
Supabase’s July 2026 developer update quietly expands what “Postgres-native” means. You can now query MongoDB collections directly from Postgres SQL, sync TanStack DB collections with zero Realtime boilerplate, and broadcast raw binary payloads without the base64 tax. Three additions that sound incremental until you realize they collectively solve the exact friction points that kept teams from going all-in on Supabase.
MongoDB Queries from Postgres SQL
Wrappers v0.6.2 adds a MongoDB foreign data wrapper — meaning you write standard SQL and Postgres handles the MongoDB wire protocol on your behalf. WHERE, ORDER BY, and LIMIT clauses push down to MongoDB, so the database you’re querying does the heavy lifting, not Postgres.
The practical payoff: if your stack has Postgres for application data and MongoDB for a legacy collection you haven’t migrated yet, you no longer need separate clients in your application layer. One SQL query, one connection, one place to manage access via RLS. This isn’t a full migration — aggregate functions like COUNT and SUM still execute in Postgres after row fetch, and nested field paths require the _doc JSONB column with Postgres JSON operators. But it gives you a consolidation path that doesn’t require moving data at all.
This is the most underrated feature in this update. Every team maintaining dual MongoDB/Postgres clients to avoid a migration now has an exit ramp.
Binary Payloads Over Realtime Broadcast
Realtime Broadcast now supports ArrayBuffer and ArrayBufferView alongside JSON. The practical difference: a temperature reading from an IoT sensor takes 20-30 characters as JSON text. In binary, it fits in a few bytes. Multiply that by thousands of devices and the encoding overhead stops being theoretical.
Screenshot and presentation streaming are the other obvious beneficiary. Previously, sending image frames over Realtime meant base64-encoding them first — a ~33% size penalty and a CPU cost on both ends. Now you send raw JPEG or PNG bytes directly.
One hard requirement to know before you ship: update your SDKs first. Binary payloads require supabase-js 2.91.0+ and supabase-swift 2.44.0+. Dart, Kotlin, and Python clients don’t support binary yet. The worst part: older SDK versions silently drop binary messages — no error, no warning, the messages just disappear. Update before you enable binary broadcast, not after.
TanStack DB Collection Sync (Alpha)
The @supabase-labs/tanstack-db package connects TanStack DB collections to your Supabase tables over PostgREST and Realtime. Live queries re-render components when rows change. Optimistic mutations apply instantly in the UI and roll back automatically if the server rejects them. When another user updates a row, every subscribed client sees it — without writing a single Realtime subscription handler.
RLS policies apply automatically through the PostgREST layer, so your existing access rules carry over. It’s still alpha — treat it as an experiment rather than a production dependency. But if you’ve ever manually wired a Realtime subscription to a TanStack Query cache, you know exactly what this eliminates.
OpenCode Now Connects to Your Supabase Backend
OpenCode, the open-source terminal AI coding agent, now auto-configures an MCP connection to your Supabase database, Edge Functions, and logs. Type /supabase, authenticate, and your agent can query schema, run SQL, and deploy Edge Functions from natural language. Setup takes roughly two minutes. Requires OpenCode 1.3.4+.
The agent-native database pattern is becoming table stakes. Supabase is not positioning itself as just an auth layer or a storage provider. It’s building the backend infrastructure that AI agents work with directly.
Self-Hosted: Two Breaking Changes to Handle Now
If you run a self-hosted Supabase deployment, two changes require immediate attention before pulling the latest Docker image.
First, API_EXTERNAL_URL now requires the /auth/v1 suffix. If your current config has API_EXTERNAL_URL=https://my-domain.com, it must become https://my-domain.com/auth/v1. OAuth redirect URIs in your docker-compose.yml should change from ${API_EXTERNAL_URL}/auth/v1/callback to ${API_EXTERNAL_URL}/callback — otherwise you get a doubled prefix. SAML SSO endpoints move to /auth/v1/sso/saml/*.
Second, Postgres 17 is now the default image. Do not point a Postgres 17 container at an existing Postgres 15 data directory — it won’t work and you risk data corruption.
One quieter change worth noting: log_connections now defaults to off for new Free and Pro projects, and existing Free/Pro projects were migrated on July 9. Teams and Enterprise are unaffected. You can re-enable it from Dashboard > Database > Settings if your monitoring setup depends on it.













