Gathering detailed insights and metrics for @supabase/supabase-js
Gathering detailed insights and metrics for @supabase/supabase-js
Gathering detailed insights and metrics for @supabase/supabase-js
Gathering detailed insights and metrics for @supabase/supabase-js
An isomorphic Javascript client for Supabase. Query your Supabase database, subscribe to realtime events, upload and download files, browse typescript examples, invoke postgres functions via rpc, invoke supabase edge functions, query pgvector.
npm install @supabase/supabase-js
Typescript
Module System
Node Version
NPM Version
TypeScript (90.11%)
HTML (5.2%)
JavaScript (4.69%)
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
MIT License
3,841 Stars
917 Commits
401 Forks
60 Watchers
19 Branches
158 Contributors
Updated on Jul 18, 2025
Latest Version
2.52.0
Package Id
@supabase/supabase-js@2.52.0
Unpacked Size
248.82 kB
Size
54.58 kB
File Count
76
NPM Version
10.8.2
Node Version
20.19.3
Published on
Jul 17, 2025
Cumulative downloads
Total Downloads
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
6
supabase-js
- Isomorphic JavaScript Client for Supabase.First of all, you need to install the library:
1npm install @supabase/supabase-js
Then you're able to import the library and establish the connection with the database:
1import { createClient } from '@supabase/supabase-js'
2
3// Create a single supabase client for interacting with your database
4const supabase = createClient('https://xyzcompany.supabase.co', 'public-anon-key')
You can use plain <script>
s to import supabase-js from CDNs, like:
1<script src="https://cdn.jsdelivr.net/npm/@supabase/supabase-js@2"></script>
or even:
1<script src="https://unpkg.com/@supabase/supabase-js@2"></script>
Then you can use it from a global supabase
variable:
1<script> 2 const { createClient } = supabase 3 const _supabase = createClient('https://xyzcompany.supabase.co', 'public-anon-key') 4 5 console.log('Supabase Instance: ', _supabase) 6 // ... 7</script>
You can use <script type="module">
to import supabase-js from CDNs, like:
1<script type="module"> 2 import { createClient } from 'https://cdn.jsdelivr.net/npm/@supabase/supabase-js/+esm' 3 const supabase = createClient('https://xyzcompany.supabase.co', 'public-anon-key') 4 5 console.log('Supabase Instance: ', supabase) 6 // ... 7</script>
You can use supabase-js in the Deno runtime via JSR:
1import { createClient } from 'jsr:@supabase/supabase-js@2'
fetch
implementationsupabase-js
uses the cross-fetch
library to make HTTP requests, but an alternative fetch
implementation can be provided as an option. This is most useful in environments where cross-fetch
is not compatible, for instance Cloudflare Workers:
1import { createClient } from '@supabase/supabase-js'
2
3// Provide a custom `fetch` implementation as an option
4const supabase = createClient('https://xyzcompany.supabase.co', 'public-anon-key', {
5 global: {
6 fetch: (...args) => fetch(...args),
7 },
8})
This section outlines the scope of support for various runtime environments in Supabase JavaScript client.
We only support Node.js versions that are in Active LTS or Maintenance status as defined by the official Node.js release schedule. This means we support versions that are currently receiving long-term support and critical bug fixes.
When a Node.js version reaches end-of-life and is no longer in Active LTS or Maintenance status, Supabase will drop it in a minor release, and this won't be considered a breaking change.
We support Deno versions that are currently receiving active development and security updates. We follow the official Deno release schedule and only support versions from the stable
and lts
release channels.
When a Deno version reaches end-of-life and is no longer receiving security updates, Supabase will drop it in a minor release, and this won't be considered a breaking change.
1pnpm test
1supabase start 2pnpm run test:integration
The project includes Expo integration tests to ensure compatibility with React Native environments.
The project includes Next.js integration tests to ensure compatibility with React SSR environments.
The project includes Deno integration tests to ensure compatibility with Deno runtime.
The project includes Bun integration tests to ensure compatibility with Bun runtime.
When running on CI, the tests automatically use the latest dependencies from the root project. The CI pipeline:
.tgz
) with the latest versionsFor local development of Expo, Next.js, and Deno tests, you can update dependencies using automated scripts:
1# Update all test dependencies at once 2npm run update:test-deps 3 4# Or update specific test environments: 5npm run update:test-deps:expo # Expo tests only 6npm run update:test-deps:next # Next.js tests only 7npm run update:test-deps:deno # Deno tests only 8npm run update:test-deps:bun # Bun tests only
Note: The CI automatically handles dependency synchronization, so manual updates are only needed for local development and testing.
No vulnerabilities found.
Reason
30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
Reason
all changesets reviewed
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
Reason
1 existing vulnerabilities detected
Details
Reason
dependency not pinned by hash detected -- score normalized to 2
Details
Reason
detected GitHub workflow tokens with excessive permissions
Details
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
Reason
security policy file not detected
Details
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
Score
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More