[Snyk] Upgrade @supabase/supabase-js from 2.0.4 to 2.50.5

[nerdy-tech-com-gitub]

Snyk has created this PR to upgrade @supabase/supabase-js from 2.0.4 to 2.50.5.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 169 versions ahead of your current version.

• The recommended version was released 21 days ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Access Control Bypass SNYK-JS-VITE-6182924	189	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ES5EXT-6095076	189	Proof of Concept
	Incorrect Authorization SNYK-JS-VITE-9653016	189	Proof of Concept
	Origin Validation Error SNYK-JS-VITE-8648411	189	Proof of Concept
	Incorrect Authorization SNYK-JS-VITE-9512410	189	Mature
	Cross-site Scripting (XSS) SNYK-JS-ROLLUP-8073097	189	Proof of Concept
	Improper Access Control SNYK-JS-VITE-6531286	189	Proof of Concept
	Information Exposure SNYK-JS-VITE-8023174	189	Proof of Concept
	Improper Input Validation SNYK-JS-NANOID-8492085	189	No Known Exploit
	Improper Input Validation SNYK-JS-POSTCSS-5926692	189	No Known Exploit
	Access Control Bypass SNYK-JS-VITE-9576207	189	Proof of Concept
	Information Exposure SNYK-JS-VITE-9685035	189	Proof of Concept
	Directory Traversal SNYK-JS-VITE-9919777	189	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-VITE-8022916	189	Proof of Concept

Release notes

Package name: @supabase/supabase-js

• 2.50.5 - 2025-07-10
  

  2.50.5 (2025-07-10)

  Bug Fixes

  • type: revert 2.50.4 breaking change (#1490) (d78ce0e)
• 2.50.5-next.4 - 2025-07-14
• 2.50.5-next.3 - 2025-07-12
• 2.50.5-next.2 - 2025-07-10
  

  2.50.5-next.2 (2025-07-10)

  Bug Fixes

  • trigger release next version (#1487) (0f65701)
• 2.50.5-next.1 - 2025-07-10
  

  2.50.5-next.1 (2025-07-10)

  Bug Fixes

  • setAuth ran automatically for realtime; prioritize setAuth tasks (#1475) (8a5a02a)
• 2.50.4 - 2025-07-09
  

  2.50.4 (2025-07-09)

  Bug Fixes

  • deps: package-lock (7cc57c7)
  • deps: upgrade postgrest-js to 1.21.0 (4316f7f)
  • packages-lock (1cb2e82)
  • types: restore explicit return type (dc9067b)
• 2.50.3 - 2025-07-02
  

  2.50.3 (2025-07-02)

  Bug Fixes

  • bump functions-js to 2.4.5 (a8ca670)
• 2.50.2 - 2025-06-25
  

  2.50.2 (2025-06-25)

  Bug Fixes

  • bump realtime-js to 2.11.15 (#1468) (13239a4)
• 2.50.2-next.1 - 2025-06-25
  

  2.50.2-next.1 (2025-06-25)

  Bug Fixes

  • bump realtime-js (0822961)
  • bump realtime-js (3083f97)
  • bump realtime-js (#1453) (5552b4a), closes #1438 #1443
  • bump realtime-js (#1456) (6386767)
  • bump realtime-js to 2.11.11-next.5 (7188f18)
  • bump realtime-js to 2.11.13 (6ecd194)
  • bump realtime-js to 2.11.15 (d3a3185)
  • bump up realtime (#1443) (ed21283)
  • update realtime-js (5ff313e)
  • update realtime-js to 2.11.12-next.1 (6f56092)
• 2.50.1 - 2025-06-24
  

  2.50.1 (2025-06-24)

  Bug Fixes

  • bump realtime-js to 2.11.13 (#1467) (008063e)
• 2.50.1-next.8 - 2025-06-24
  

  2.50.1-next.8 (2025-06-24)

  Bug Fixes

  • bump realtime-js to 2.11.13 (6ecd194)
• 2.50.1-next.7 - 2025-06-24
  

  2.50.1-next.7 (2025-06-24)

