chore: production deploy#5290
Merged
Merged
Conversation
Contributor
supabase-cli-releaser
Bot
commented
May 19, 2026
supabase-cli-releaser
Bot
commented
- fix(cli): prevent fork-bomb when supabase-go binary is not found (fix(cli): prevent fork-bomb when supabase-go binary is not found #5282)
- fix(cli): remove rawProjectConfig from ProjectContext (refactor(cli): remove rawProjectConfig from ProjectContext #5281)
- docs: use relative markdown links (docs: use relative markdown links #5285)
- fix: hide init flags (fix: hide init flags #5287)
Fixes CLI-1488: the Go proxy layer was silently falling back to
`"supabase"` on PATH when the `supabase-go` binary could not be
resolved. When the shim itself is on PATH and `supabase-go` is not
co-located, this fallback resolves to the shim and causes a fork-bomb
(silent multi-minute hang in CI followed by SIGTERM).
## Changes
- **Binary resolution**: `resolveBinary()` now returns a
`BinaryResolution` discriminated union (`{ found: string } | { notFound:
string[] }`) instead of a fallback string. The `notFound` variant tracks
all attempted locations for user-facing diagnostics.
- **Error handling**: When binary resolution fails, `makeGoProxyLayer`
now prints a specific diagnostic message to stderr and exits with code 1
via `ProcessControl.exit()`, rather than attempting to spawn a
non-existent binary.
- **User-facing diagnostics**: New `formatGoBinaryNotFoundError()`
function generates a helpful error message that:
- Lists all locations the resolver checked
- Provides platform-specific `curl | tar` install snippets (when
CLI_VERSION is not the dev sentinel and the host architecture is
supported)
- Suggests npm installation and SUPABASE_GO_BINARY environment variable
as alternatives
- **Test coverage**: Added comprehensive unit tests for
`formatGoBinaryNotFoundError()` covering:
- Basic error message formatting with all attempted locations
- Dev build behavior (no curl snippet when CLI_VERSION is "0.0.0-dev")
- Platform-specific snippet generation (linux x64, darwin arm64, win32 →
windows mapping)
- Unsupported architecture handling (no snippet when release asset
doesn't exist)
- Integration test verifying the layer refuses to spawn and exits 1 when
binary is not found
The fix ensures the CLI fails fast with actionable guidance instead of
silently fork-bombing itself.
https://claude.ai/code/session_01Lb1v3o9Dabe6qjH565ki4k
---------
Co-authored-by: Claude <noreply@anthropic.com>
Remove the unused `rawProjectConfig` field from `ProjectContext` and stop loading the raw project config in the project context layer. ## Changes - Removed `rawProjectConfig: Option.Option<ProjectConfig>` from `ProjectContextShape` interface - Removed `loadProjectConfig` call from `projectContextLayer` — only `loadProjectEnvironment` is now used - Updated `mockProjectContext` test helper to remove the `rawProjectConfig` option parameter - Added unit test for `projectContextLayer` covering the scenario where `config.toml` uses `env()` on numeric fields (CLI-1489) and the case where no Supabase project is found ## Implementation Details The `rawProjectConfig` field was not being used anywhere in the codebase. By removing it, we simplify the `ProjectContext` service and reduce unnecessary I/O during initialization. The project context now only loads and exposes the project environment configuration, which is what consumers actually need. https://claude.ai/code/session_01C7reiRogHr6WXQoKiEDQeW --------- Co-authored-by: Claude <noreply@anthropic.com>
## TL;DR hides legacy init compatibility flags from help output to match the existing go behavior ## ref: - closes #5286 --------- Co-authored-by: Andrew Valleteau <avallete@users.noreply.github.com>
Coverage Report for CI Build 26083683484Warning No base build found for commit Coverage: 63.744%Details
Uncovered ChangesNo uncovered changes found. Coverage RegressionsRequires a base build to compare against. How to fix this → Coverage Stats
💛 - Coveralls |
Refactor the hidden flag system to scope flag visibility per-command rather than maintaining a global registry. This prevents flag name collisions when the same flag name appears in different commands with different visibility requirements. ## Changes - **Replaced global hidden flag registry with per-command annotations**: Changed from a module-level `Set<string>` to a `Context.Reference` (`LegacyHiddenFlags`) that attaches hidden flag metadata directly to each `Command` via `Command.annotate`. - **Introduced `withHiddenFromConfig` helper**: New pipe step that walks a command's flag config, collects all flags wrapped with `withHidden`, and attaches the resulting set to the command. This materializes the per-command list at command construction time, scoping visibility to that specific command. - **Updated `withHidden` to use WeakMap tracking**: Changed from adding to a global set to recording flag references in a module-local `WeakMap`, allowing `withHiddenFromConfig` to look up which flags were marked hidden without polluting global state. - **Updated `stripHiddenFlagsFromHelpDoc` to read from annotations**: Now reads the hidden flag set from the help doc's `LegacyHiddenFlags` annotation instead of checking a global registry, enabling per-command filtering. - **Applied `withHiddenFromConfig` to all legacy commands**: Updated `stop`, `start`, `init`, `functions deploy`, `functions download`, and `functions serve` commands to wire their configs through `withHiddenFromConfig`. - **Added `--backup` hidden flag to stop command**: Restored the historical `--backup` flag (hidden by default) for Go CLI parity, with handler logic to forward `--backup=false` when explicitly disabled. - **Added integration test for stop command**: New test file validates that the `--backup` flag is correctly forwarded to the Go proxy. ## Implementation Details The refactor maintains backward compatibility with the existing `withHidden` API while fixing the architectural issue where flags with the same name in different commands would interfere with each other. The `Context.Reference` pattern ensures each command carries its own isolated set of hidden flag names, read during help doc rendering. Related: CLI-1483 https://claude.ai/code/session_01EB93upyjdFDB3czXheQknG Co-authored-by: Claude <noreply@anthropic.com>
## What kind of change does this PR introduce? CI hardening ## Additional context Removes interpolation and uses env instead. General hardening and best practice. Not reachable by untrusted code (forks/PRs) Co-authored-by: Andrew Valleteau <avallete@users.noreply.github.com>
This PR was automatically created to sync API types from the infrastructure repository. Changes were detected in the generated API code after syncing with the latest spec from infrastructure. Co-authored-by: supabase-cli-releaser[bot] <246109035+supabase-cli-releaser[bot]@users.noreply.github.com> Co-authored-by: Andrew Valleteau <avallete@users.noreply.github.com>
avallete
approved these changes
May 19, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.