[Snyk] Upgrade @supabase/ssr from 0.7.0 to 0.8.0

[UsmanBuk]

User description

Snyk has created this PR to upgrade @supabase/ssr from 0.7.0 to 0.8.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 6 versions ahead of your current version.

• The recommended version was released 2 months ago.

Release notes

Package name: @supabase/ssr

• 0.8.0 - 2025-11-26
  

  0.8.0 (2025-11-26)

  Features

  • adds cookies.encode option allowing minimal cookie sizes (#126) (cf38b22)
  • publish SSR under deprecated auth-helpers package names (#127) (e8b6102)
  • update supabase-js to latest (#133) (d65044d)
  • update supabase-js to latest (#145) (08bf7d6)

  Bug Fixes

  • cookies console warnings (#136) (64ff6b3)
• 0.8.0-rc.9 - 2025-11-26
  

  This is a release candidate. See release-please PR #128 for context.

• 0.8.0-rc.8 - 2025-11-26
  

  This is a release candidate. See release-please PR #128 for context.

• 0.8.0-rc.5 - 2025-11-26
  

  This is a release candidate. See release-please PR #128 for context.

• 0.8.0-rc.2 - 2025-09-16
• 0.8.0-rc.1 - 2025-09-08
• 0.7.0 - 2025-08-22
  

  0.7.0 (2025-08-22)

  Features

  • bump cookie to 1.0.2 (#113) (b4a77b4)

  Bug Fixes

  • remove usage of internal type params (#123) (8f3e89e)

from @supabase/ssr GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

---

CodeAnt-AI Description

Upgrade @supabase/ssr to 0.8.0 (adds cookie encoding option and updates Supabase client compatibility)

What Changed

• The project now depends on @supabase/ssr 0.8.0 instead of 0.7.0, reflected in package.json and lockfile
• SSR cookies can use a new encode option that allows smaller cookie sizes (fewer bytes sent to clients)
• The package's peer compatibility was raised to require a newer @supabase/supabase-js, reducing mismatch issues with newer Supabase clients

Impact

✅ Smaller SSR cookies sent to browsers
✅ Fewer runtime incompatibilities with newer Supabase clients
✅ Updated dependency metadata for improved supply-chain integrity

💡 Usage Guide

Checking Your Pull Request

Every time you make a pull request, our system automatically looks through it. We check for security issues, mistakes in how you're setting up your infrastructure, and common code problems. We do this to make sure your changes are solid and won't cause any trouble later.

Talking to CodeAnt AI

Got a question or need a hand with something in your pull request? You can easily get in touch with CodeAnt AI right here. Just type the following in a comment on your pull request, and replace "Your question here" with whatever you want to ask:

@codeant-ai ask: Your question here

This lets you have a chat with CodeAnt AI about your pull request, making it easier to understand and improve your code.

Example

@codeant-ai ask: Can you suggest a safer alternative to storing this secret?

Preserve Org Learnings with CodeAnt

You can record team preferences so CodeAnt AI applies them in future reviews. Reply directly to the specific CodeAnt AI suggestion (in the same thread) and replace "Your feedback here" with your input:

@codeant-ai: Your feedback here

This helps CodeAnt AI learn and adapt to your team's coding style and standards.

Example

@codeant-ai: Do not flag unused imports.

Retrigger review

Ask CodeAnt AI to review the PR again, by typing:

@codeant-ai: review

Check Your Repository Health

To analyze the health of your code repository, visit our dashboard at https://app.codeant.ai. This tool helps you identify potential issues and areas for improvement in your codebase, ensuring your repository maintains high standards of code health.

[codeant-ai]

CodeAnt AI is reviewing your PR.

---

Thanks for using CodeAnt! 🎉

We're free for open-source projects. if you're enjoying it, help us grow by sharing.

Share on X ·
Reddit ·
LinkedIn

[coderabbitai]

Important

Review skipped

Ignore keyword(s) in the title.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch snyk-upgrade-c17c120ce3a9d662f3024f5e25c6fbf3

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codeant-ai]

Sequence Diagram

This PR updates the @supabase/ssr dependency from 0.7.0 to 0.8.0 in package.json and package-lock.json. The diagram shows the high-level flow from Snyk generating the upgrade PR through dependency resolution and CI build verification.

sequenceDiagram
    participant Snyk
    participant Repository
    participant npm
    participant CI

    Snyk->>Repository: Open upgrade PR (bump @supabase/ssr 0.7.0 → 0.8.0)
    Repository->>Repository: Update package.json & package-lock.json
    CI->>Repository: Trigger CI on PR
    CI->>npm: Install dependencies (reads package-lock.json)
    npm-->>CI: Resolved @supabase/ssr@0.8.0 installed
    CI-->>Repository: Run build/tests and report status

Loading

---

Generated by CodeAnt AI

[codeant-ai]

CodeAnt AI finished reviewing your PR.