Skip to content

fix(studio): invalidate pooler caches and clarify UI after db password reset#44216

Open
maharshi-coding wants to merge 1 commit intosupabase:masterfrom
maharshi-coding:fix/issue-44210
Open

fix(studio): invalidate pooler caches and clarify UI after db password reset#44216
maharshi-coding wants to merge 1 commit intosupabase:masterfrom
maharshi-coding:fix/issue-44210

Conversation

@maharshi-coding
Copy link

@maharshi-coding maharshi-coding commented Mar 26, 2026

Problem

Fixes #44210

After resetting the database password from Settings → Database → Reset database password, users reported that transaction pooler connections (port 6543) and session pooler connections (port 5432) continued to reject the new password, even though the Supabase SQL Editor worked fine.

Steps to reproduce:

  1. Go to Settings → Database → Reset database password
  2. Enter a new strong password and confirm
  3. Wait for the "Successfully updated database password" toast
  4. Attempt to connect via the transaction pooler (port 6543) with the new password using a Postgres client (e.g. pg in Node.js)
  5. Before fix: password authentication failed for user 'postgres'
  6. After fix: pooler configs are immediately refetched; UI reflects latest connection state

Root cause

Two problems in the frontend:

1. Missing cache invalidation (data correctness)

useDatabasePasswordResetMutation only invalidated projectKeys.detail on success. The two pooler configuration queries were never invalidated:

Query key Cache entry Effect
databaseKeys.poolingConfiguration(ref) Supavisor config incl. connection_string Stale connection strings shown in Connect panel
databaseKeys.pgbouncerConfig(ref) PgBouncer config incl. connection info Stale dedicated pooler state

After a password reset, the Connect panel's pooler connection strings could remain stale until the next page load.

2. No user guidance about pooler propagation

The success toast simply said "Successfully updated database password" and the warning text said "Resetting it will break any existing connections" — neither mentioned:

  • That transaction/session poolers are specifically affected
  • That there is a short propagation window before poolers accept the new password
  • Which ports (5432 / 6543) are impacted

This left users confused when their pooler connections failed immediately after seeing a success message.

Changes

data/database/database-password-reset-mutation.ts

  • Invalidate databaseKeys.poolingConfiguration(ref) and databaseKeys.pgbouncerConfig(ref) in parallel with the existing projectKeys.detail invalidation so the UI fetches fresh pooler state immediately after reset

components/interfaces/Settings/Database/DatabaseSettings/ResetDbPassword.tsx

  • Success toast now reads: "Database password updated. Transaction and session pooler connections will reflect the new password shortly."
  • Warning text now explicitly names ports 5432 and 6543 and notes the short propagation window

Tests

New file: apps/studio/tests/features/database/DatabasePasswordReset.test.tsx

Notes

The underlying propagation delay on the backend (Supavisor/PgBouncer nodes picking up new credentials) is an infrastructure concern outside the scope of this repo. This PR ensures the frontend (a) keeps its own cache consistent immediately after reset, and (b) sets accurate user expectations via the UI.

@maharshi-coding @claude
fix(studio): invalidate pooler caches and clarify UI after db passwor…
01b2435 
…d reset

After calling PATCH /platform/projects/{ref}/db-password, the mutation
only invalidated the project detail query. The Supavisor and PgBouncer
configuration queries (which include connection_string data) were never
refetched, leaving the Connect panel showing stale pooler state.

Additionally, the success toast and warning text gave no indication that
transaction pooler (port 6543) and session pooler (port 5432) connections
are affected by the reset and may take a moment to reflect the new
password, causing user confusion reported in supabase#44210.

Changes:
- useDatabasePasswordResetMutation now invalidates
  databaseKeys.poolingConfiguration and databaseKeys.pgbouncerConfig
  in parallel with the existing projectKeys.detail invalidation
- Success toast updated to mention pooler propagation
- Warning text updated to name affected ports (5432, 6543) and note
  that poolers may take a short moment to reflect the new password

Fixes supabase#44210

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@maharshi-coding maharshi-coding requested a review from a team as a code owner March 26, 2026 06:02
@vercel
Copy link

vercel bot commented Mar 26, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

4 Skipped Deployments
Project Deployment Actions Updated (UTC)
design-system Skipped Skipped Mar 26, 2026 6:02am
docs Skipped Skipped Mar 26, 2026 6:02am
learn Skipped Skipped Mar 26, 2026 6:02am
ui-library Skipped Skipped Mar 26, 2026 6:02am

Request Review

@github-actions
Copy link
Contributor

github-actions bot commented Mar 26, 2026

Thanks for contributing to Supabase! ❤️ Our team will review your PR.

A few tips for a smoother review process:

  • If you have a local version of the repo, run pnpm run format to make sure formatting checks pass.
  • Once we've reviewed your PR, please don't trivially merge master (don't click Update branch if there are no merge conflicts to be fixed). This invalidates any pre-merge checks we've run.

@vercel
Copy link

vercel bot commented Mar 26, 2026

@maharshi-coding is attempting to deploy a commit to the Supabase Team on Vercel.

A member of the Team first needs to authorize it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Transaction pooler rejects password after database password reset (aws-1-us-east-1)

1 participant

@maharshi-coding