  Bug Fixes

  • update realtime-js (5ff313e)
• 2.50.1-next.6 - 2025-06-20
• 2.50.1-next.5 - 2025-06-12
• 2.50.1-next.4 - 2025-06-10
• 2.50.1-next.3 - 2025-06-09
• 2.50.1-next.2 - 2025-06-06
• 2.50.1-next.1 - 2025-06-06
• 2.50.0 - 2025-06-06
• 2.49.10 - 2025-06-04
• 2.49.10-next.2 - 2025-06-04
• 2.49.10-next.1 - 2025-06-03
• 2.49.9 - 2025-06-02
• 2.49.9-next.3 - 2025-06-03
• 2.49.9-next.2 - 2025-05-29
• 2.49.9-next.1 - 2025-05-23
• 2.49.8 - 2025-05-21
• 2.49.7 - 2025-05-20
• 2.49.6 - 2025-05-20
• 2.49.6-next.1 - 2025-05-20
• 2.49.5 - 2025-05-19
• 2.49.5-next.5 - 2025-05-13
• 2.49.5-next.4 - 2025-05-12
• 2.49.5-next.3 - 2025-05-12
• 2.49.5-next.2 - 2025-05-09
• 2.49.5-next.1 - 2025-05-09
• 2.49.4 - 2025-03-29
• 2.49.3 - 2025-03-24
• 2.49.2 - 2025-03-24
• 2.49.1 - 2025-02-24
• 2.49.0 - 2025-02-24
• 2.48.1 - 2025-01-24
• 2.48.0 - 2025-01-20
• 2.47.16 - 2025-01-17
• 2.47.15 - 2025-01-16
• 2.47.14 - 2025-01-15
• 2.47.13 - 2025-01-14
• 2.47.12 - 2025-01-08
• 2.47.11 - 2025-01-07
• 2.47.10 - 2024-12-19
• 2.47.9 - 2024-12-18
• 2.47.8 - 2024-12-16
• 2.47.7 - 2024-12-13
• 2.47.6 - 2024-12-12
• 2.47.5 - 2024-12-11
• 2.47.4 - 2024-12-11
• 2.47.4-rc.1 - 2024-12-11
• 2.47.3 - 2024-12-09
• 2.47.2 - 2024-12-06
• 2.47.1 - 2024-12-05
• 2.47.0 - 2024-12-05
• 2.46.2 - 2024-11-27
• 2.46.2-rc.3 - 2024-11-13
• 2.46.2-rc.2 - 2024-11-13
• 2.46.2-rc.1 - 2024-11-06
• 2.46.1 - 2024-10-30
• 2.46.0 - 2024-10-29
• 2.46.0-rc.5 - 2024-10-29
• 2.46.0-rc.4 - 2024-10-28
• 2.46.0-rc.3 - 2024-10-28
• 2.46.0-rc.2 - 2024-10-18
• 2.46.0-rc.1 - 2024-10-18
• 2.45.6 - 2024-10-19
• 2.45.5 - 2024-10-18
• 2.45.4 - 2024-09-10
• 2.45.3 - 2024-08-30
• 2.45.2 - 2024-08-23
• 2.45.1 - 2024-08-06
• 2.45.0 - 2024-07-29
• 2.44.4 - 2024-07-15
• 2.44.3 - 2024-07-08
• 2.44.2 - 2024-06-28
• 2.44.1 - 2024-06-27
• 2.44.0 - 2024-06-25
• 2.43.6 - 2024-06-25
• 2.43.5 - 2024-06-16
• 2.43.4 - 2024-05-23
• 2.43.3 - 2024-05-22
• 2.43.2 - 2024-05-15
• 2.43.1 - 2024-05-03
• 2.43.0 - 2024-05-01
• 2.42.7 - 2024-04-25
• 2.42.6 - 2024-04-25
• 2.42.5 - 2024-04-18
• 2.42.4 - 2024-04-15
• 2.42.3 - 2024-04-12
• 2.42.2 - 2024-04-12
• 2.42.1 - 2024-04-11
• 2.42.0 - 2024-04-03
• 2.41.1 - 2024-03-28
• 2.41.0 - 2024-03-28
• 2.40.0 - 2024-03-25
• 2.39.8 - 2024-03-12
• 2.39.7 - 2024-02-19
• 2.39.6 - 2024-02-14
• 2.39.5 - 2024-02-14
• 2.39.4 - 2024-02-13
• 2.39.3 - 2024-01-11
• 2.39.2 - 2024-01-02
• 2.39.1 - 2023-12-18
• 2.39.0 - 2023-11-28
• 2.38.5 - 2023-11-20
• 2.38.4 - 2023-10-26
• 2.38.3 - 2023-10-24
• 2.38.2 - 2023-10-19
• 2.38.1 - 2023-10-13
• 2.38.0 - 2023-10-04
• 2.37.0 - 2023-09-29
• 2.36.0 - 2023-09-20
• 2.35.0 - 2023-09-20
• 2.34.0 - 2023-09-19
• 2.33.2 - 2023-09-11
• 2.33.1 - 2023-08-22
• 2.33.0 - 2023-08-22
• 2.32.0 - 2023-08-07
• 2.31.0 - 2023-07-26
• 2.30.0 - 2023-07-26
• 2.29.0 - 2023-07-24
• 2.28.0 - 2023-07-24
• 2.27.0 - 2023-07-23
• 2.26.0 - 2023-06-20
• 2.25.0 - 2023-06-12
• 2.24.0 - 2023-05-30
• 2.23.0 - 2023-05-26
• 2.22.0 - 2023-05-15
• 2.21.0 - 2023-04-19
• 2.20.0 - 2023-04-12
• 2.19.0 - 2023-04-11
• 2.18.0 - 2023-04-11
• 2.17.0 - 2023-04-10
• 2.16.0 - 2023-04-10
• 2.15.0 - 2023-04-07
• 2.14.0 - 2023-04-03
• 2.13.1 - 2023-03-31
• 2.13.0 - 2023-03-30
• 2.12.1 - 2023-03-23
• 2.12.0 - 2023-03-20
• 2.11.0 - 2023-03-16
• 2.10.0 - 2023-03-02
• 2.9.0 - 2023-03-01
• 2.8.0 - 2023-02-15
• 2.7.1 - 2023-02-05
• 2.7.0 - 2023-02-01
• 2.6.0 - 2023-01-31
• 2.5.0 - 2023-01-27
• 2.4.1 - 2023-01-20
• 2.4.0 - 2023-01-11
• 2.3.0 - 2023-01-11
• 2.2.3 - 2022-12-30
• 2.2.2 - 2022-12-22
• 2.2.1 - 2022-12-17
• 2.2.0 - 2022-12-13
• 2.1.4 - 2022-12-13
• 2.1.3 - 2022-12-08
• 2.1.2 - 2022-12-06
• 2.1.1 - 2022-11-23
• 2.1.0 - 2022-11-11
• 2.0.6 - 2022-11-10
• 2.0.5 - 2022-11-01
• 2.0.4 - 2022-10-21

from @supabase/supabase-js GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs