[Snyk] Upgrade @supabase/supabase-js from 2.45.4 to 2.81.0 #308

nerdy-tech-com-gitub · 2025-12-02T05:49:08Z

Snyk has created this PR to upgrade @supabase/supabase-js from 2.45.4 to 2.81.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 166 versions ahead of your current version.
The recommended version was released 22 days ago.

Issues fixed by the recommended upgrade:

Issue	Score	Exploit Maturity
Insecure Randomness SNYK-JS-UNDICI-8641354	140	Proof of Concept
Incorrect Authorization SNYK-JS-VITE-9512410	140	Mature
Incorrect Authorization SNYK-JS-VITE-9653016	140	Proof of Concept
Denial of Service (DoS) SNYK-JS-WS-7266574	140	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	140	Proof of Concept
Command Injection SNYK-JS-GLOB-14040952	140	Proof of Concept
Improper Neutralization of Special Elements in Data Query Logic SNYK-JS-MONGOOSE-8446504	140	Proof of Concept
Improper Neutralization of Special Elements in Data Query Logic SNYK-JS-MONGOOSE-8623536	140	Proof of Concept
Remote Code Execution (RCE) SNYK-JS-NUXT-7640974	140	No Known Exploit
Acceptance of Extraneous Untrusted Data With Trusted Data SNYK-JS-NUXT-9486043	140	No Known Exploit
Directory Traversal SNYK-JS-NUXTDEVTOOLS-7640977	140	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELHELPERS-9397697	140	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELRUNTIME-10044504	140	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-ROLLUP-8073097	140	Proof of Concept
Directory Traversal SNYK-JS-SUPABASEAUTHJS-10255365	140	No Known Exploit
Improper Validation of Specified Type of Input SNYK-JS-VALIDATOR-13395830	140	Proof of Concept
Directory Traversal SNYK-JS-VITE-13644406	140	Proof of Concept
Information Exposure SNYK-JS-VITE-8023174	140	Proof of Concept
Origin Validation Error SNYK-JS-VITE-8648411	140	Proof of Concept
Access Control Bypass SNYK-JS-VITE-9576207	140	Proof of Concept
Information Exposure SNYK-JS-VITE-9685035	140	Proof of Concept
Directory Traversal SNYK-JS-VITE-9919777	140	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-VUETEMPLATECOMPILER-7554675	140	Proof of Concept
Prototype Pollution SNYK-JS-JSYAML-13961110	140	No Known Exploit
Open Redirect SNYK-JS-KOA-10944994	140	Proof of Concept
Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	140	No Known Exploit
Improper Input Validation SNYK-JS-NANOID-8492085	140	No Known Exploit
Improper Input Validation SNYK-JS-NANOID-8492085	140	No Known Exploit
Cross-site Scripting (XSS) SNYK-JS-NUXT-7640972	140	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-NUXTDEVTOOLS-13849298	140	No Known Exploit
Origin Validation Error SNYK-JS-NUXTVITEBUILDER-8663232	140	Proof of Concept
Prototype Pollution SNYK-JS-PARSEGITCONFIG-9403763	140	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	140	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-BRACEEXPANSION-9789073	140	Proof of Concept
Cross-site Scripting SNYK-JS-SEND-7926862	140	No Known Exploit
Cross-site Scripting SNYK-JS-SERVESTATIC-7926865	140	No Known Exploit
Directory Traversal SNYK-JS-SIRV-12558119	140	Proof of Concept
Missing Release of Memory after Effective Lifetime SNYK-JS-UNDICI-10176064	140	Proof of Concept
Relative Path Traversal SNYK-JS-VITE-12558116	140	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-VITE-8022916	140	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-VUETEMPLATECOMPILER-8219888	140	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-BRACEEXPANSION-9789073	140	Proof of Concept
Prototype Pollution SNYK-JS-DEVALUE-12205530	140	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-KOA-8720152	140	No Known Exploit
Cross-site Scripting (XSS) SNYK-JS-KOA-9679272	140	Proof of Concept
Directory Traversal SNYK-JS-NUXT-12878602	140	Proof of Concept

Release notes

Package name: @supabase/supabase-js

2.81.0 - 2025-11-10
2.81.0 (2025-11-10)

🚀 Features
- realtime: implement V2 serializer (#1829)
🩹 Fixes
- auth: make webauthn param optional and move register params to webauthn (#1765)
- auth: add providers type to UserAppMetadata interface (#1760)
- auth: use direct attestation for registration/authentication (#1764)
- functions: add configurable timeout and normalize abort/timeout errors as FunctionsFetchError (#1837)
- realtime: ensure WebSocket connections are properly closed in teardown (#1841)
❤️ Thank You
- Eduardo Gurgel
- Katerina Skroumpelou @ mandarini
- Tanmay Sharma @ tanmaysharma2001
2.80.1-canary.5 - 2025-11-10
2.80.1-canary.5 (2025-11-10)

🩹 Fixes
- realtime: ensure WebSocket connections are properly closed in teardown (#1841)
❤️ Thank You
- Tanmay Sharma @ tanmaysharma2001
2.80.1-canary.4 - 2025-11-07
2.80.1-canary.4 (2025-11-07)

🩹 Fixes
- auth: use direct attestation for registration/authentication (#1764)
❤️ Thank You
- Katerina Skroumpelou @ mandarini
2.80.1-canary.3 - 2025-11-07
2.80.1-canary.3 (2025-11-07)

🚀 Features
- realtime: implement V2 serializer (#1829)
❤️ Thank You
- Eduardo Gurgel
2.80.1-canary.2 - 2025-11-07
2.80.1-canary.2 (2025-11-07)

🩹 Fixes
- auth: add providers type to UserAppMetadata interface (#1760)
❤️ Thank You
- Katerina Skroumpelou @ mandarini
2.80.1-canary.1 - 2025-10-01
2.80.1-canary.1 (2025-11-07)

🩹 Fixes
- auth: make webauthn param optional and move register params to webauthn (#1765)
❤️ Thank You
- Katerina Skroumpelou @ mandarini
2.80.1-canary.0 - 2025-10-01
2.80.1-canary.0 (2025-11-06)

🩹 Fixes
- functions: add configurable timeout and normalize abort/timeout errors as FunctionsFetchError (#1837)
❤️ Thank You
- Katerina Skroumpelou @ mandarini
2.80.0 - 2025-11-06
2.80.0 (2025-11-06)

🚀 Features
- auth: add TypeScript types for documented JWT claims fields (#1802)
🩹 Fixes
- auth: only warn if multiple clients share a storage-key (#1767)
❤️ Thank You
- Steve Hall @ sh41
- Sumit Kumar @ Software-Engineering-Project-Team-Bob
2.79.1-canary.2 - 2025-10-03
2.79.1-canary.1 - 2025-10-02
2.79.1-canary.1 (2025-11-06)

🩹 Fixes
- auth: only warn if multiple clients share a storage-key (#1767)
❤️ Thank You
- Steve Hall @ sh41
2.79.1-canary.0 - 2025-10-02
2.79.1-canary.0 (2025-11-06)

