chore: update versions (#3332)

This PR was opened by the [Changesets
release](https://github.com/changesets/action) GitHub action. When
you're ready to do a release, you can merge this and the packages will
be published to npm automatically. If you're not ready to do a release
yet, that's fine, whenever you add more changesets to main, this PR will
be updated.


# Releases
## @nhost/dashboard@2.30.0

### Minor Changes

-   f6947a2: fix: fetch job-backup services logs using Live filter
- 44a3e6b: fix: collapsed main navigation sidebar overlaps mobile navbar
-   99b78f1: feat: dashboard: add download button for soc2 report
-   9acae7d: fix: e2e tests, stop on error when refreshing metadata

### Patch Changes

- 31e636a: fix (dashboard): Use the correct payload to reset metadata
before the e2e tests

## @nhost/docs@2.32.0

### Minor Changes

-   df51c3e: fix: added installation instructions for the CLI

### Patch Changes

-   4d835c4: fix: remove nodejs18
-   2aa81a6: fix (docs): fix audit

## @nhost-examples/nextjs-server-components@0.6.0

### Minor Changes

-   6ee2d1f: fix: proper use of onError in middleware

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

DEVELOPERS.md

@@ -2,9 +2,7 @@
 
 ## Requirements
 
-### Node.js v18
-
-_⚠️ Node.js v16 is also supported for the time being but support will be dropped in the near future_.
+### Node.js v20 or later
 
 ### [pnpm](https://pnpm.io/) package manager
 

audit-ci.jsonc

@@ -2,5 +2,5 @@
   // $schema provides code completion hints to IDEs.
   "$schema": "https://github.com/IBM/audit-ci/raw/main/docs/schema.json",
   "moderate": true,
-  "allowlist": ["vue-template-compiler"]
+  "allowlist": ["vue-template-compiler", { "id": "CVE-2025-48068", "path": "next" }]
 }

dashboard/.env.example

@@ -25,4 +25,6 @@ NEXT_PUBLIC_ZENDESK_USER_EMAIL=
 
 CODEGEN_GRAPHQL_URL=https://local.graphql.local.nhost.run/v1
 CODEGEN_HASURA_ADMIN_SECRET=nhost-admin-secret
-NEXT_PUBLIC_TURNSTILE_SITE_KEY=FIXME
+NEXT_PUBLIC_TURNSTILE_SITE_KEY=FIXME
+
+NEXT_PUBLIC_SOC2_REPORT_FILE_ID=

dashboard/CHANGELOG.md

@@ -1,5 +1,18 @@
 # @nhost/dashboard
 
+## 2.30.0
+
+### Minor Changes
+
+- f6947a2: fix: fetch job-backup services logs using Live filter
+- 44a3e6b: fix: collapsed main navigation sidebar overlaps mobile navbar
+- 99b78f1: feat: dashboard: add download button for soc2 report
+- 9acae7d: fix: e2e tests, stop on error when refreshing metadata
+
+### Patch Changes
+
+- 31e636a: fix (dashboard): Use the correct payload to reset metadata before the e2e tests
+
 ## 2.29.0
 
 ### Minor Changes

dashboard/e2e/setup/refresh-metadata.setup.ts

@@ -16,8 +16,7 @@ setup('refresh metadata', async () => {
             {
               type: 'reload_metadata',
               args: {
-                reload_remote_schemas: [],
-                reload_sources: [],
+                reload_sources: false,
               },
             },
             {
@@ -31,12 +30,19 @@ setup('refresh metadata', async () => {
       },
     );
     const body = await response.json();
+
     if (!response.ok) {
       const message = `[${body.code}]:${body.error}`;
-      console.log(message);
       throw new Error(message);
     } else {
-      console.log('Metadata is consistent.');
+      const isConsistent = body[0].is_consistent;
+      if (isConsistent) {
+        console.log('Metadata is consistent.');
+      } else {
+        console.error('Metadata is not consistent.');
+        console.error(body[0].inconsistent_objects);
+        throw new Error('Metadata is not consistent');
+      }
     }
   } catch (error) {
     // Log safe error information

dashboard/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost/dashboard",
-  "version": "2.29.0",
+  "version": "2.30.0",
   "private": true,
   "scripts": {
     "preinstall": "npx only-allow pnpm",
@@ -16,7 +16,7 @@
     "storybook": "start-storybook -p 6006 -s public",
     "build-storybook": "build-storybook",
     "install-browsers": "pnpm playwright install && pnpm playwright install-deps",
-    "e2e:tests": "pnpm install-browsers && pnpm playwright test --config=playwright.config.ts",
+    "e2e:tests": "pnpm install-browsers && pnpm playwright test --config=playwright.config.ts -x",
     "e2e": "pnpm e2e:tests --project=main",
     "e2e:local": "pnpm e2e:tests --project=local",
     "e2e:upgrade-project": "pnpm e2e:tests --project=upgrade-project"

dashboard/src/components/layout/MainNav/MainNav.tsx

@@ -41,7 +41,7 @@ export default function MainNav({ container }: MainNavProps) {
   return (
     <Sheet open={open} onOpenChange={setOpen}>
       <div
-        className="min- absolute left-0 z-50 flex h-full w-6 justify-center border-r-[1px] bg-background pt-1 hover:bg-accent"
+        className="min- absolute left-0 z-[39] flex h-full w-6 justify-center border-r-[1px] bg-background pt-1 hover:bg-accent"
         onMouseEnter={() => setOpen(true)}
       >
         <Menu className="h-4 w-4" />

dashboard/src/features/orgs/components/general/components/Soc2Download/Soc2Download.tsx

@@ -0,0 +1,95 @@
+import { Button } from '@/components/ui/v3/button';
+import { useCurrentOrg } from '@/features/orgs/projects/hooks/useCurrentOrg';
+import { execPromiseWithErrorToast } from '@/features/orgs/utils/execPromiseWithErrorToast';
+import { Organization_Status_Enum } from '@/utils/__generated__/graphql';
+import nhost from '@/utils/nhost/nhost';
+import { Download } from 'lucide-react';
+import { useState } from 'react';
+
+export default function Soc2Download() {
+  const { org } = useCurrentOrg();
+  const [downloading, setDownloading] = useState(false);
+
+  const showSoc2Download =
+    (org?.plan?.name === 'Team' || org?.plan?.name?.startsWith('Enterprise')) &&
+    org?.status === Organization_Status_Enum.Ok;
+
+  const handleDownload = async () => {
+    if (!org || !showSoc2Download) {
+      return;
+    }
+
+    setDownloading(true);
+
+    await execPromiseWithErrorToast(
+      async () => {
+        const fileId = process.env.NEXT_PUBLIC_SOC2_REPORT_FILE_ID;
+
+        if (!fileId) {
+          throw new Error('SOC2 report file ID not configured');
+        }
+
+        const { file, error } = await nhost.storage.download({
+          fileId,
+        });
+
+        if (error) {
+          throw new Error(error.message || 'Failed to download SOC2 report');
+        }
+
+        if (!file) {
+          throw new Error('No file data available');
+        }
+
+        const url = URL.createObjectURL(file);
+        const link = document.createElement('a');
+        link.href = url;
+        link.download = 'Nhost-SOC2-Report.pdf';
+        link.click();
+
+        URL.revokeObjectURL(url);
+      },
+      {
+        loadingMessage: 'Downloading SOC2 report...',
+        successMessage: 'SOC2 report downloaded successfully',
+        errorMessage:
+          'Failed to download SOC2 report. Please try again or contact support.',
+      },
+    );
+
+    setDownloading(false);
+  };
+
+  if (!showSoc2Download) {
+    return null;
+  }
+
+  return (
+    <div className="flex w-full flex-col rounded-md border bg-background">
+      <div className="w-full border-b p-4 font-medium">
+        SOC2 Compliance Report
+      </div>
+
+      <div className="flex w-full flex-col gap-4 p-4">
+        <div className="flex flex-col gap-2">
+          <p className="text-sm text-muted-foreground">
+            Download Nhost&apos;s SOC2 Type II compliance report. This report
+            demonstrates our commitment to security controls.
+          </p>
+        </div>
+
+        <div className="flex justify-start">
+          <Button
+            onClick={handleDownload}
+            disabled={downloading}
+            variant="outline"
+            className="flex items-center gap-2"
+          >
+            <Download className="h-4 w-4" />
+            {downloading ? 'Downloading...' : 'Download SOC2 Report'}
+          </Button>
+        </div>
+      </div>
+    </div>
+  );
+}

dashboard/src/features/orgs/components/general/components/Soc2Download/index.ts

@@ -0,0 +1 @@
+export { default as Soc2Download } from './Soc2Download';

dashboard/src/pages/orgs/[orgSlug]/projects/[appSubdomain]/logs.tsx

@@ -64,7 +64,10 @@ export default function LogsPage() {
         document: GetLogsSubscriptionDocument,
         variables: {
           appID: project?.id,
-          service: filters.service,
+          service:
+            filters.service === AvailableLogsService.JOB_BACKUP
+              ? 'job-backup.+' // Use regex pattern to match any job-backup services
+              : filters.service,
           from: filters.from,
           regexFilter: filters.regexFilter,
         },

dashboard/src/pages/orgs/[orgSlug]/settings.tsx

@@ -1,5 +1,6 @@
 import { DeleteOrg } from '@/features/orgs/components/general/components/DeleteOrg';
 import { GeneralSettings } from '@/features/orgs/components/general/components/GeneralSettings';
+import { Soc2Download } from '@/features/orgs/components/general/components/Soc2Download';
 import { ProjectLayout } from '@/features/orgs/layout/ProjectLayout';
 import type { ReactElement } from 'react';
 
@@ -7,6 +8,7 @@ export default function OrgSettings() {
   return (
     <div className="flex h-full flex-col gap-4 overflow-auto bg-accent p-4">
       <GeneralSettings />
+      <Soc2Download />
       <DeleteOrg />
     </div>
   );

docs/CHANGELOG.md

@@ -1,5 +1,16 @@
 # @nhost/docs
 
+## 2.32.0
+
+### Minor Changes
+
+- df51c3e: fix: added installation instructions for the CLI
+
+### Patch Changes
+
+- 4d835c4: fix: remove nodejs18
+- 2aa81a6: fix (docs): fix audit
+
 ## 2.31.0
 
 ### Minor Changes

docs/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost/docs",
-  "version": "2.31.0",
+  "version": "2.32.0",
   "private": true,
   "scripts": {
     "start": "mintlify dev"

docs/platform/cli/local-development.mdx

@@ -11,6 +11,22 @@ Nhost's command-line interface (CLI) lets you run a complete Nhost development e
 - [Git](https://git-scm.com/downloads)
 - [Docker](https://www.docker.com/get-started)
 
+## Supported platforms
+
+- MacOS
+- Linux
+- Windows (via WSL2)<sup>1</sup>
+
+<Warning>
+<sup>1</sup> Windows isn't supported natively. WSL2 is required to install and use the Nhost CLI. We recommend using docker-ce inside WSL2 instead of Docker Desktop.
+</Warning>
+
+## Installing Nhost's CLI
+
+```bash
+sudo curl -L https://raw.githubusercontent.com/nhost/cli/main/get.sh | bash
+```
+
 ## Login to Nhost
 
 ```bash

docs/products/functions/runtimes.mdx

@@ -8,21 +8,12 @@ icon: person-running
 
 The following runtimes are supported:
 
-- [Node.js 18](https://nodejs.org)
 - [Node.js 20](https://nodejs.org)
 - [Node.js 22](https://nodejs.org)
 
 To select your preferred runtime ensure the following configuration is present in your `nhost.toml` file:
 
 <Tabs>
-  <Tab title="Node.js 18">
-
-```toml
-[functions.node]
-version = 18
-```
-
-  </Tab>
   <Tab title="Node.js 20">
 
 ```toml

examples/quickstarts/nextjs-server-components/CHANGELOG.md

@@ -1,5 +1,11 @@
 # @nhost-examples/nextjs-server-components
 
+## 0.6.0
+
+### Minor Changes
+
+- 6ee2d1f: fix: proper use of onError in middleware
+
 ## 0.5.6
 
 ### Patch Changes

examples/quickstarts/nextjs-server-components/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost-examples/nextjs-server-components",
-  "version": "0.5.6",
+  "version": "0.6.0",
   "private": true,
   "scripts": {
     "dev": "next dev",

examples/quickstarts/nextjs-server-components/src/utils/nhost.ts

@@ -37,8 +37,8 @@ export const manageAuthSession = async (
   if (accessTokenExpired || refreshToken) {
     const { session: newSession, error } = await nhost.auth.refreshSession(refreshToken)
 
-    if (error) {
-      onError?.(error)
+    if (error && onError) {
+      return onError(error)
     }
 
     // remove the refreshToken from the url

package.json

@@ -175,9 +175,11 @@
       "prismjs@<1.30.0": ">=1.30.0",
       "axios@<1.8.2": ">=1.8.2",
       "vite@>=5.0.0 <=5.4.18": ">=5.4.19",
-      "vite@>=6.2.0 <=6.2.6": ">=6.2.6",
+       "vite@>=6.2.0 <=6.2.6": ">=6.2.6",
       "@sveltejs/kit@>=2.0.0 <2.20.6": ">=2.20.6",
-      "react-router@<7.5.2": ">=7.5.2"
+      "react-router@<7.5.2": ">=7.5.2",
+      "undici@<5.29.0": ">=5.29.0",
+      "tar-fs@>=3.0.0 <3.0.9": ">=3.0.9"
     }
   }
 }

pnpm-lock.yaml

@@ -79,6 +79,8 @@ overrides:
   vite@>=6.2.0 <=6.2.6: '>=6.2.6'
   '@sveltejs/kit@>=2.0.0 <2.20.6': '>=2.20.6'
   react-router@<7.5.2: '>=7.5.2'
+  undici@<5.29.0: '>=5.29.0'
+  tar-fs@>=3.0.0 <3.0.9: '>=3.0.9'
 
 importers:
 
@@ -3669,10 +3671,6 @@ packages:
     resolution: {integrity: sha512-XK6BTq1NDMo9Xqw/YkYyGjSsg44fbNwYRx7QK2CuoQgyy+f1rrTDHoExVM5PsyXCtfl2vs2vVJ0MN0yN6LppRw==}
     engines: {node: '>=14.0.0', npm: '>=6.0.0'}
 
-  '@fastify/busboy@2.1.1':
-    resolution: {integrity: sha512-vBZP4NlzfOlerQTnba4aqZoMhE/a9HY7HRqoOPaETQcSQuWEIyZMHGfVu6w9wGtGK5fED5qRs2DteVCjOH60sA==}
-    engines: {node: '>=14'}
-
   '@floating-ui/core@1.6.3':
     resolution: {integrity: sha512-1ZpCvYf788/ZXOhRQGFxnYQOVgeU+pi0i+d0Ow34La7qjIXETi6RNswGVKkA6KcDO8/+Ysu2E/CeUmmeEBDvTg==}
 
@@ -15603,8 +15601,8 @@ packages:
     resolution: {integrity: sha512-GNzQvQTOIP6RyTfE2Qxb8ZVlNmw0n88vp1szwWRimP02mnTsx3Wtn5qRdqY9w2XduFNUgvOwhNnQsjwCp+kqaQ==}
     engines: {node: '>=6'}
 
-  tar-fs@3.0.8:
-    resolution: {integrity: sha512-ZoROL70jptorGAlgAYiLoBLItEKw/fUxg9BSYK/dF/GAGYFJOJJJMvjPAKDJraCXFwadD456FCuvLWgfhMsPwg==}
+  tar-fs@3.0.9:
+    resolution: {integrity: sha512-XF4w9Xp+ZQgifKakjZYmFdkLoSWd34VGKcsTCwlNWM7QG3ZbaxnTsaBwnjFZqHRf/rROxaR8rXnbtwdvaDI+lA==}
 
   tar-stream@3.1.7:
     resolution: {integrity: sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==}
@@ -16130,9 +16128,9 @@ packages:
   undici-types@6.20.0:
     resolution: {integrity: sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==}
 
-  undici@5.28.5:
-    resolution: {integrity: sha512-zICwjrDrcrUE0pyyJc1I2QzBkLM8FINsgOrt6WjA+BgajVq9Nxu2PbFFXUrAggLfDXlZGZBVZYw7WNV5KiBiBA==}
-    engines: {node: '>=14.0'}
+  undici@7.10.0:
+    resolution: {integrity: sha512-u5otvFBOBZvmdjWLVW+5DAc9Nkq8f24g0O9oY7qw2JVIF1VocIFoyz9JFkuVOS2j41AufeO0xnlweJ2RLT8nGw==}
+    engines: {node: '>=20.18.1'}
 
   unfetch@3.1.2:
     resolution: {integrity: sha512-L0qrK7ZeAudGiKYw6nzFjnJ2D5WHblUBwmHIqtPS6oKUd+Hcpk7/hKsSmcHsTlpd1TbTNsiRBUKRq3bHLNIqIw==}
@@ -19981,8 +19979,6 @@ snapshots:
 
   '@faker-js/faker@7.6.0': {}
 
-  '@fastify/busboy@2.1.1': {}
-
   '@floating-ui/core@1.6.3':
     dependencies:
       '@floating-ui/utils': 0.2.3
@@ -20038,7 +20034,7 @@ snapshots:
   '@gqty/cli@3.3.0-alpha-d8cdbf6.0(graphql@16.8.1)':
     dependencies:
       gqty: 2.3.0(graphql@16.8.1)
-      undici: 5.28.5
+      undici: 7.10.0
     optionalDependencies:
       graphql: 16.8.1
 
@@ -22414,7 +22410,7 @@ snapshots:
       progress: 2.0.3
       proxy-agent: 6.5.0
       semver: 7.6.3
-      tar-fs: 3.0.8
+      tar-fs: 3.0.9
       unbzip2-stream: 1.4.3
       yargs: 17.7.2
     transitivePeerDependencies:
@@ -26670,7 +26666,7 @@ snapshots:
       form-data-encoder: 1.9.0
       formdata-node: 4.4.1
       node-fetch: 2.6.13(encoding@0.1.13)
-      undici: 5.28.5
+      undici: 7.10.0
       web-streams-polyfill: 3.3.3
     transitivePeerDependencies:
       - encoding
@@ -36978,7 +36974,7 @@ snapshots:
 
   tapable@2.2.1: {}
 
-  tar-fs@3.0.8:
+  tar-fs@3.0.9:
     dependencies:
       pump: 3.0.2
       tar-stream: 3.1.7
@@ -37648,9 +37644,7 @@ snapshots:
 
   undici-types@6.20.0: {}
 
-  undici@5.28.5:
-    dependencies:
-      '@fastify/busboy': 2.1.1
+  undici@7.10.0: {}
 
   unfetch@3.1.2: {}