[Snyk] Upgrade @supabase/supabase-js from 2.45.4 to 2.76.0 #287

nerdy-tech-com-gitub · 2025-11-11T05:47:29Z

Snyk has created this PR to upgrade @supabase/supabase-js from 2.45.4 to 2.76.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 143 versions ahead of your current version.
The recommended version was released 22 days ago.

Issues fixed by the recommended upgrade:

Issue	Score	Exploit Maturity
Insecure Randomness SNYK-JS-UNDICI-8641354	140	Proof of Concept
Incorrect Authorization SNYK-JS-VITE-9512410	140	Mature
Incorrect Authorization SNYK-JS-VITE-9653016	140	Proof of Concept
Denial of Service (DoS) SNYK-JS-WS-7266574	140	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	140	Proof of Concept
Improper Neutralization of Special Elements in Data Query Logic SNYK-JS-MONGOOSE-8446504	140	No Known Exploit
Improper Neutralization of Special Elements in Data Query Logic SNYK-JS-MONGOOSE-8623536	140	Proof of Concept
Remote Code Execution (RCE) SNYK-JS-NUXT-7640974	140	No Known Exploit
Acceptance of Extraneous Untrusted Data With Trusted Data SNYK-JS-NUXT-9486043	140	No Known Exploit
Directory Traversal SNYK-JS-NUXTDEVTOOLS-7640977	140	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELHELPERS-9397697	140	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELRUNTIME-10044504	140	Proof of Concept
Directory Traversal SNYK-JS-SUPABASEAUTHJS-10255365	140	No Known Exploit
Improper Validation of Specified Type of Input SNYK-JS-VALIDATOR-13395830	140	Proof of Concept
Directory Traversal SNYK-JS-VITE-13644406	140	Proof of Concept
Information Exposure SNYK-JS-VITE-8023174	140	Proof of Concept
Origin Validation Error SNYK-JS-VITE-8648411	140	Proof of Concept
Access Control Bypass SNYK-JS-VITE-9576207	140	Proof of Concept
Information Exposure SNYK-JS-VITE-9685035	140	Proof of Concept
Directory Traversal SNYK-JS-VITE-9919777	140	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-VUETEMPLATECOMPILER-7554675	140	Proof of Concept
Open Redirect SNYK-JS-KOA-10944994	140	Proof of Concept
Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	140	No Known Exploit
Improper Input Validation SNYK-JS-NANOID-8492085	140	No Known Exploit
Improper Input Validation SNYK-JS-NANOID-8492085	140	No Known Exploit
Cross-site Scripting (XSS) SNYK-JS-NUXT-7640972	140	Proof of Concept
Origin Validation Error SNYK-JS-NUXTVITEBUILDER-8663232	140	Proof of Concept
Prototype Pollution SNYK-JS-PARSEGITCONFIG-9403763	140	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	140	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-ROLLUP-8073097	140	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-BRACEEXPANSION-9789073	140	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-BRACEEXPANSION-9789073	140	Proof of Concept
Missing Release of Memory after Effective Lifetime SNYK-JS-UNDICI-10176064	140	Proof of Concept
Relative Path Traversal SNYK-JS-VITE-12558116	140	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-VITE-8022916	140	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-VUETEMPLATECOMPILER-8219888	140	Proof of Concept
Prototype Pollution SNYK-JS-DEVALUE-12205530	140	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-KOA-8720152	140	No Known Exploit
Cross-site Scripting (XSS) SNYK-JS-KOA-9679272	140	Proof of Concept
Directory Traversal SNYK-JS-NUXT-12878602	140	Proof of Concept
Cross-site Scripting SNYK-JS-SEND-7926862	140	No Known Exploit
Cross-site Scripting SNYK-JS-SERVESTATIC-7926865	140	No Known Exploit
Directory Traversal SNYK-JS-SIRV-12558119	140	Proof of Concept

Release notes

Package name: @supabase/supabase-js

2.76.0 - 2025-10-20
2.76.0 (2025-10-20)

🚀 Features
- realtime: realtime explicit REST call (#1751)
- realtime: enhance RealtimeChannel type (#1747)
- storage: storage vectors and analytics in storage-js (#1752)
🩹 Fixes
- functions: missing body when Content-Type header supplied by dev (#1758)
- functions: add application/pdf response parsing to FunctionsClient (#1757)
- realtime: manipulate URLs using URL object (#1769)
- repo: convert postbuild to explicit codegen (#1778)
- storage: correct list v2 types to correctly match data returned from api (#1761)
- storage: use backward compatible return type in download function (#1750)
- storage: api types (#1784)
❤️ Thank You
- Fabrizio @ fenos
- Filipe Cabaço @ filipecabaco
- Guilherme Souza
- Katerina Skroumpelou @ mandarini
- Lenny @ itslenny
2.75.2-canary.1 - 2025-10-20
2.75.2-canary.1 (2025-10-20)

🩹 Fixes
- storage: api types (#1784)
❤️ Thank You
- Fabrizio @ fenos
2.75.2-canary.0 - 2025-10-17
2.75.2-canary.0 (2025-10-17)

🚀 Features
- realtime: realtime explicit REST call (#1751)
- realtime: enhance RealtimeChannel type (#1747)
- storage: storage vectors and analytics in storage-js (#1752)
🩹 Fixes
- functions: missing body when Content-Type header supplied by dev (#1758)
- functions: add application/pdf response parsing to FunctionsClient (#1757)
- realtime: manipulate URLs using URL object (#1769)
- repo: convert postbuild to explicit codegen (#1778)
- storage: correct list v2 types to correctly match data returned from api (#1761)
- storage: use backward compatible return type in download function (#1750)
❤️ Thank You
- Filipe Cabaço @ filipecabaco
- Guilherme Souza
- Katerina Skroumpelou @ mandarini
- Lenny @ itslenny
2.75.1 - 2025-10-17
2.75.1 (2025-10-17)

🩹 Fixes
- storage: use backward compatible return type in download function (#1750)
❤️ Thank You
- Lenny @ itslenny
2.75.1-canary.5 - 2025-10-16
2.75.1-canary.5 (2025-10-16)

🩹 Fixes
- repo: convert postbuild to explicit codegen (#1778)
❤️ Thank You
- Katerina Skroumpelou @ mandarini
2.75.1-canary.4 - 2025-10-16
2.75.1-canary.4 (2025-10-16)

🩹 Fixes
- functions: missing body when Content-Type header supplied by dev (#1758)
- functions: add application/pdf response parsing to FunctionsClient (#1757)
❤️ Thank You
- Katerina Skroumpelou @ mandarini
2.75.1-canary.3 - 2025-10-13
2.75.1-canary.3 (2025-10-13)

🩹 Fixes
- realtime: manipulate URLs using URL object (#1769)
❤️ Thank You
- Guilherme Souza
2.75.1-canary.2 - 2025-10-13
2.75.1-canary.2 (2025-10-13)

🚀 Features
- realtime: enhance RealtimeChannel type (#1747)
❤️ Thank You
- Katerina Skroumpelou @ mandarini
2.75.1-canary.1 - 2025-10-09
2.75.1-canary.1 (2025-10-09)

🩹 Fixes
- storage: correct list v2 types to correctly match data returned from api (#1761)
- storage: use backward compatible return type in download function (#1750)
❤️ Thank You
- Lenny @ itslenny
2.75.1-canary.0 - 2025-10-09
2.75.1-canary.0 (2025-10-09)

🚀 Features
- realtime: realtime explicit REST call (#1751)
❤️ Thank You
- Filipe Cabaço @ filipecabaco
2.75.0 - 2025-10-09
2.74.1-canary.7 - 2025-10-08
2.74.1-canary.6 - 2025-10-07
2.74.1-canary.5 - 2025-10-07
2.74.1-canary.4 - 2025-10-07
2.74.1-canary.3 - 2025-10-07
2.74.1-canary.2 - 2025-10-06
2.74.1-canary.1 - 2025-10-06
2.74.1-canary.0 - 2025-10-06
2.74.0 - 2025-10-06
2.73.1-canary.8 - 2025-10-06
2.73.1-canary.7 - 2025-10-06
2.73.1-canary.6 - 2025-10-06
2.73.1-canary.5 - 2025-10-06
2.72.1-canary.15 - 2025-09-26
2.72.1-canary.14 - 2025-09-26
2.72.1-canary.13 - 2025-09-26
2.72.1-canary.12 - 2025-09-26
2.72.1-canary.11 - 2025-09-26
2.72.1-canary.10 - 2025-09-26
2.72.1-canary.9 - 2025-09-26
2.72.1-canary.8 - 2025-09-26
2.72.1-canary.7 - 2025-09-26
2.72.1-canary.6 - 2025-09-26
2.72.1-canary.5 - 2025-09-26
2.72.1-canary.2 - 2025-09-24
2.72.1-canary.0 - 2025-09-30
2.71.2-canary.29 - 2025-09-23
2.71.2-canary.28 - 2025-09-23
2.71.2-canary.27 - 2025-09-23
2.71.2-canary.7 - 2025-09-19
2.71.2-canary.6 - 2025-09-19
2.71.2-canary.4 - 2025-09-19
2.71.2-canary.3 - 2025-09-19
2.71.2-canary.2 - 2025-09-19
2.71.2-canary.1 - 2025-09-19
2.71.2-canary.0 - 2025-09-18
2.58.1-canary.0 - 2025-10-01
2.58.0 - 2025-09-25
2.57.4 - 2025-09-09
2.57.3 - 2025-09-09
2.57.2 - 2025-09-05
2.57.1 - 2025-09-05
2.57.0 - 2025-09-02
2.57.0-next.4 - 2025-08-29
2.57.0-next.3 - 2025-08-29
2.57.0-next.2 - 2025-08-29
2.57.0-next.1 - 2025-08-29
2.56.1 - 2025-08-29
2.56.1-next.1 - 2025-08-29
2.56.0 - 2025-08-21
2.55.0 - 2025-08-12
2.55.0-next.1 - 2025-08-12
2.54.0 - 2025-08-07
2.53.1 - 2025-08-07
2.53.0 - 2025-07-28
2.52.1 - 2025-07-23
2.52.0 - 2025-07-17
2.51.0 - 2025-07-14
2.50.5 - 2025-07-10
2.50.5-next.4 - 2025-07-14
2.50.5-next.3 - 2025-07-12
2.50.5-next.2 - 2025-07-10
2.50.5-next.1 - 2025-07-10
2.50.4 - 2025-07-09
2.50.3 - 2025-07-02
2.50.2 - 2025-06-25
2.50.2-next.1 - 2025-06-25
2.50.1 - 2025-06-24
2.50.1-next.8 - 2025-06-24
2.50.1-next.7 - 2025-06-24
2.50.1-next.6 - 2025-06-20
2.50.1-next.5 - 2025-06-12
2.50.1-next.4 - 2025-06-10
2.50.1-next.3 - 2025-06-09
2.50.1-next.2 - 2025-06-06
2.50.1-next.1 - 2025-06-06
2.50.0 - 2025-06-06
2.49.10 - 2025-06-04
2.49.10-next.2 - 2025-06-04
2.49.10-next.1 - 2025-06-03
2.49.9 - 2025-06-02
2.49.9-next.3 - 2025-06-03
2.49.9-next.2 - 2025-05-29
2.49.9-next.1 - 2025-05-23
2.49.8 - 2025-05-21
2.49.7 - 2025-05-20
2.49.6 - 2025-05-20
2.49.6-next.1 - 2025-05-20
2.49.5 - 2025-05-19
2.49.5-next.5 - 2025-05-13
2.49.5-next.4 - 2025-05-12
2.49.5-next.3 - 2025-05-12
2.49.5-next.2 - 2025-05-09
2.49.5-next.1 - 2025-05-09
2.49.4 - 2025-03-29
2.49.3 - 2025-03-24
2.49.2 - 2025-03-24
2.49.1 - 2025-02-24
2.49.0 - 2025-02-24
2.48.1 - 2025-01-24
2.48.0 - 2025-01-20
2.47.16 - 2025-01-17
2.47.15 - 2025-01-16
2.47.14 - 2025-01-15
2.47.13 - 2025-01-14
2.47.12 - 2025-01-08
2.47.11 - 2025-01-07
2.47.10 - 2024-12-19
2.47.9 - 2024-12-18
2.47.8 - 2024-12-16
2.47.7 - 2024-12-13
2.47.6 - 2024-12-12
2.47.5 - 2024-12-11
2.47.4 - 2024-12-11
2.47.4-rc.1 - 2024-12-11
2.47.3 - 2024-12-09
2.47.2 - 2024-12-06
2.47.1 - 2024-12-05
2.47.0 - 2024-12-05
2.46.2 - 2024-11-27
2.46.2-rc.3 - 2024-11-13
2.46.2-rc.2 - 2024-11-13
2.46.2-rc.1 - 2024-11-06
2.46.1 - 2024-10-30
2.46.0 - 2024-10-29
2.46.0-rc.5 - 2024-10-29
2.46.0-rc.4 - 2024-10-28
2.46.0-rc.3 - 2024-10-28
2.46.0-rc.2 - 2024-10-18
2.46.0-rc.1 - 2024-10-18
2.45.6 - 2024-10-19
2.45.5 - 2024-10-18
2.45.4 - 2024-09-10

from @supabase/supabase-js GitHub release notes

Important

Check the changes in this PR to ensure they won't cause issues with your project.
This PR was automatically created by Snyk using the credentials of a real user.
Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

📜 Customise PR templates

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade @supabase/supabase-js from 2.45.4 to 2.76.0. See this package in npm: @supabase/supabase-js See this project in Snyk: https://app.snyk.io/org/nerds-github/project/ef708957-d107-4807-bb9b-ffb67ea15337?utm_source=github&utm_medium=referral&page=upgrade-pr

[Snyk] Upgrade @supabase/supabase-js from 2.45.4 to 2.76.0 #287

Are you sure you want to change the base?

[Snyk] Upgrade @supabase/supabase-js from 2.45.4 to 2.76.0 #287

Uh oh!

Conversation

nerdy-tech-com-gitub commented Nov 11, 2025

Snyk has created this PR to upgrade @supabase/supabase-js from 2.45.4 to 2.76.0.

Issues fixed by the recommended upgrade:

2.76.0 (2025-10-20)

🚀 Features

🩹 Fixes

❤️ Thank You

2.75.2-canary.1 (2025-10-20)

🩹 Fixes

❤️ Thank You

2.75.2-canary.0 (2025-10-17)

🚀 Features

🩹 Fixes

❤️ Thank You

2.75.1 (2025-10-17)

🩹 Fixes

❤️ Thank You

2.75.1-canary.5 (2025-10-16)

🩹 Fixes

❤️ Thank You

2.75.1-canary.4 (2025-10-16)

🩹 Fixes

❤️ Thank You

2.75.1-canary.3 (2025-10-13)

🩹 Fixes

❤️ Thank You

2.75.1-canary.2 (2025-10-13)

🚀 Features

❤️ Thank You

2.75.1-canary.1 (2025-10-09)

🩹 Fixes

❤️ Thank You

2.75.1-canary.0 (2025-10-09)

🚀 Features

❤️ Thank You

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants