supabase-rb 3.1.1 → 3.2.0

data/lib/supabase/realtime/presence.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require_relative "callback_safety"
+
 module Supabase
   module Realtime
     # Tracks presence state for one channel and implements the Phoenix Presence
@@ -9,56 +11,79 @@ module Supabase
     # shape before being stored or emitted, so listener callbacks receive
     # `(key, current_presences, new_presences)` with `presence_ref` keys.
     class Presence
-      attr_reader :state
-
-      def initialize
+      def initialize(logger: nil)
         @state = {}
+        # Guards every read/write of @state so a reader thread iterating over
+        # `presence_state` cannot collide with the realtime read-thread
+        # applying inbound presence_state / presence_diff frames. US-007 stress
+        # spec demonstrates the bare-Hash version raises "can't add a new key
+        # into hash during iteration" under load; with the mutex + snapshot
+        # accessor the same scenario stays clean. Callbacks are fanned out
+        # AFTER the mutex is released to avoid user code reentering `state`
+        # under the same lock.
+        @mutex = Mutex.new
         @on_sync_callbacks = []
         @on_join_callbacks = []
         @on_leave_callbacks = []
+        @logger = logger
+      end
+
+      # Snapshot of the current presence state. Returns a shallow dup of the
+      # internal hash so callers can iterate safely while the read-thread
+      # continues to apply inbound diffs (US-007 thread safety AC).
+      def state
+        @mutex.synchronize { @state.dup }
       end
 
       # First snapshot after joining: diff against the (possibly empty) local
       # state and apply the joins/leaves through the same code path as
       # `sync_diff`.
       def sync_state(raw_state)
-        new_state = self.class.transform_state(raw_state)
-        joins = {}
-        leaves = @state.reject { |k, _| new_state.key?(k) }
-
-        new_state.each do |key, presences|
-          current = @state[key] || []
-
-          if current.any?
-            current_refs = current.map { |p| p["presence_ref"] }
-            new_refs = presences.map { |p| p["presence_ref"] }
-            joined_presences = presences.reject { |p| current_refs.include?(p["presence_ref"]) }
-            left_presences = current.reject { |p| new_refs.include?(p["presence_ref"]) }
-            joins[key] = joined_presences if joined_presences.any?
-            leaves[key] = left_presences if left_presences.any?
-          else
-            joins[key] = presences
+        events = nil
+        @mutex.synchronize do
+          new_state = self.class.transform_state(raw_state)
+          joins = {}
+          leaves = @state.reject { |k, _| new_state.key?(k) }
+
+          new_state.each do |key, presences|
+            current = @state[key] || []
+
+            if current.any?
+              current_refs = current.map { |p| p["presence_ref"] }
+              new_refs = presences.map { |p| p["presence_ref"] }
+              joined_presences = presences.reject { |p| current_refs.include?(p["presence_ref"]) }
+              left_presences = current.reject { |p| new_refs.include?(p["presence_ref"]) }
+              joins[key] = joined_presences if joined_presences.any?
+              leaves[key] = left_presences if left_presences.any?
+            else
+              joins[key] = presences
+            end
           end
-        end
 
-        sync_diff_internal(joins, leaves)
-        @on_sync_callbacks.each(&:call)
-        @state
+          events = apply_sync_diff_locked(joins, leaves)
+        end
+        fire_events(events)
+        fire_sync_callbacks
+        state
       end
 
       # Subsequent presence_diff messages: apply joins/leaves to the local state.
       # Raw input is transformed before being applied.
       def sync_diff(raw_diff)
-        joins = self.class.transform_state(raw_diff["joins"] || {})
-        leaves = self.class.transform_state(raw_diff["leaves"] || {})
-        sync_diff_internal(joins, leaves)
-        @on_sync_callbacks.each(&:call)
-        @state
+        events = nil
+        @mutex.synchronize do
+          joins = self.class.transform_state(raw_diff["joins"] || {})
+          leaves = self.class.transform_state(raw_diff["leaves"] || {})
+          events = apply_sync_diff_locked(joins, leaves)
+        end
+        fire_events(events)
+        fire_sync_callbacks
+        state
       end
 
       # Flat list of every presence currently tracked.
       def list
-        @state.values.flatten
+        @mutex.synchronize { @state.values.flatten }
       end
 
       def on_sync(&block)
@@ -108,7 +133,14 @@ module Supabase
 
       private
 
-      def sync_diff_internal(joins, leaves)
+      # Mutates @state and returns the join/leave events that should be fanned
+      # out to user callbacks after the mutex is released. Order matches the
+      # py reference (`AsyncRealtimePresence._sync_diff`): joins applied first,
+      # then leaves; for leaves, the key is removed from @state once empty so
+      # the next sync sees it as gone.
+      def apply_sync_diff_locked(joins, leaves)
+        events = []
+
         joins.each do |key, new_presences|
           current_presences = @state[key] || []
           @state[key] = new_presences
@@ -119,7 +151,7 @@ module Supabase
             @state[key] = keep_from_current + @state[key]
           end
 
-          @on_join_callbacks.each { |cb| cb.call(key, current_presences, new_presences) }
+          events << [:join, key, current_presences, new_presences]
         end
 
         leaves.each do |key, left_presences|
@@ -130,10 +162,30 @@ module Supabase
           remaining = current_presences.reject { |p| remove_refs.include?(p["presence_ref"]) }
           @state[key] = remaining
 
-          @on_leave_callbacks.each { |cb| cb.call(key, remaining, left_presences) }
+          events << [:leave, key, remaining, left_presences]
 
           @state.delete(key) if remaining.empty?
         end
+
+        events
+      end
+
+      def fire_events(events)
+        events.each do |kind, key, current_or_remaining, new_or_left|
+          callbacks = kind == :join ? @on_join_callbacks : @on_leave_callbacks
+          label     = kind == :join ? "presence_join" : "presence_leave"
+          callbacks.each do |cb|
+            CallbackSafety.safe(@logger, label) do
+              cb.call(key, current_or_remaining, new_or_left)
+            end
+          end
+        end
+      end
+
+      def fire_sync_callbacks
+        @on_sync_callbacks.each do |cb|
+          CallbackSafety.safe(@logger, "presence_sync") { cb.call }
+        end
       end
     end
   end

data/lib/supabase/realtime/push.rb

@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 
+require_relative "callback_safety"
 require_relative "types"
 
 module Supabase
@@ -32,7 +33,7 @@ module Supabase
       def receive(status, &block)
         if @received_status == status
           # Reply already arrived before this handler was attached — fire immediately.
-          block.call(@received_payload)
+          CallbackSafety.safe(logger, "push_receive:#{status}") { block.call(@received_payload) }
         else
           @handlers[status] << block
         end
@@ -50,7 +51,9 @@ module Supabase
           @received_payload = payload
         end
         cancel_timeout
-        @handlers[status].each { |h| h.call(payload) }
+        @handlers[status].each do |h|
+          CallbackSafety.safe(logger, "push_receive:#{status}") { h.call(payload) }
+        end
       end
 
       # Schedule a TIMEOUT resolution if no reply arrives within `seconds`.
@@ -85,6 +88,12 @@ module Supabase
           thread&.kill if thread && thread != Thread.current
         end
       end
+
+      private
+
+      def logger
+        @channel.respond_to?(:logger) ? @channel.logger : nil
+      end
     end
   end
 end

data/lib/supabase/realtime/timer.rb

@@ -0,0 +1,72 @@
+# frozen_string_literal: true
+
+module Supabase
+  module Realtime
+    # Reschedulable timer with caller-controlled backoff. Ports supabase-py's
+    # AsyncTimer to Ruby threads (`realtime/_async/timer.py:24-29`): each
+    # `schedule_timeout` cancels the previous tick, increments `tries`, and
+    # schedules a fresh tick after `backoff.call(tries + 1)` seconds. So the
+    # first call advances `tries` 0→1 and waits `backoff.call(2)`; the second
+    # call advances `tries` 1→2 and waits `backoff.call(3)`; and so on. `reset`
+    # cancels any pending tick and zeroes the counter.
+    #
+    # The `tries + 1` offset matches py 1:1 (US-006). For example, with the
+    # channel's `lambda tries: 2**tries` the delay curve is 4, 8, 16, 32, 64 s
+    # for the first five attempts — identical to py's rejoin timer.
+    #
+    # Used by Realtime's reconnect/rejoin loops to apply exponential backoff
+    # without re-implementing thread bookkeeping at every call site.
+    class Timer
+      attr_reader :tries
+
+      # @param callback [#call] invoked after each successful tick.
+      # @param backoff  [#call] receives `tries + 1` (1-indexed at first call)
+      #   and returns the delay in seconds for the next tick. Matches py's
+      #   `timer_calc(self.tries + 1)` contract.
+      def initialize(callback:, backoff:)
+        @callback = callback
+        @backoff  = backoff
+        @tries    = 0
+        @thread   = nil
+        @mutex    = Mutex.new
+      end
+
+      # Cancel any pending tick and schedule a new one. Mirrors py
+      # (`timer.py:24-29`): bump `tries` first, then sleep for
+      # `backoff.call(tries + 1)` seconds before invoking `callback`. On the
+      # first call this yields `tries = 1` BEFORE the sleep, so by the time
+      # the callback fires the counter already reflects the attempt number.
+      def schedule_timeout
+        delay = nil
+        @mutex.synchronize do
+          kill_thread
+          @tries += 1
+          delay = @backoff.call(@tries + 1)
+          @thread = Thread.new do
+            Thread.current.report_on_exception = false
+            sleep(delay)
+            @callback.call
+          end
+        end
+        self
+      end
+
+      # Cancel the pending tick and reset the retry counter to zero. Idempotent.
+      def reset
+        @mutex.synchronize do
+          kill_thread
+          @tries = 0
+        end
+        self
+      end
+
+      private
+
+      def kill_thread
+        thread = @thread
+        @thread = nil
+        thread.kill if thread && thread != Thread.current
+      end
+    end
+  end
+end

data/lib/supabase/realtime.rb

@@ -4,13 +4,14 @@ require_relative "realtime/version"
 require_relative "realtime/errors"
 require_relative "realtime/types"
 require_relative "realtime/transformers"
+require_relative "realtime/callback_safety"
 require_relative "realtime/message"
 require_relative "realtime/presence"
 require_relative "realtime/push"
+require_relative "realtime/timer"
 require_relative "realtime/socket"
 require_relative "realtime/channel"
 require_relative "realtime/client"
-require_relative "realtime/test_socket"
 
 module Supabase
   module Realtime

data/lib/supabase/storage/README.md

@@ -58,6 +58,37 @@ Upload accepts `String` (raw bytes), any `IO`, `StringIO`, or `Pathname`.
 Multipart encoding is handled by `faraday-multipart`. Metadata Hashes are
 base64-encoded into the `x-metadata` header automatically.
 
+### Storage upload
+
+`bucket.upload(path, file)` interprets its `file` argument by **class**, not
+by content:
+
+> **String = raw bytes; Pathname = file path.**
+
+To avoid the most common porting mistake from supabase-py/storage3:
+
+- **`String` = raw bytes** — the value is uploaded verbatim. Even if the string
+  *looks* like a file path (`"user1.png"`), nothing is read from disk. This
+  matches storage3's `bytes`/`IO` contract.
+- **`Pathname` = file path** — the file at that location on disk is opened
+  and streamed.
+- `IO` / `StringIO` (or any `#read`-able) — streamed as-is.
+
+```ruby
+# String → raw bytes (the literal characters "hello" are uploaded)
+bucket.upload("greeting.txt", "hello")
+
+# String holding bytes read from disk → uploaded as those bytes
+bucket.upload("user1.png", File.binread("user1.png"), content_type: "image/png")
+
+# Pathname → file on disk is opened and streamed
+bucket.upload("user1.png", Pathname.new("user1.png"), content_type: "image/png")
+```
+
+If you pass a `String` expecting "upload the file at this path", you will
+upload the path string itself. Wrap it in `Pathname.new(...)` or pass
+`File.binread(...)` / `File.open(...)`.
+
 ### Signed URLs
 
 ```ruby
@@ -106,3 +137,89 @@ Async do
   data   = bucket.download("user1.png")
 end
 ```
+
+## Differences from supabase-py
+
+### `timeout:`, `verify:`, `proxy:` are active constructor parameters
+
+In `supabase-py` (`storage3`) these three kwargs on `SyncStorageClient.__init__`
+are **deprecated**: passing any of them emits a `DeprecationWarning` and the
+guidance is to configure the underlying `httpx.Client` instead
+(see `storage3/_sync/client.py`).
+
+In `supabase-rb` they are **active and have well-defined effects** on the
+default Faraday session:
+
+| Kwarg     | Type            | Default | Effect                                                                    |
+|-----------|-----------------|---------|---------------------------------------------------------------------------|
+| `timeout` | `Numeric, nil`  | `20`    | Sets both `Faraday::Connection#options.timeout` and `.open_timeout` (sec).|
+| `verify`  | `Boolean`       | `true`  | Becomes `ssl: { verify: ... }` on the Faraday connection (TLS cert check).|
+| `proxy`   | `String, nil`   | `nil`   | Passed through as Faraday's `proxy:` option.                              |
+
+```ruby
+storage = Supabase::Storage::Client.new(
+  base_url: "https://project.supabase.co/storage/v1",
+  headers:  { "apikey" => key, "Authorization" => "Bearer #{token}" },
+  timeout:  30,
+  verify:   true,
+  proxy:    "http://corporate-proxy.local:3128"
+)
+```
+
+The 20-second default mirrors `storage3`'s `DEFAULT_TIMEOUT`. If you pass
+your own `http_client:` (a pre-built `Faraday::Connection`),
+`timeout`/`verify`/`proxy` are ignored — your Faraday is used as-is.
+
+### Retry — opt-in via Faraday middleware
+
+Neither `supabase-py` (`storage3`) nor `supabase-rb` retries storage
+requests automatically. In Ruby, the idiomatic way to add retries is to
+inject a Faraday connection with the [`faraday-retry`][faraday-retry]
+middleware:
+
+```ruby
+require "faraday"
+require "faraday/retry"
+require "faraday/follow_redirects"
+require "faraday/multipart"
+require "supabase/storage"
+
+http = Faraday.new(url: "https://project.supabase.co/storage/v1/") do |f|
+  f.request :retry,
+            max:            2,
+            interval:       0.5,
+            backoff_factor: 2,
+            retry_statuses: [429, 500, 502, 503, 504],
+            # Defaults cover Faraday::TimeoutError + Errno::ETIMEDOUT +
+            # Faraday::RetriableResponse — listing them explicitly keeps the
+            # set intact when we also want ConnectionFailed.
+            exceptions:     [Faraday::ConnectionFailed, Faraday::TimeoutError,
+                             Errno::ETIMEDOUT, Faraday::RetriableResponse]
+  # Keep the middleware stack the built-in Storage client wires up:
+  f.request :multipart                   # bucket.upload(...)
+  f.response :follow_redirects           # signed-URL / presigned-upload 30x flow
+  f.options.timeout      = 30
+  f.options.open_timeout = 30
+  f.adapter Faraday.default_adapter
+end
+
+storage = Supabase::Storage::Client.new(
+  base_url:    "https://project.supabase.co/storage/v1",
+  headers:     { "apikey" => key, "Authorization" => "Bearer #{token}" },
+  http_client: http
+)
+
+storage.list_buckets   # automatically retried on 5xx / network errors
+```
+
+`faraday-retry` is not a runtime dependency of `supabase-rb`; add
+`gem "faraday-retry"` to your `Gemfile` if you want this pattern.
+
+By default `faraday-retry` only retries idempotent methods (`%i[delete
+get head options put]`), which is the right policy for storage: `GET`
+list/download, `PUT` upload-overwrite, and `DELETE` remove are safe to
+replay. `POST` (`bucket.upload` to a fresh object, `create_bucket`,
+`empty_bucket`) is **not** retried by default — opt in via `methods:` if
+you understand the duplicate-write tradeoff.
+
+[faraday-retry]: https://github.com/lostisland/faraday-retry

data/lib/supabase/storage/async/client.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require "async/http/faraday"
+require "faraday/follow_redirects"
 require_relative "../client"
 
 module Supabase
@@ -36,13 +37,15 @@ module Supabase
       class Client < Supabase::Storage::Client
         private
 
+        # Mirrors {Supabase::Storage::Client#build_session} (default timeout=20,
+        # follow_redirects middleware, no HTTP/2 — see that method's docstring
+        # for the parity rationale) and only swaps the adapter for async_http.
         def build_session(base_url)
           Faraday.new(url: base_url, ssl: { verify: @verify }, proxy: @proxy) do |f|
             f.request :multipart
-            if @timeout
-              f.options.timeout = @timeout
-              f.options.open_timeout = @timeout
-            end
+            f.response :follow_redirects
+            f.options.timeout = @timeout || 20
+            f.options.open_timeout = @timeout || 20
             f.adapter :async_http
           end
         end

data/lib/supabase/storage/client.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require "faraday"
+require "faraday/follow_redirects"
 require "faraday/multipart"
 
 require_relative "bucket_api"
@@ -67,13 +68,24 @@ module Supabase
 
       private
 
+      # Faraday session for Storage.
+      #
+      # Parity notes vs storage3 / supabase-py:
+      # * Default timeout is 20s (matches storage3's `DEFAULT_TIMEOUT`) when the
+      #   caller doesn't pass one. Explicit `timeout:` still wins.
+      # * `faraday-follow_redirects` is wired in so signed-URL / presigned-upload
+      #   flows that 30x to S3 work the same as `httpx.follow_redirects=True`.
+      # * HTTP/2 is intentionally NOT enabled here: Ruby's stdlib `Net::HTTP`
+      #   (Faraday's default adapter) is HTTP/1.1 only, and switching to an
+      #   HTTP/2-capable adapter is out of scope for storage parity. This is a
+      #   deliberate, documented divergence from storage3 (which uses httpx and
+      #   negotiates h2 transparently).
       def build_session(base_url)
         Faraday.new(url: base_url, ssl: { verify: @verify }, proxy: @proxy) do |f|
           f.request :multipart
-          if @timeout
-            f.options.timeout = @timeout
-            f.options.open_timeout = @timeout
-          end
+          f.response :follow_redirects
+          f.options.timeout = @timeout || 20
+          f.options.open_timeout = @timeout || 20
           f.adapter Faraday.default_adapter
         end
       end

data/lib/supabase/storage/file_api.rb

@@ -21,6 +21,12 @@ module Supabase
 
       attr_reader :id
 
+      # Mirrors storage3's `TypedDict` `TransformOptions` (height, width, resize,
+      # format, quality). PyJWT-style: we don't error on unknown keys at runtime —
+      # the user-facing API quietly drops them — but Ruby has no TypedDict, so
+      # we warn through `Kernel#warn` to flag typos like `:hieght` or stale keys.
+      KNOWN_TRANSFORM_KEYS = %i[height width resize format quality].freeze
+
       def initialize(id, base_url, headers, session)
         @id       = id
         @base_url = base_url.end_with?("/") ? base_url : "#{base_url}/"
@@ -55,15 +61,15 @@ module Supabase
 
       # When `transform:` is provided, the request is routed through the image
       # rendering endpoint (`render/image/authenticated`) and the transform opts
-      # are passed as query params. Mirrors supabase-py's DownloadOptions /
-      # TransformOptions split.
-      def download(path, transform: nil)
+      # are passed as query params. `query_params:` adds arbitrary query params
+      # on top (merged after transform — explicit query_params win on conflict).
+      # Mirrors supabase-py's DownloadOptions / TransformOptions split.
+      def download(path, transform: nil, query_params: nil)
+        warn_unknown_transform_keys(transform) if transform
         render_path = transform ? %w[render image authenticated] : %w[object]
-        query = if transform
-                  transform.transform_keys(&:to_s).transform_values(&:to_s)
-                else
-                  {}
-                end
+        query = {}
+        query.merge!(transform.transform_keys(&:to_s).transform_values(&:to_s)) if transform
+        query.merge!(query_params.transform_keys(&:to_s).transform_values(&:to_s)) if query_params
 
         parts = Utils.relative_path_to_parts(path)
         response = _request(:get, [*render_path, @id, *parts], raw_response: true, query: query)
@@ -143,6 +149,7 @@ module Supabase
       #   original filename, a String to override the filename, or nil to leave inline
       # @return [Hash] { "signedURL" => "...", "signedUrl" => "..." }
       def create_signed_url(path, expires_in:, download: nil, transform: nil)
+        warn_unknown_transform_keys(transform) if transform
         json = { "expiresIn" => expires_in.to_s }
         download_query = {}
         if download
@@ -177,6 +184,7 @@ module Supabase
       end
 
       def get_public_url(path, download: nil, transform: nil)
+        warn_unknown_transform_keys(transform) if transform
         download_query = {}
         if download
           download_query["download"] = download == true ? "" : download
@@ -213,6 +221,23 @@ module Supabase
 
       private
 
+      # Emit a one-line `Kernel#warn` per call when `transform:` carries any key
+      # outside {KNOWN_TRANSFORM_KEYS}. We do not raise: the key is still passed
+      # through to the storage render endpoint as a query param, so a typo or
+      # server-only flag remains observable (just no longer silent).
+      def warn_unknown_transform_keys(transform)
+        return unless transform.respond_to?(:keys)
+
+        unknown = transform.keys.map(&:to_sym) - KNOWN_TRANSFORM_KEYS
+        return if unknown.empty?
+
+        Kernel.warn(
+          "[Supabase::Storage] unknown transform option(s): " \
+          "#{unknown.map(&:inspect).join(', ')}. " \
+          "Known keys: #{KNOWN_TRANSFORM_KEYS.map(&:inspect).join(', ')}."
+        )
+      end
+
       def upload_or_update(method, path, file, content_type:, cache_control:, upsert:, metadata:, headers:, omit_upsert: false)
         parts = Utils.relative_path_to_parts(path)
         send_multipart(method, ["object", @id, *parts],
@@ -225,7 +250,9 @@ module Supabase
 
       def send_multipart(method, segments, file:, filename:, content_type:, cache_control:, upsert:, metadata:, extra_headers:, query: nil, relative_path: nil)
         request_headers = {}
-        request_headers["cache-control"] = "max-age=#{cache_control}" if cache_control
+        # py parity: when no explicit cache_control, fall back to DEFAULT_FILE_OPTIONS["cache-control"]
+        # ("3600" — raw, no max-age wrapper). When explicit, wrap as max-age=<n>.
+        request_headers["cache-control"] = cache_control ? "max-age=#{cache_control}" : Types::DEFAULT_FILE_OPTIONS["cache-control"]
         request_headers["x-upsert"]      = upsert.to_s unless upsert.nil?
         request_headers.merge!(extra_headers) if extra_headers
 

data/lib/supabase/storage/request.rb

@@ -17,7 +17,9 @@ module Supabase
 
       def _request(method, segments, json: nil, headers: nil, query: nil, body: nil, raw_response: false)
         url = Utils.join_url(@base_url, segments, query)
-        merged_headers = @headers.merge(headers || {})
+        # py parity (storage3 file_api._request): per-call headers are the base; client
+        # @headers always wins on collision. Mirrors `headers.update(self._headers)`.
+        merged_headers = (headers || {}).merge(@headers)
 
         response = @session.run_request(method.to_s.downcase.to_sym, url, nil, merged_headers) do |req|
           if json

data/lib/supabase/storage/utils.rb

@@ -7,6 +7,12 @@ module Supabase
     module Utils
       module_function
 
+      # RFC 3986 unreserved set: ALPHA / DIGIT / "-" / "." / "_" / "~"
+      # Anything else in a path segment gets percent-encoded byte-by-byte (UTF-8).
+      # This matches yarl's path-segment encoding used by storage3 / supabase-py.
+      RFC3986_UNRESERVED = /[^A-Za-z0-9\-._~]/n.freeze
+      private_constant :RFC3986_UNRESERVED
+
       # Splits a relative storage path into its path segments, dropping a leading
       # `/` if the caller supplied one. Mirrors storage3.utils.relative_path_to_parts.
       #
@@ -16,9 +22,17 @@ module Supabase
         path.to_s.split("/").reject(&:empty?)
       end
 
+      # Percent-encode a single path segment per RFC 3986 (unreserved set only).
+      # Notably: space → "%20" (not "+"), "+" → "%2B", "/" → "%2F".
+      # `URI.encode_www_form_component` cannot be used here — it follows
+      # application/x-www-form-urlencoded, which mis-encodes spaces and "+".
+      def rfc3986_encode_segment(segment)
+        segment.to_s.b.gsub(RFC3986_UNRESERVED) { |b| format("%%%02X", b.unpack1("C")) }
+      end
+
       # URL-encode each path segment so user-supplied filenames don't break the URL.
       def encode_segments(parts)
-        parts.map { |p| URI.encode_www_form_component(p) }
+        parts.map { |p| rfc3986_encode_segment(p) }
       end
 
       # Join the (already-trailing-slashed) base URL with the given path segments and

data/lib/supabase/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Supabase
-  VERSION = "3.1.1"
+  VERSION = "3.2.0"
 end

data/lib/supabase.rb

@@ -12,7 +12,6 @@ module Supabase
   #   rescue Supabase::StorageException        => e   # storage
   #   rescue Supabase::AuthApiError            => e   # auth
   #   rescue Supabase::FunctionsHttpError      => e   # functions
-  #   rescue Supabase::AuthorizationError      => e   # realtime
   #
   # The actual classes live in their sub-namespaces; these are aliases.
 
@@ -43,12 +42,6 @@ module Supabase
     FunctionsRelayError = Functions::Errors::FunctionsRelayError if defined?(Functions::Errors::FunctionsRelayError)
   end
 
-  # Realtime
-  if defined?(Realtime::Errors)
-    AuthorizationError = Realtime::Errors::AuthorizationError if defined?(Realtime::Errors::AuthorizationError)
-    NotConnectedError  = Realtime::Errors::NotConnectedError  if defined?(Realtime::Errors::NotConnectedError)
-  end
-
   # Raised by {Supabase.create_client} on a missing url/key. Mirrors py's
   # `SupabaseException`. We don't inherit from a sub-library error because the
   # umbrella factory predates choosing any of them.