🚀 Features
- auth: add TypeScript types for documented JWT claims fields (#1802)
❤️ Thank You
- Sumit Kumar @ Software-Engineering-Project-Team-Bob
2.79.0 - 2025-11-04
2.78.1-canary.1 - 2025-11-04
2.78.1-canary.0 - 2025-10-31
2.78.0 - 2025-10-30
2.77.1-canary.2 - 2025-10-30
2.77.1-canary.1 - 2025-10-30
2.77.1-canary.0 - 2025-10-29
2.77.0 - 2025-10-29
2.76.2-canary.2 - 2025-10-23
2.76.2-canary.1 - 2025-10-22
2.76.2-canary.0 - 2025-10-21
2.76.1 - 2025-10-21
2.76.0 - 2025-10-20
2.75.2-canary.1 - 2025-10-20
2.75.2-canary.0 - 2025-10-17
2.75.1 - 2025-10-17
2.75.1-canary.5 - 2025-10-16
2.75.1-canary.4 - 2025-10-16
2.75.1-canary.3 - 2025-10-13
2.75.1-canary.2 - 2025-10-13
2.75.1-canary.1 - 2025-10-09
2.75.1-canary.0 - 2025-10-09
2.75.0 - 2025-10-09
2.74.1-canary.7 - 2025-10-08
2.74.1-canary.6 - 2025-10-07
2.74.1-canary.5 - 2025-10-07
2.74.1-canary.4 - 2025-10-07
2.74.1-canary.3 - 2025-10-07
2.74.1-canary.2 - 2025-10-06
2.74.1-canary.1 - 2025-10-06
2.74.1-canary.0 - 2025-10-06
2.74.0 - 2025-10-06
2.73.1-canary.8 - 2025-10-06
2.73.1-canary.7 - 2025-10-06
2.73.1-canary.6 - 2025-10-06
2.73.1-canary.5 - 2025-10-06
2.72.1-canary.15 - 2025-09-26
2.72.1-canary.14 - 2025-09-26
2.72.1-canary.13 - 2025-09-26
2.72.1-canary.12 - 2025-09-26
2.72.1-canary.11 - 2025-09-26
2.72.1-canary.10 - 2025-09-26
2.72.1-canary.9 - 2025-09-26
2.72.1-canary.8 - 2025-09-26
2.72.1-canary.7 - 2025-09-26
2.72.1-canary.6 - 2025-09-26
2.72.1-canary.5 - 2025-09-26
2.72.1-canary.2 - 2025-09-24
2.72.1-canary.0 - 2025-09-30
2.71.2-canary.29 - 2025-09-23
2.71.2-canary.28 - 2025-09-23
2.71.2-canary.27 - 2025-09-23
2.71.2-canary.7 - 2025-09-19
2.71.2-canary.6 - 2025-09-19
2.71.2-canary.4 - 2025-09-19
2.71.2-canary.3 - 2025-09-19
2.71.2-canary.2 - 2025-09-19
2.71.2-canary.1 - 2025-09-19
2.71.2-canary.0 - 2025-09-18
2.58.1-canary.0 - 2025-10-01
2.58.0 - 2025-09-25
2.57.4 - 2025-09-09
2.57.3 - 2025-09-09
2.57.2 - 2025-09-05
2.57.1 - 2025-09-05
2.57.0 - 2025-09-02
2.57.0-next.4 - 2025-08-29
2.57.0-next.3 - 2025-08-29
2.57.0-next.2 - 2025-08-29
2.57.0-next.1 - 2025-08-29
2.56.1 - 2025-08-29
2.56.1-next.1 - 2025-08-29
2.56.0 - 2025-08-21
2.55.0 - 2025-08-12
2.55.0-next.1 - 2025-08-12
2.54.0 - 2025-08-07
2.53.1 - 2025-08-07
2.53.0 - 2025-07-28
2.52.1 - 2025-07-23
2.52.0 - 2025-07-17
2.51.0 - 2025-07-14
2.50.5 - 2025-07-10
2.50.5-next.4 - 2025-07-14
2.50.5-next.3 - 2025-07-12
2.50.5-next.2 - 2025-07-10
2.50.5-next.1 - 2025-07-10
2.50.4 - 2025-07-09
2.50.3 - 2025-07-02
2.50.2 - 2025-06-25
2.50.2-next.1 - 2025-06-25
2.50.1 - 2025-06-24
2.50.1-next.8 - 2025-06-24
2.50.1-next.7 - 2025-06-24
2.50.1-next.6 - 2025-06-20
2.50.1-next.5 - 2025-06-12
2.50.1-next.4 - 2025-06-10
2.50.1-next.3 - 2025-06-09
2.50.1-next.2 - 2025-06-06
2.50.1-next.1 - 2025-06-06
2.50.0 - 2025-06-06
2.49.10 - 2025-06-04
2.49.10-next.2 - 2025-06-04
2.49.10-next.1 - 2025-06-03
2.49.9 - 2025-06-02
2.49.9-next.3 - 2025-06-03
2.49.9-next.2 - 2025-05-29
2.49.9-next.1 - 2025-05-23
2.49.8 - 2025-05-21
2.49.7 - 2025-05-20
2.49.6 - 2025-05-20
2.49.6-next.1 - 2025-05-20
2.49.5 - 2025-05-19
2.49.5-next.5 - 2025-05-13
2.49.5-next.4 - 2025-05-12
2.49.5-next.3 - 2025-05-12
2.49.5-next.2 - 2025-05-09
2.49.5-next.1 - 2025-05-09
2.49.4 - 2025-03-29
2.49.3 - 2025-03-24
2.49.2 - 2025-03-24
2.49.1 - 2025-02-24
2.49.0 - 2025-02-24
2.48.1 - 2025-01-24
2.48.0 - 2025-01-20
2.47.16 - 2025-01-17
2.47.15 - 2025-01-16
2.47.14 - 2025-01-15
2.47.13 - 2025-01-14
2.47.12 - 2025-01-08
2.47.11 - 2025-01-07
2.47.10 - 2024-12-19
2.47.9 - 2024-12-18
2.47.8 - 2024-12-16
2.47.7 - 2024-12-13
2.47.6 - 2024-12-12
2.47.5 - 2024-12-11
2.47.4 - 2024-12-11
2.47.4-rc.1 - 2024-12-11
2.47.3 - 2024-12-09
2.47.2 - 2024-12-06
2.47.1 - 2024-12-05
2.47.0 - 2024-12-05
2.46.2 - 2024-11-27
2.46.2-rc.3 - 2024-11-13
2.46.2-rc.2 - 2024-11-13
2.46.2-rc.1 - 2024-11-06
2.46.1 - 2024-10-30
2.46.0 - 2024-10-29
2.46.0-rc.5 - 2024-10-29
2.46.0-rc.4 - 2024-10-28
2.46.0-rc.3 - 2024-10-28
2.46.0-rc.2 - 2024-10-18
2.46.0-rc.1 - 2024-10-18
2.45.6 - 2024-10-19
2.45.5 - 2024-10-18
2.45.4 - 2024-09-10

from @supabase/supabase-js GitHub release notes

Important

Check the changes in this PR to ensure they won't cause issues with your project.
This PR was automatically created by Snyk using the credentials of a real user.
Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

📜 Customise PR templates

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade @supabase/supabase-js from 2.45.4 to 2.81.0. See this package in npm: @supabase/supabase-js See this project in Snyk: https://app.snyk.io/org/nerds-github/project/ef708957-d107-4807-bb9b-ffb67ea15337?utm_source=github&utm_medium=referral&page=upgrade-pr

[Snyk] Upgrade @supabase/supabase-js from 2.45.4 to 2.81.0 #308

Are you sure you want to change the base?

[Snyk] Upgrade @supabase/supabase-js from 2.45.4 to 2.81.0 #308

Uh oh!

Conversation

nerdy-tech-com-gitub commented Dec 2, 2025

Snyk has created this PR to upgrade @supabase/supabase-js from 2.45.4 to 2.81.0.

Issues fixed by the recommended upgrade:

2.81.0 (2025-11-10)

🚀 Features

🩹 Fixes

❤️ Thank You

2.80.1-canary.5 (2025-11-10)

🩹 Fixes

❤️ Thank You

2.80.1-canary.4 (2025-11-07)

🩹 Fixes

❤️ Thank You

2.80.1-canary.3 (2025-11-07)

🚀 Features

❤️ Thank You

2.80.1-canary.2 (2025-11-07)

🩹 Fixes

❤️ Thank You

2.80.1-canary.1 (2025-11-07)

🩹 Fixes

❤️ Thank You

2.80.1-canary.0 (2025-11-06)

🩹 Fixes

❤️ Thank You

2.80.0 (2025-11-06)

🚀 Features

🩹 Fixes

❤️ Thank You

2.79.1-canary.1 (2025-11-06)

🩹 Fixes

❤️ Thank You

2.79.1-canary.0 (2025-11-06)

🚀 Features

❤️ Thank You

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants