Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
The supabase npm package is a powerful tool for interacting with the Supabase platform, which provides a suite of backend services such as a PostgreSQL database, authentication, and real-time subscriptions. It allows developers to easily integrate these services into their applications.
Database CRUD Operations
This feature allows you to perform CRUD (Create, Read, Update, Delete) operations on your Supabase database. The code sample demonstrates how to fetch data from a table.
const { createClient } = require('@supabase/supabase-js');
const supabase = createClient('https://your-project.supabase.co', 'public-anon-key');
async function fetchData() {
let { data, error } = await supabase
.from('your_table')
.select('*');
if (error) console.error(error);
else console.log(data);
}
fetchData();
Authentication
Supabase provides authentication services, allowing you to manage user sign-ups, logins, and sessions. The code sample shows how to sign in a user using email and password.
const { createClient } = require('@supabase/supabase-js');
const supabase = createClient('https://your-project.supabase.co', 'public-anon-key');
async function signIn() {
const { user, session, error } = await supabase.auth.signIn({
email: 'user@example.com',
password: 'password'
});
if (error) console.error(error);
else console.log(user, session);
}
signIn();
Real-time Subscriptions
Supabase supports real-time subscriptions, allowing you to listen for changes in your database and react to them in real-time. The code sample demonstrates how to subscribe to insert events on a table.
const { createClient } = require('@supabase/supabase-js');
const supabase = createClient('https://your-project.supabase.co', 'public-anon-key');
supabase
.from('your_table')
.on('INSERT', payload => {
console.log('New row added!', payload);
})
.subscribe();
Storage
Supabase provides storage services for managing files. The code sample shows how to upload a file to a storage bucket.
const { createClient } = require('@supabase/supabase-js');
const supabase = createClient('https://your-project.supabase.co', 'public-anon-key');
async function uploadFile() {
let { data, error } = await supabase.storage
.from('your_bucket')
.upload('public/avatar1.png', 'path/to/file.png');
if (error) console.error(error);
else console.log(data);
}
uploadFile();
Firebase is a comprehensive app development platform that offers a variety of tools and services to help you develop high-quality apps. It provides functionalities similar to Supabase, such as real-time databases, authentication, and storage. Firebase is known for its ease of use and extensive documentation.
Parse is an open-source backend framework that provides a suite of tools for building and managing mobile and web applications. It offers features like a database, user authentication, and file storage, similar to Supabase. Parse can be self-hosted, giving developers more control over their backend infrastructure.
Hasura is a GraphQL engine that provides instant, real-time GraphQL APIs over your PostgreSQL database. It offers similar functionalities to Supabase, such as real-time subscriptions and authentication. Hasura is known for its powerful GraphQL capabilities and ease of integration with existing databases.
Supabase is an open source Firebase alternative. We're building the features of Firebase using enterprise-grade open source tools.
This repository contains all the functionality for Supabase CLI.
Available via NPM as dev dependency. To install:
npm i supabase --save-dev
To install the beta release channel:
npm i supabase@beta --save-dev
When installing with yarn 4, you need to disable experimental fetch with the following nodejs config.
NODE_OPTIONS=--no-experimental-fetch yarn add supabase
Note For Bun versions below v1.0.17, you must add
supabase
as a trusted dependency before runningbun add -D supabase
.
Available via Homebrew. To install:
brew install supabase/tap/supabase
To install the beta release channel:
brew install supabase/tap/supabase-beta
brew link --overwrite supabase-beta
To upgrade:
brew upgrade supabase
Available via Scoop. To install:
scoop bucket add supabase https://github.com/supabase/scoop-bucket.git
scoop install supabase
To upgrade:
scoop update supabase
Available via Homebrew and Linux packages.
To install:
brew install supabase/tap/supabase
To upgrade:
brew upgrade supabase
Linux packages are provided in Releases. To install, download the .apk
/.deb
/.rpm
/.pkg.tar.zst
file depending on your package manager and run the respective commands.
sudo apk add --allow-untrusted <...>.apk
sudo dpkg -i <...>.deb
sudo rpm -i <...>.rpm
sudo pacman -U <...>.pkg.tar.zst
You can also install the CLI via go modules without the help of package managers.
go install github.com/supabase/cli@latest
Add a symlink to the binary in $PATH
for easier access:
ln -s "$(go env GOPATH)/cli" /usr/bin/supabase
This works on other non-standard Linux distros.
Available via pkgx. Package script here. To install in your working directory:
pkgx install supabase
supabase bootstrap
Or using npx:
npx supabase bootstrap
The bootstrap command will guide you through the process of setting up a Supabase project using one of the starter templates.
Command & config reference can be found here.
We follow semantic versioning for changes that directly impact CLI commands, flags, and configurations.
However, due to dependencies on other service images, we cannot guarantee that schema migrations, seed.sql, and generated types will always work for the same CLI major version. If you need such guarantees, we encourage you to pin a specific version of CLI in package.json.
To run from source:
# Go >= 1.22
go run . help
FAQs
Supabase CLI
We found that supabase demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.