Permit single-quoted arguments in SHELL_SAFE_COMMAND_PATTERN while
keeping dangerous metacharacters blocked, and add security test cases
for quoted --entrypoint and --hostname values.
Using 'stub' as default would break existing installations that stored files
under the default tenantId 'storage-single-tenant' (pre-TENANT_ID era).
After upgrading, storage-api would look for files under 'stub/...' prefix
instead of 'storage-single-tenant/...', making all existing files inaccessible.
- Update Kong to 3.9.1 with new awk-based entrypoint script (replaces fragile eval/echo)
- Add request-transformer plugin to all secure Kong routes for API key translation
- Fix hide_credentials: false on REST and GraphQL routes
- Add post-function plugin on storage route for S3 presigned URL compatibility
- Add opaque API key support (SUPABASE_PUBLISHABLE_KEY, SUPABASE_SECRET_KEY)
- Update Vector router to use contains() matching for Coolify container names
- Add auto-generated self-signed TLS cert for Supavisor (fixes Supabase CLI connectivity)
- Fix logs not queryable in Studio by separating public/private Logflare access tokens
- Update image versions: Kong 3.9.1, Studio 2026.03.16, PostgREST v14.6, Storage v1.44.2, Edge Runtime v1.71.2
- Fix IMGPROXY_ENABLE_WEBP_DETECTION -> IMGPROXY_AUTO_WEBP
- Add deno-cache volume for faster Edge Function cold starts
- Make POOLER_TENANT_ID configurable
- Add start_period to Realtime and Supavisor healthchecks
- Add KONG_PROXY_ACCESS_LOG configuration
- Update SQL init scripts to use $POSTGRES_USER instead of hardcoded supabase_admin
The pinned commit hashes (00bd9272, 33cef775) are from ~Nov 2025 and
incompatible with convex npm package >=1.30, causing deploy failures
with "missing field `functions`" errors.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Prevent null CA certificate access during database SSL certificate regeneration
across KeyDB, MariaDB, MongoDB, MySQL, PostgreSQL, and Redis components.
If no CA certificate exists, attempt to generate one and re-query; if still
missing, dispatch a clear error and stop regeneration gracefully.
Add `SslCertificateRegenerationTest` coverage for missing-CA and CA-query
scenarios to prevent regressions.
The releases published on 27/03/26 causes Clickhouse to incorrectly
initialize. This prevent the DB from restarting after the initial run.
This pin the version to the most recent version that was working
properly.
Do not replace self-referencing environment variables (e.g., DATABASE_URL: ${DATABASE_URL})
with saved DB values in the compose environment section. Keeping the reference intact allows
Docker Compose to resolve from .env at deploy time, preventing stale values from overriding
user updates that haven't been re-parsed.
Fixes#9136
