Skip to content

chore(extension)(deps): bump the database group across 1 directory with 3 updates#53

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/extension/database-d489ac890f
Open

chore(extension)(deps): bump the database group across 1 directory with 3 updates#53
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/extension/database-d489ac890f

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Mar 30, 2026

Copy link
Copy Markdown
Contributor

Bumps the database group with 3 updates in the /extension directory: @supabase/supabase-js, dexie and dexie-react-hooks.

Updates @supabase/supabase-js from 2.95.3 to 2.100.1

Release notes

Sourced from @​supabase/supabase-js's releases.

v2.100.1

2.100.1 (2026-03-26)

🩹 Fixes

  • postgrest: add type safety for eq() and neq() column names (#2175)
  • postgrest: fix maybeSingle for all request methods by removing Accept header override (#2182)
  • postgrest: narrow tstyche testFileMatch to only type test files (#2193)
  • postgrest: prevent Args: never functions from being classified as computed fields (#2195)
  • storage: spread all DEFAULT_FILE_OPTIONS in uploadToSignedUrl (#2194)

❤️ Thank You

v2.100.0

2.100.0 (2026-03-23)

🚀 Features

  • realtime: use phoenix's js lib inside realtime-js (#2119)

🩹 Fixes

  • auth: guard navigator lock steal against cascade when lock is stolen by another request (#2178)
  • realtime: revert vsn type to string (#2170)
  • storage: structural detection on json() to detect Response-like errors (#2179)

❤️ Thank You

v2.100.0-rc.0

2.100.0-rc.0 (2026-03-16)

This was a version bump only, there were no code changes.

v2.100.0-canary.7

2.100.0-canary.7 (2026-03-26)

🩹 Fixes

  • storage: spread all DEFAULT_FILE_OPTIONS in uploadToSignedUrl (#2194)

❤️ Thank You

... (truncated)

Changelog

Sourced from @​supabase/supabase-js's changelog.

2.100.1 (2026-03-26)

🩹 Fixes

  • postgrest: narrow tstyche testFileMatch to only type test files (#2193)

❤️ Thank You

2.100.0 (2026-03-23)

This was a version bump only for @​supabase/supabase-js to align it with other projects, there were no code changes.

2.99.2 (2026-03-16)

This was a version bump only for @​supabase/supabase-js to align it with other projects, there were no code changes.

2.99.1 (2026-03-11)

This was a version bump only for @​supabase/supabase-js to align it with other projects, there were no code changes.

2.99.0 (2026-03-09)

This was a version bump only for @​supabase/supabase-js to align it with other projects, there were no code changes.

2.98.0 (2026-02-26)

This was a version bump only for @​supabase/supabase-js to align it with other projects, there were no code changes.

2.97.0 (2026-02-18)

This was a version bump only for @​supabase/supabase-js to align it with other projects, there were no code changes.

2.96.0 (2026-02-17)

This was a version bump only for @​supabase/supabase-js to align it with other projects, there were no code changes.

Commits
  • cd6335e docs(repo): enrich docs comment for remaining packages (#2165)
  • 9f487bd fix(postgrest): narrow tstyche testFileMatch to only type test files (#2193)
  • 379ce05 chore(release): version 2.100.0 changelogs (#2185)
  • bc435b3 chore(release): version 2.99.2 changelogs (#2168)
  • b85174f chore(release): version 2.99.1 changelogs (#2161)
  • 280e453 docs(repo): enrich tsdoc with examples and notes (#2152)
  • 749aaa9 chore(release): version 2.99.0 changelogs (#2156)
  • fab1655 chore(deps): update supabase ssr (#2147)
  • e6bdfe2 test(ci): add e2e tests for example apps (#2138)
  • 8451cc0 chore(release): version 2.98.0 changelogs (#2141)
  • Additional commits viewable in compare view

Updates dexie from 4.3.0 to 4.4.1

Release notes

Sourced from dexie's releases.

Dexie v4.4.1

This release introduces Blob Offloading and String Offloading for Dexie Cloud, enabling efficient handling of large binary and text data. It also includes IDB 3.0 optimizations and several bug fixes.

Related Package Releases

Package Version
dexie 4.4.1
dexie-cloud-addon 4.4.6
dexie-cloud-common 1.0.59
dexie-react-hooks 4.4.0
dexie-export-import 4.4.0

New Features

⚡ IDB 3.0 Optimizations

Leverages IndexedDB 3.0 getAll(options) for more efficient key range queries, reducing overhead for collection operations.

📦 Blob Offloading for Dexie Cloud

Large binary data (Blob, File, ArrayBuffer, TypedArray) is now automatically offloaded to cloud blob storage during sync. Data is stored normally in IndexedDB — offloading happens transparently during the sync process.

  • Automatic offloading: Binaries ≥ 4 KB are offloaded to blob storage during sync
  • Lazy resolution: BlobRefs are resolved back to their original types on first read
  • Optional Lazy blob mode: Configure blobMode: 'lazy' to download blobs on-demand instead of eagerly after sync (default is 'eager')
  • Progress tracking: Observable db.cloud.blobProgress for download progress
import Dexie from 'dexie';
import dexieCloud from 'dexie-cloud-addon';
const db = new Dexie('mydb', { addons: [dexieCloud] });
db.version(1).stores({ photos: '@​id, title' });
db.cloud.configure({ databaseUrl: '...', blobMode: 'eager' });
// Store binary data — syncs normally, offloads transparently
await db.photos.add({
title: 'Vacation',
image: new Blob([imageData], { type: 'image/jpeg' })
});

📝 String Offloading for Dexie Cloud

Long strings are now offloaded to blob storage during sync, keeping IndexedDB data compact while preserving full string content in the cloud.

  • Configurable threshold: maxStringLength option (default: 32768 characters)
  • Transparent: Offloaded strings resolve back to regular strings on read
  • IndexedDB unchanged: Full strings remain in local IndexedDB

... (truncated)

Commits
  • 3bcd57e Build output
  • 9f9c876 Merge remote-tracking branch 'origin/releases'
  • 1f82e33 Releasing v4.4.1
  • 7fddae0 Merge pull request #2272 from dexie/liz/policy-rejection-challenge
  • e992324 Merge pull request #2271 from dexie/liz/livequery-race-fix
  • 00d3394 fix(dexie-cloud-addon): make options argument optional in Table.newId()
  • 58e576b dexie-cloud-addon@4.4.4-alpha.0 for testing
  • aadc4fb fix(addon): remove USER_NOT_ACCEPTED duplicate, add USER_DEACTIVATED, fix dou...
  • e868a87 refactor(addon): remove EMAIL_NOT_ALLOWED error code
  • 8faab53 feat(addon): add intent to LoginHints and forward to server
  • Additional commits viewable in compare view

Updates dexie-react-hooks from 4.2.0 to 4.4.0

Release notes

Sourced from dexie-react-hooks's releases.

Dexie v4.3.0

This release introduces Social Authentication for Dexie Cloud, allowing users to sign in with Google, GitHub, Microsoft, Apple, or custom OAuth2 providers as an alternative to email OTP authentication.

Related Package Releases

Package Version
dexie 4.3.0
dexie-cloud-addon 4.3.9
dexie-react-hooks 4.2.2-beta.2

New Features

🔐 Social Authentication for Dexie Cloud

Dexie Cloud now supports OAuth 2.0 social login providers as an alternative to the existing OTP (One-Time Password) email authentication.

Supported Providers:

  • Google
  • GitHub
  • Microsoft
  • Apple
  • Custom OAuth2 providers

The Dexie Cloud server acts as an OAuth broker, handling all provider interactions. The client library never receives provider tokens—only Dexie Cloud authorization codes which are exchanged for Dexie Cloud tokens.

Usage:

Social auth is enabled by default on the client but need to be configured in manager first. When db.cloud.login() is called, users will see a provider selection dialog if OAuth providers are configured on the server.

// Initiate login - shows provider selection if available
await db.cloud.login();
// Or specify a provider directly
await db.cloud.login({ provider: 'google' });

Configuration Options:

db.cloud.configure({
  databaseUrl: 'https://mydb.dexie.cloud',
// Enable/disable social auth (default: true)
socialAuth: true, // also configure in https://manager.dexie.cloud
});

⚡ Suspense Support in dexie-react-hooks (Experimental)

... (truncated)

Commits
  • 207608a Build output
  • 3b617ff Merge remote-tracking branch 'origin/releases'
  • 308ec4a Releasing v4.4.0
  • cf6c958 dexie@4.4.0
  • c5ec124 Merge pull request #2263 from dexie/liz/blob-upload-fallback
  • 11f6094 fix(dexie-cloud): graceful fallback when server lacks blob endpoint
  • fbac535 feat(dexie-cloud): Add copy-to-clipboard button for whitelist command (#2261)
  • a604170 fix(dexie-cloud): WeakMap crash in DexieCloudDB + blob resolve middleware gua...
  • 61fa790 Don't swallow errors
  • ad3ae87 Make the blobProgres observable a hot observable (shared)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…th 3 updates

Bumps the database group with 3 updates in the /extension directory: [@supabase/supabase-js](https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js), [dexie](https://github.com/dexie/Dexie.js) and [dexie-react-hooks](https://github.com/dexie/Dexie.js).


Updates `@supabase/supabase-js` from 2.95.3 to 2.100.1
- [Release notes](https://github.com/supabase/supabase-js/releases)
- [Changelog](https://github.com/supabase/supabase-js/blob/master/packages/core/supabase-js/CHANGELOG.md)
- [Commits](https://github.com/supabase/supabase-js/commits/v2.100.1/packages/core/supabase-js)

Updates `dexie` from 4.3.0 to 4.4.1
- [Release notes](https://github.com/dexie/Dexie.js/releases)
- [Commits](dexie/Dexie.js@v4.3.0...v4.4.1)

Updates `dexie-react-hooks` from 4.2.0 to 4.4.0
- [Release notes](https://github.com/dexie/Dexie.js/releases)
- [Commits](dexie/Dexie.js@v4.2.0...v4.4.0)

---
updated-dependencies:
- dependency-name: "@supabase/supabase-js"
  dependency-version: 2.100.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: database
- dependency-name: dexie
  dependency-version: 4.4.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: database
- dependency-name: dexie-react-hooks
  dependency-version: 4.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: database
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Mar 30, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: extension. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Mar 30, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants