Skip to content

fix: session upgrade percentage should be based on session, not request#2371

Merged
hf merged 1 commit intomasterfrom
hf/fix-session-upgrade-percentage
Feb 9, 2026
Merged

fix: session upgrade percentage should be based on session, not request#2371
hf merged 1 commit intomasterfrom
hf/fix-session-upgrade-percentage

Conversation

@hf
Copy link
Contributor

@hf hf commented Feb 9, 2026

In #2356 a session would be upgraded to v2 refresh tokens based on the number of requests for that session. If you set a percentage value of 10% and there's 100 refresh token requests per session, all sessions would be upgraded within 1 day.

This is rectified here by converting the session ID to a value in the [0, 100) range making sure that a random selection of sessions would be upgraded consistently.

@hf hf requested a review from a team as a code owner February 9, 2026 14:55
@coveralls
Copy link

coveralls commented Feb 9, 2026

Pull Request Test Coverage Report for Build 21829957314

Details

  • 3 of 9 (33.33%) changed or added relevant lines in 1 file are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage decreased (-0.02%) to 69.003%
Changes Missing Coverage Covered Lines Changed/Added Lines %
internal/tokens/service.go 3 9 33.33%
Totals Coverage Status
Change from base Build 21776826908: -0.02%
Covered Lines: 14915
Relevant Lines: 21615
💛 - Coveralls

@hf hf merged commit 510e68b into master Feb 9, 2026
6 checks passed
@hf hf deleted the hf/fix-session-upgrade-percentage branch February 9, 2026 15:20
@supabase-releaser supabase-releaser bot mentioned this pull request Feb 7, 2026
Merged
@supabase-releaser supabase-releaser bot mentioned this pull request Feb 18, 2026
Closed
cstockton pushed a commit that referenced this pull request Feb 24, 2026
@supabase-releaser
chore(master): release 2.187.0 (#2367)
bdb13e3 
🤖 I have created a release *beep* *boop*
---


##
[2.187.0](v2.186.0...v2.187.0)
(2026-02-23)


### Features

* add metadata field to all hooks
([#2365](#2365))
([c675749](c675749))
* check current password on change
([#2364](#2364))
([33b87ae](33b87ae))
* **indexworker:** add max users threshold for rollout
([#2374](#2374))
([a2066c6](a2066c6))
* **metrics:** added a gauge with version information
([#2375](#2375))
([911ad0b](911ad0b))
* support custom oauth & oidc providers
([#2357](#2357))
([53021f6](53021f6))


### Bug Fixes

* case-insensitive Bearer token scheme matching
([#2387](#2387))
([36d712d](36d712d))
* correctly parse JWT ValidMethods from env by enabling split_words
([#2334](#2334))
([a6076bc](a6076bc))
* flaky index worker test
([#2366](#2366))
([961a7e6](961a7e6))
* **hooks:** propagate error objects from hook calls
([#2380](#2380))
([3ca1e88](3ca1e88))
* session upgrade percentage should be based on session, not request
([#2371](#2371))
([510e68b](510e68b))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: supabase-releaser[bot] <223506987+supabase-releaser[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@fadymak fadymak fadymak approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@hf @coveralls @fadymak