[Snyk] Upgrade @supabase/supabase-js from 2.45.4 to 2.84.0 #325

nerdy-tech-com-gitub · 2025-12-15T21:01:17Z

Snyk has created this PR to upgrade @supabase/supabase-js from 2.45.4 to 2.84.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 180 versions ahead of your current version.
The recommended version was released 25 days ago.

Issues fixed by the recommended upgrade:

Issue	Score	Exploit Maturity
Directory Traversal SNYK-JS-NUXTDEVTOOLS-7640977	110	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	110	Proof of Concept
Command Injection SNYK-JS-GLOB-14040952	110	Proof of Concept
Improper Verification of Cryptographic Signature SNYK-JS-JWS-14188253	110	No Known Exploit
Improper Verification of Cryptographic Signature SNYK-JS-JWS-14188253	110	No Known Exploit
Improper Neutralization of Special Elements in Data Query Logic SNYK-JS-MONGOOSE-8446504	110	Proof of Concept
Improper Neutralization of Special Elements in Data Query Logic SNYK-JS-MONGOOSE-8623536	110	Proof of Concept
Uncontrolled Recursion SNYK-JS-NODEFORGE-14125745	110	No Known Exploit
Remote Code Execution (RCE) SNYK-JS-NUXT-7640974	110	No Known Exploit
Acceptance of Extraneous Untrusted Data With Trusted Data SNYK-JS-NUXT-9486043	110	No Known Exploit
Insecure Randomness SNYK-JS-UNDICI-8641354	110	Proof of Concept
Incomplete Filtering of One or More Instances of Special Elements SNYK-JS-VALIDATOR-13653476	110	Proof of Concept
Incorrect Authorization SNYK-JS-VITE-9512410	110	Mature
Incorrect Authorization SNYK-JS-VITE-9653016	110	Proof of Concept
Denial of Service (DoS) SNYK-JS-WS-7266574	110	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-NUXTDEVTOOLS-13849298	110	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELHELPERS-9397697	110	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELRUNTIME-10044504	110	Proof of Concept
Prototype Pollution SNYK-JS-JSYAML-13961110	110	No Known Exploit
Open Redirect SNYK-JS-KOA-10944994	110	Proof of Concept
Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	110	No Known Exploit
Improper Input Validation SNYK-JS-NANOID-8492085	110	No Known Exploit
Improper Input Validation SNYK-JS-NANOID-8492085	110	No Known Exploit
Integer Overflow or Wraparound SNYK-JS-NODEFORGE-14125097	110	No Known Exploit
Cross-site Scripting (XSS) SNYK-JS-NUXT-7640972	110	Proof of Concept
Origin Validation Error SNYK-JS-NUXTVITEBUILDER-8663232	110	Proof of Concept
Prototype Pollution SNYK-JS-PARSEGITCONFIG-9403763	110	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	110	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-ROLLUP-8073097	110	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-BRACEEXPANSION-9789073	110	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-BRACEEXPANSION-9789073	110	Proof of Concept
Prototype Pollution SNYK-JS-DEVALUE-12205530	110	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-KOA-8720152	110	No Known Exploit
Directory Traversal SNYK-JS-SUPABASEAUTHJS-10255365	110	No Known Exploit
Cross-site Scripting (XSS) SNYK-JS-KOA-9679272	110	Proof of Concept
Interpretation Conflict SNYK-JS-NODEFORGE-14114940	110	No Known Exploit
Improper Validation of Specified Type of Input SNYK-JS-VALIDATOR-13395830	110	Proof of Concept
Directory Traversal SNYK-JS-VITE-13644406	110	Proof of Concept
Information Exposure SNYK-JS-VITE-8023174	110	Proof of Concept
Origin Validation Error SNYK-JS-VITE-8648411	110	Proof of Concept
Access Control Bypass SNYK-JS-VITE-9576207	110	Proof of Concept
Information Exposure SNYK-JS-VITE-9685035	110	Proof of Concept
Directory Traversal SNYK-JS-VITE-9919777	110	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-VUETEMPLATECOMPILER-7554675	110	Proof of Concept
Directory Traversal SNYK-JS-NUXT-12878602	110	Proof of Concept
Cross-site Scripting SNYK-JS-SEND-7926862	110	No Known Exploit
Cross-site Scripting SNYK-JS-SERVESTATIC-7926865	110	No Known Exploit
Directory Traversal SNYK-JS-SIRV-12558119	110	Proof of Concept
Missing Release of Memory after Effective Lifetime SNYK-JS-UNDICI-10176064	110	Proof of Concept
Relative Path Traversal SNYK-JS-VITE-12558116	110	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-VITE-8022916	110	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-VUETEMPLATECOMPILER-8219888	110	Proof of Concept

Release notes

Package name: @supabase/supabase-js

2.84.0 - 2025-11-20
2.84.0 (2025-11-20)

🚀 Features
- postgrest: add isdistinct and regex pattern matching operators (#1875)
🩹 Fixes
- postgrest: validate empty or invalid relation names in Postgrest… (#1863)
- realtime: simplify serializer by removing unnecessary types of messages (#1871)
❤️ Thank You
- Eduardo Gurgel
- Katerina Skroumpelou @ mandarini
- Soufiane Radouane @ sofmega
2.83.1-canary.2 - 2025-11-19
2.83.1-canary.2 (2025-11-19)

🚀 Features
- postgrest: add isdistinct and regex pattern matching operators (#1875)
❤️ Thank You
- Katerina Skroumpelou @ mandarini
2.83.1-canary.1 - 2025-11-19
2.83.1-canary.1 (2025-11-19)

🩹 Fixes
- realtime: simplify serializer by removing unnecessary types of messages (#1871)
❤️ Thank You
- Eduardo Gurgel
2.83.1-canary.0 - 2025-11-19
2.83.1-canary.0 (2025-11-19)

🩹 Fixes
- postgrest: validate empty or invalid relation names in Postgrest… (#1863)
❤️ Thank You
- Soufiane Radouane @ sofmega
2.83.0 - 2025-11-18
2.83.0 (2025-11-18)

🚀 Features
- storage: rename StorageAnalyticsApi to StorageAnalyticsClient (#1869)
❤️ Thank You
- Katerina Skroumpelou @ mandarini
2.82.1-canary.0 - 2025-11-18
2.82.1-canary.0 (2025-11-18)

🚀 Features
- storage: rename StorageAnalyticsApi to StorageAnalyticsClient (#1869)
❤️ Thank You
- Katerina Skroumpelou @ mandarini
2.82.0 - 2025-11-18
2.82.0 (2025-11-18)

🚀 Features
- auth: add OAuth grant listing and revocation endpoints (#1833)
🩹 Fixes
- postgrest: bubble up fetch error causes and codes (#1856)
- realtime: account for null refs when encoding messages (#1862)
- storage: analytics bucket prop (#1852)
❤️ Thank You
- Cemal Kılıç @ cemalkilic
- Eduardo Gurgel
- Fabrizio @ fenos
- Katerina Skroumpelou @ mandarini
2.81.2-canary.3 - 2025-11-18
2.81.2-canary.3 (2025-11-18)

🩹 Fixes
- storage: analytics bucket prop (#1852)
❤️ Thank You
- Fabrizio @ fenos
2.81.2-canary.2 - 2025-11-18
2.81.2-canary.2 (2025-11-18)

🚀 Features
- auth: add OAuth grant listing and revocation endpoints (#1833)
❤️ Thank You
- Cemal Kılıç @ cemalkilic
2.81.2-canary.1 - 2025-11-17
2.81.2-canary.1 (2025-11-17)

🩹 Fixes
- realtime: account for null refs when encoding messages (#1862)
❤️ Thank You
- Eduardo Gurgel
2.81.2-canary.0 - 2025-11-12
2.81.1 - 2025-11-11
2.81.1-canary.1 - 2025-11-11
2.81.1-canary.0 - 2025-11-11
2.81.0 - 2025-11-10
2.80.1-canary.5 - 2025-11-10
2.80.1-canary.4 - 2025-11-07
2.80.1-canary.3 - 2025-11-07
2.80.1-canary.2 - 2025-11-07
2.80.1-canary.1 - 2025-10-01
2.80.1-canary.0 - 2025-10-01
2.80.0 - 2025-11-06
2.79.1-canary.2 - 2025-10-03
2.79.1-canary.1 - 2025-10-02
2.79.1-canary.0 - 2025-10-02
2.79.0 - 2025-11-04
2.78.1-canary.1 - 2025-11-04
2.78.1-canary.0 - 2025-10-31
2.78.0 - 2025-10-30
2.77.1-canary.2 - 2025-10-30
2.77.1-canary.1 - 2025-10-30
2.77.1-canary.0 - 2025-10-29
2.77.0 - 2025-10-29
2.76.2-canary.2 - 2025-10-23
2.76.2-canary.1 - 2025-10-22
2.76.2-canary.0 - 2025-10-21
2.76.1 - 2025-10-21
2.76.0 - 2025-10-20
2.75.2-canary.1 - 2025-10-20
2.75.2-canary.0 - 2025-10-17
2.75.1 - 2025-10-17
2.75.1-canary.5 - 2025-10-16
2.75.1-canary.4 - 2025-10-16
2.75.1-canary.3 - 2025-10-13
2.75.1-canary.2 - 2025-10-13
2.75.1-canary.1 - 2025-10-09
2.75.1-canary.0 - 2025-10-09
2.75.0 - 2025-10-09
2.74.1-canary.7 - 2025-10-08
2.74.1-canary.6 - 2025-10-07
2.74.1-canary.5 - 2025-10-07
2.74.1-canary.4 - 2025-10-07
2.74.1-canary.3 - 2025-10-07
2.74.1-canary.2 - 2025-10-06
2.74.1-canary.1 - 2025-10-06
2.74.1-canary.0 - 2025-10-06
2.74.0 - 2025-10-06
2.73.1-canary.8 - 2025-10-06
2.73.1-canary.7 - 2025-10-06
2.73.1-canary.6 - 2025-10-06
2.73.1-canary.5 - 2025-10-06
2.72.1-canary.15 - 2025-09-26
2.72.1-canary.14 - 2025-09-26
2.72.1-canary.13 - 2025-09-26
2.72.1-canary.12 - 2025-09-26
2.72.1-canary.11 - 2025-09-26
2.72.1-canary.10 - 2025-09-26
2.72.1-canary.9 - 2025-09-26
2.72.1-canary.8 - 2025-09-26
2.72.1-canary.7 - 2025-09-26
2.72.1-canary.6 - 2025-09-26
2.72.1-canary.5 - 2025-09-26
2.72.1-canary.2 - 2025-09-24
2.72.1-canary.0 - 2025-09-30
2.71.2-canary.29 - 2025-09-23
2.71.2-canary.28 - 2025-09-23
2.71.2-canary.27 - 2025-09-23
2.71.2-canary.7 - 2025-09-19
2.71.2-canary.6 - 2025-09-19
2.71.2-canary.4 - 2025-09-19
2.71.2-canary.3 - 2025-09-19
2.71.2-canary.2 - 2025-09-19
2.71.2-canary.1 - 2025-09-19
2.71.2-canary.0 - 2025-09-18
2.58.1-canary.0 - 2025-10-01
2.58.0 - 2025-09-25
2.57.4 - 2025-09-09
2.57.3 - 2025-09-09
2.57.2 - 2025-09-05
2.57.1 - 2025-09-05
2.57.0 - 2025-09-02
2.57.0-next.4 - 2025-08-29
2.57.0-next.3 - 2025-08-29
2.57.0-next.2 - 2025-08-29
2.57.0-next.1 - 2025-08-29
2.56.1 - 2025-08-29
2.56.1-next.1 - 2025-08-29
2.56.0 - 2025-08-21
2.55.0 - 2025-08-12
2.55.0-next.1 - 2025-08-12
2.54.0 - 2025-08-07
2.53.1 - 2025-08-07
2.53.0 - 2025-07-28
2.52.1 - 2025-07-23
2.52.0 - 2025-07-17
2.51.0 - 2025-07-14
2.50.5 - 2025-07-10
2.50.5-next.4 - 2025-07-14
2.50.5-next.3 - 2025-07-12
2.50.5-next.2 - 2025-07-10
2.50.5-next.1 - 2025-07-10
2.50.4 - 2025-07-09
2.50.3 - 2025-07-02
2.50.2 - 2025-06-25
2.50.2-next.1 - 2025-06-25
2.50.1 - 2025-06-24
2.50.1-next.8 - 2025-06-24
2.50.1-next.7 - 2025-06-24
2.50.1-next.6 - 2025-06-20
2.50.1-next.5 - 2025-06-12
2.50.1-next.4 - 2025-06-10
2.50.1-next.3 - 2025-06-09
2.50.1-next.2 - 2025-06-06
2.50.1-next.1 - 2025-06-06
2.50.0 - 2025-06-06
2.49.10 - 2025-06-04
2.49.10-next.2 - 2025-06-04
2.49.10-next.1 - 2025-06-03
2.49.9 - 2025-06-02
2.49.9-next.3 - 2025-06-03
2.49.9-next.2 - 2025-05-29
2.49.9-next.1 - 2025-05-23
2.49.8 - 2025-05-21
2.49.7 - 2025-05-20
2.49.6 - 2025-05-20
2.49.6-next.1 - 2025-05-20
2.49.5 - 2025-05-19
2.49.5-next.5 - 2025-05-13
2.49.5-next.4 - 2025-05-12
2.49.5-next.3 - 2025-05-12
2.49.5-next.2 - 2025-05-09
2.49.5-next.1 - 2025-05-09
2.49.4 - 2025-03-29
2.49.3 - 2025-03-24
2.49.2 - 2025-03-24
2.49.1 - 2025-02-24
2.49.0 - 2025-02-24
2.48.1 - 2025-01-24
2.48.0 - 2025-01-20
2.47.16 - 2025-01-17
2.47.15 - 2025-01-16
2.47.14 - 2025-01-15
2.47.13 - 2025-01-14
2.47.12 - 2025-01-08
2.47.11 - 2025-01-07
2.47.10 - 2024-12-19
2.47.9 - 2024-12-18
2.47.8 - 2024-12-16
2.47.7 - 2024-12-13
2.47.6 - 2024-12-12
2.47.5 - 2024-12-11
2.47.4 - 2024-12-11
2.47.4-rc.1 - 2024-12-11
2.47.3 - 2024-12-09
2.47.2 - 2024-12-06
2.47.1 - 2024-12-05
2.47.0 - 2024-12-05
2.46.2 - 2024-11-27
2.46.2-rc.3 - 2024-11-13
2.46.2-rc.2 - 2024-11-13
2.46.2-rc.1 - 2024-11-06
2.46.1 - 2024-10-30
2.46.0 - 2024-10-29
2.46.0-rc.5 - 2024-10-29
2.46.0-rc.4 - 2024-10-28
2.46.0-rc.3 - 2024-10-28
2.46.0-rc.2 - 2024-10-18
2.46.0-rc.1 - 2024-10-18
2.45.6 - 2024-10-19
2.45.5 - 2024-10-18
2.45.4 - 2024-09-10

