and add the value to the users corresponding row in my

profiles

table. I don't understand how I can access the json data in the function. Anytime I try to search up the syntax I see only regular SQL select statements, but in this case I am not

select

-ing the json from an existing row, but rather trying to retrieve it through the

new

variable that's available to me in my function. As far as I understand, the

new

keyword represents the new entry, which is where I expect this JSON object to exist I also tried this approach but it's not working either:

declare
  username varchar(50);

begin
  select raw_user_meta_data ->> "username" from auth.users where id = new.user_id into username;
  insert into public.profiles(user_id, username)
  values(new.id, username);

  return new;
end;

I trying to write function to count all record of specify table this is my query: *create or replace function count_record_table(tbl_name text) returns int as $$ WITH myconstants AS (VALUES (tbl_name)) SELECT COUNT(*) as amount FROM myconstants; $$ language sql ;* **My query : select * from count_record_table('users') ** But it only return 1 How can I pass table name as variable in function?

Hi, I'm trying to develop a supabase function on windows but I'm having trouble with the

supabase functions serve

command of the cli on windows, it doesn't seem to be watching changes. Is this a known problem or is there a workaround or a fix that I can apply on my side? Thank you!

I want to query the logs for NOTICE levels. I don't know how to describe the table because it's on another schema or database and I can't find documentation on the log database tables and columns. thanks!

I am getting an error when setting this up. It works locally but when it is time to post the link it gives a 500 error https://github.com/vercel/examples/tree/main/solutions/platforms-slate-supabase

Hello, If I wanted to delete a certain user entirely - meaning deletion of all data related to the uid of that user including storage, database and auth. I was just trying to delete certain user from auth section and I've had so many errors since I've had to manually check which tables was that user tied to. Is there a better and quicker method that I could use?

from("foo").select(...)

only gives me the type "*" in vscode, does it not know all my table columns?

Getting the following error message after deploying to vercel, the application breaks at that point and nothing is interactive anymore, i've deployed 3 other times with supabase on vercel before this so i have no clue what could be going wrong

Hello, I'm attempting to remove an image from storage using the JavaScript client functions such as const { data, error } = await supabase.storage .from('data') .remove([

images/${image}

]) I checked my storage policies, they allow CRUD operations for all users (not secure I know). I'm called an async function which gets the image src and deletes the image from storage. Not sure what I'm doing wrong.

I'm looking for help with a very simple RLS policy. I want to allow SELECT for rows created by the user. I have a created_by field which I can see is populated correctly with a foreign key. I get no rows returned every time I add any select policy. I've tried this from the examples:

create policy "view your own stuff"
    on my_table for select
    using ( auth.uid() = created_by );

Even if I just change the policy to

true

I get no results back. As soon as I disable RLS for the table I do get all results back. Can't figure out what I am doing wrong? I'm using SvelteKit and doing this in a page.server.js file

I'm trying to test edge functions locally. Everything works fine except when I try to use supabase client library. Error:

http
{
    "message": "FetchError: error sending request for url (http://localhost:54321/rest/v1/reactions?select=*): error trying to connect: tcp connect error: Cannot assign requested address (os error 99)",
    "details": "",
    "hint": "",
    "code": ""
}

Code:

js
import { serve } from "https://deno.land/std@0.168.0/http/server.ts"
import { createClient, SupabaseClient } from 'https://esm.sh/@supabase/supabase-js@2'

serve(async (req) => {
  const { url, method } = req

  try {
    const SUPABASE_URL = 'http://localhost:54321'
    const SUPABASE_ANON_KEY = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6ImFub24iLCJleHAiOjE5ODM4MTI5OTZ9.CRXP1A7WOeoJeXxjNni43kdQwgnWNReilDMblYTn_I0'

    const supabase = createClient(SUPABASE_URL, SUPABASE_ANON_KEY)

    const { data, error } = await supabase.from('reactions').select()


    if (error) {
      return new Response(JSON.stringify(error), {
        status: 500
      })
    }

    return new Response(
      JSON.stringify(data),
      { headers: { "Content-Type": "application/json" } },
    )
  } catch (error) {
    console.error(error)

    return new Response(JSON.stringify({ error: error.message }), {
      headers: { 'Content-Type': 'application/json' },
      status: 400,
    })
  }
})

I have a column that holds an array of text elements and i want the default value to be an array with 1 text element in it but couldnt find docs on default array

it's working fine on ios. but on web, it's not logging me in and it's failing a redirect. assuming it's the siteurl and redirect URLs?

What are the styling limitations of the email templates? For some reason I can't get flex-direction to work. Nor can I get my img tag to render properly.

html
<div style="width: 100%; display: flex; flex-direction: column; justify-content: center; align-items: center">
<img title="pinchedparables" alt="logo" src="https://www.pinchedparables.com/_app/immutable/assets/craibpath-985b930b.svg">
<h2>Magic Link from Pinched Parables!!!</h2>
<h3>Thanks for visiting!</h3>

<p>Follow this link to login:</p>
<p><a href="{{ .ConfirmationURL }}">Log In</a></p>
</div>

I've recently set up Supabase in my project and have a major concern over one aspect. Hoping to get others' thoughts on this. In order to set up auth with Supabase, the browser client needs an instance of the Supabase client which requires the anon key. Since Supabase only gives you one anon key per project, your browser and server clients are using the same key to connect to Supabase. My concern here is that we are essentially giving browsers complete access to Supabase (and our database, auth, etc.). The anon key will be exposed to browsers and malicious users could, in theory, modify the JS on the page to hit Supabase using the browser client and the key. I know that with proper RLS policies in place you can avoid users accessing data they shouldn't be able to access. However, that is extremely risky in my opinion. You're essentially giving your users keys to the kingdom and rely 100% on you setting up RLS policies for everything. Devs are human, there will inevitably be some RLS mistakes made. With a traditional API, you at least have two layers of control (at the API layer and RLS). I would feel more confident if the only connection between my app and Supabase happens between my backend and Supabase. The frontend should not connect to Supabase or even know we're using Supabase at all. I know I can just make API calls to my own API and have the API connect to Supabase, but when it comes to auth, you end up having to write a lot of the auth implementation on your own, which seems to defeat the purpose to Supabase. Even if you take auth out of the question, if you wanted to use Supabase Realtime in the future, you need to create a client in the browser, resulting in the same concern of sharing the API key. Am I overthinking this? Or thinking about this the wrong way? I haven't come across any posts that mention this aspect. All docs and tutorials just initialize Supabase on the client and start fetching away.

I am querying another service which returns and path to an image URL. How can I push the image to storage and not the path string? A different service I was using returns a base64 blog I would convert to arrayBuffer and push that to storage. I'm not sure how to pull down the url of the image and upload it?

I have buttons in one table and a footer that references one of them. Therefore I have to get only the button (with the ID) that is in the footer. Is there a better/simpler way to query data from one table when you need to first take some data from another? I accomplished the result in the following way, but I really don't like how it looks.

const footerButtonID = await supabase
    .from("components_layout_footers_components")
    .select("id")
    .eq("field", "Button")
    .single();

const Button = await supabase.from("components_buttons_buttons").select().eq("id", footerButtonID.data.id).single();

i'm building an event app (kind of like partiful) and want to be able to send a user to a landing page for an event, so they can see the details of the event unauthenticated, then if they want to rsvp, they need to sign in/sign up. in the ideal flow, they could sign in/sign up right on the event page so that they can just rsvp straight from there. otherwise, i'd have to send them to the auth page and somehow remember the eventId of the event page they were on, then send them back to that page to rsvp. is this possible? or any suggestions on how to architect this?

I'm attempting to find the easiest way to implement Column Level Security without having to create two separate tables with separate RLS rules. I found this comment on github which mentions using Postgres Roles: https://github.com/supabase/supabase/discussions/11948#discussioncomment-4802137 I understand that one could then grant/revoke access to views based on the role. This seems like a bit of heavy maintenance. I'm not sure if this is the best way. It's definitely an acceptable method for my needs. Am I okay to proceed with that? Is there any chance that this might be broken with a future update? If I'm not mistaken, this implementation is the exact same thing. Create multiple views, and apply grants? https://github.com/supabase/supabase/discussions/1275#discussioncomment-656586

What are the steps?

Weird question about naming conventions.. If I have a store named ListingManagerStore, does it semantically include creating new listings? I always thought that a manager just handles existing entities. But maybe my vocab is lacking. Or if there is a more appropriate term what would it be?

Where can I find documentation for 'supabase import' (specifically importing a CSV via the CLI)

I'm testing locally and haven't changed anything. I used to be able to use OAuth for twitter and discord, but now I'm getting this error

{
  "message": "An invalid response was received from the upstream server"
}

It seems when inserting rows, the RLS policies aren't obeyed by the table editor in the dashboard. Does the dashboard use the

authenticated

role or

service-role

for the target roles in the RLS?

Is it better to have two RLS policies say for an insert on a table, or just a combined one in terms of performance?