Supabase vs Honeycomb
Side-by-side trajectory, velocity, and editorial themes.
Supabase is reversing its biggest security default - public-schema tables no longer auto-exposed via PostgREST.
The headline shipping move is a deliberate change to Supabase's security posture: new projects can opt out of automatic Data API and GraphQL exposure for public-schema tables, with broader defaults flipping in May. Around it: an OAuth 2.1 compliance fix, an RLS Tester preview to make policy verification possible from the UI, and a steady drumbeat of platform improvements summarized in the monthly developer update.
Supabase is rebuilding the security defaults that made it fast to start with but easy to misconfigure. Combine the no-auto-expose change with the RLS Tester preview and the direction is clear: the platform is moving from convention-based exposure to explicit, testable access control. The OAuth compliance fix and developer updates suggest steady investment in standards conformance rather than new product surface this window.
Expect the no-auto-expose default to apply to existing projects (with a long opt-out runway), and the RLS Tester to graduate from preview into the dashboard as a first-class panel. Continued breaking-change drumbeat tied to OAuth/OIDC compliance is likely.
Honeycomb is rebuilding observability around an autonomous investigation surface called Canvas.
Every meaningful release in the last quarter rolls up to one product motion: Canvas, an agentic investigation surface that Honeycomb is propagating across the entire product. The May 20 launch turned Canvas into a multiplayer workspace where humans and AI agents investigate together, with auto-investigations that kick off when triggers fire, GitHub-grounded analysis, custom skills for runbook knowledge, and a Slack app. Around the headline launch, Honeycomb shipped BubbleUp Insights (AI-summarized anomaly diffs), a Gen-AI tab in trace view, Query Math, dark mode, and earlier beta surfaces of Ask Canvas and Slack Canvas that the big release now consolidates.
Honeycomb is repositioning from 'query your telemetry' to 'investigate with agents that know your system.' Canvas is the through-line: it shows up on Home, in Slack, in alert flows, in traces. The Gen-AI trace tab and BubbleUp Insights point at a parallel bet - that the kind of system worth observing increasingly includes LLM-powered apps, and the observability tool has to speak that language natively. Together this is a category-redefining move on the AI-native ops front, where competitors are still bolting chatbots onto dashboards.
Expect Canvas to keep absorbing surface area: deeper IDE/GitHub integration so investigations can suggest or open PRs, marketplace-style sharing of custom skills, and Canvas access via MCP so agents in other tools can query Honeycomb directly. The next spark will likely be Canvas writing back to the system - e.g., proposing config changes or runbook edits from what it learned.
See more alternatives to Supabase →
See more alternatives to Honeycomb →