from @supabase/supabase-js GitHub release notes

Important

Check the changes in this PR to ensure they won't cause issues with your project.
This PR was automatically created by Snyk using the credentials of a real user.
Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

📜 Customise PR templates

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade @supabase/supabase-js from 2.45.4 to 2.84.0. See this package in npm: @supabase/supabase-js See this project in Snyk: https://app.snyk.io/org/nerds-github/project/ef708957-d107-4807-bb9b-ffb67ea15337?utm_source=github&utm_medium=referral&page=upgrade-pr

[Snyk] Upgrade @supabase/supabase-js from 2.45.4 to 2.84.0 #325

Are you sure you want to change the base?

[Snyk] Upgrade @supabase/supabase-js from 2.45.4 to 2.84.0 #325

Uh oh!

Conversation

nerdy-tech-com-gitub commented Dec 15, 2025

Snyk has created this PR to upgrade @supabase/supabase-js from 2.45.4 to 2.84.0.

Issues fixed by the recommended upgrade:

2.84.0 (2025-11-20)

🚀 Features

🩹 Fixes

❤️ Thank You

2.83.1-canary.2 (2025-11-19)

🚀 Features

❤️ Thank You

2.83.1-canary.1 (2025-11-19)

🩹 Fixes

❤️ Thank You

2.83.1-canary.0 (2025-11-19)

🩹 Fixes

❤️ Thank You

2.83.0 (2025-11-18)

🚀 Features

❤️ Thank You

2.82.1-canary.0 (2025-11-18)

🚀 Features

❤️ Thank You

2.82.0 (2025-11-18)

🚀 Features

🩹 Fixes

❤️ Thank You

2.81.2-canary.3 (2025-11-18)

🩹 Fixes

❤️ Thank You

2.81.2-canary.2 (2025-11-18)

🚀 Features

❤️ Thank You

2.81.2-canary.1 (2025-11-17)

🩹 Fixes

❤️ Thank You

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants