• Home
  • Features
  • Pricing
  • Docs
  • Announcements
  • Sign In

supabase / supabase-swift / 27678645985
81%

Build:
DEFAULT BRANCH: main
Ran 17 Jun 2026 09:25AM UTC
Jobs 1
Files 94
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst

17 Jun 2026 09:16AM UTC coverage: 81.015% (-0.9%) from 81.867%
27678645985

push

github

web-flow
feat(auth): add WebAuthn/passkey support (#1013)

* feat(auth): add WebAuthn/passkey support

Add WebAuthn as a second factor (MFA) and first-factor passkey
authentication. Includes native AuthenticationServices ceremony helpers
(signInWithPasskey, registerPasskey, enrollWebAuthnFactor,
verifyWebAuthnFactor) for iOS 16+/macOS 13+, plus lower-level
options/verify methods, passkey CRUD, new types and error codes.

WebAuthn credential payloads are encoded without the snake_case strategy
so W3C field names (clientDataJSON, attestationObject, ...) reach the
backend verbatim.

Linear: SDK-839

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* refactor(auth): gate WebAuthn/passkey API behind @_spi(Experimental)

WebAuthn/passkey support is experimental — the first-factor /passkeys/* contract
in particular is inferred and may change. Mark the whole surface (types, passkey
methods, MFA ceremony helpers, the webauthn members on MFAChallengeParams /
MFAVerifyParams / AuthMFAChallengeResponse / AuthMFAListFactorsResponse, and the
5 error codes) as @_spi(Experimental), re-exported through the Supabase umbrella.

Consumers opt in with `@_spi(Experimental) import Supabase`. The stable TOTP/phone
MFA API is unchanged. Keeping it out of the public API surface lets the inferred
contract evolve without breaking-API friction.

Linear: SDK-839

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* fix(auth): keep MFAVerifyParams.code non-optional for API stability

Reverting `code` to a non-optional `String` (it had become `String?` to support the
experimental webauthn verify init) avoids a breaking public-API change flagged by the
API-stability check. The webauthn init sets `code = ""`; that path builds its request
body manually via `encodeWebAuthnBody`, so `code` is never encoded for webauthn.

Linear: SDK-839

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* test(integration): grant table permissions to anon/authenticated

The integration-test s... (continued)

237 of 365 new or added lines in 7 files covered. (64.93%)

21 existing lines in 1 file now uncovered.

7489 of 9244 relevant lines covered (81.01%)

36.93 hits per line

Uncovered Changes

Lines Coverage ∆ File
91
28.35
Sources/Auth/WebAuthn/WebAuthnAuthenticator.swift
16
69.81
Sources/Auth/WebAuthn/AuthMFA+WebAuthn.swift
15
86.73
Sources/Auth/WebAuthn/AuthClient+Passkey.swift
6
72.73
Sources/Auth/WebAuthn/WebAuthnTypes.swift

Coverage Regressions

Lines Coverage ∆ File
21
25.74
-11.76% Sources/Auth/Internal/Keychain.swift
Jobs
ID Job ID Ran Files Coverage
1 27678645985.1 17 Jun 2026 09:25AM UTC 94
81.01
GitHub Action Run
Source Files on build 27678645985
  • Tree
  • List 94
  • Changed 5
  • Source Changed 3
  • Coverage Changed 5
Coverage ∆ File Lines Relevant Covered Missed Hits/Line
  • Back to Repo
  • Github Actions Build #27678645985
  • 9d652160 on github
  • Prev Build on main (#27610403963)
  • Next Build on main (#27679721638)
STATUS · Troubleshooting · Open an Issue · Sales · Support · CAREERS · ENTERPRISE · START FREE · SCHEDULE DEMO
ANNOUNCEMENTS · TWITTER · TOS & SLA · Supported CI Services · What's a CI service? · Automated Testing

© 2026 Coveralls, Inc