feat: rename anon key → publishable key, service role key → secret key#1360
Merged
feat: rename anon key → publishable key, service role key → secret key#1360
Conversation
…et key Renames all references to align with Supabase's updated key naming convention: - `anonKey` parameter → `publishableKey` in Supabase.initialize() and _init() - `supabaseAnonKey` → `supabasePublishableKey` (internal parameter) - `ANON_KEY` / `SUPABASE_ANON_KEY` → `PUBLISHABLE_KEY` / `SUPABASE_PUBLISHABLE_KEY` in examples, docs, and infra config - `service_role` key references in doc comments → `secret` key - Test variables `anonToken` → `publishableToken` in gotrue tests JWT role claims (`'role': 'service_role'`) are left unchanged as they are internal backend values unrelated to the key naming convention. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…nv var rename - Keep anonKey as @deprecated in Supabase.initialize() so existing callers continue to compile; they receive a deprecation warning pointing to publishableKey. An assert enforces that at least one of the two is supplied. - Revert ANON_KEY → PUBLISHABLE_KEY in docker-compose: the storage binary reads ANON_KEY by name, renaming it silently breaks the service. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Collaborator
|
The |
mandarini
approved these changes
Apr 27, 2026
The key passed to Supabase.initialize() can be either a publishable key (anon) or a secret key depending on the use case, so the parameter name should not imply a specific key type. Aligns with SupabaseClient which already uses supabaseKey as its positional argument. - Rename publishableKey parameter -> supabaseKey in Supabase.initialize() - Update deprecated anonKey message to reference supabaseKey - Update all call sites in tests, examples, docs, and CHANGELOG - Revert internal gotrue test variable names back to anonToken (they represent the anonymous JWT, unrelated to the public API rename) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…PABASE_PUBLISHABLE_KEY in example Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
grdsdev
changed the title
Contributor
Author
|
@Vinzent03 I decided to go with |
Vinzent03
requested changes
Apr 27, 2026
…ckage; revert CHANGELOG edits - Supabase.initialize() (supabase_flutter): rename supabaseKey → publishableKey. Flutter apps are client-side and should always use the publishable (anon) key, matching the label shown on the Supabase dashboard. - SupabaseClient (supabase): keep supabaseKey as-is. The dart package is used in both client and server contexts, so the generic name is appropriate. - Add a note to SupabaseClient doc distinguishing publishable vs secret usage. - Revert all CHANGELOG modifications — historical entries should not be refactored. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
grdsdev
changed the title
Vinzent03
approved these changes
Apr 27, 2026
This was referenced Apr 29, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Updates API key terminology across code, tests, docs, and infra. No breaking changes — the old
anonKeyparameter is deprecated with a migration message pointing to the new name.Changes
supabase_flutter—Supabase.initialize()anonKeyis deprecated in favour ofpublishableKey. Both are accepted;publishableKeytakes precedence if both are supplied.publishableKeyis the right name for the Flutter package: apps run on the client and should always use the publishable (anon) key. The doc comment now explicitly warns against using the secret key here.supabase—SupabaseClientThe positional
supabaseKeyparameter is kept as-is — the plain Dart package is used in both client and server contexts, so a generic name is appropriate. The doc comment is updated to clarify the distinction:Doc comments —
GoTrueAdminApi/GoTrueAdminOAuthApiReferences to
`service_role` keyupdated to`secret` keyto match the new naming.What was intentionally left unchanged
'role': 'service_role') — internal backend values, unrelated to key namingANON_KEYininfra/storage_client/docker-compose.yml— the storage binary reads this env var by name; renaming it would silently break the service🤖 Generated with Claude Code