From 291eba63a71e79e477d5b1f636d6ef0264cb1eae Mon Sep 17 00:00:00 2001
From: Julian Tabel <juliantabel.jt@gmail.com>
Date: Sun, 22 Mar 2026 09:42:15 +0100
Subject: [PATCH] chore: update bean

---
 ...--fix-jwt-verification-failing-in-local-dev-hs256-fa.md | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/.beans/nuzlocke-tracker-eg7j--fix-jwt-verification-failing-in-local-dev-hs256-fa.md b/.beans/nuzlocke-tracker-eg7j--fix-jwt-verification-failing-in-local-dev-hs256-fa.md
index e29a341..dbd4220 100644
--- a/.beans/nuzlocke-tracker-eg7j--fix-jwt-verification-failing-in-local-dev-hs256-fa.md
+++ b/.beans/nuzlocke-tracker-eg7j--fix-jwt-verification-failing-in-local-dev-hs256-fa.md
@@ -1,10 +1,13 @@
 ---
 # nuzlocke-tracker-eg7j
 title: Fix JWT verification failing in local dev (HS256 fallback)
-status: in-progress
+status: completed
 type: bug
+priority: normal
 created_at: 2026-03-22T08:37:18Z
-updated_at: 2026-03-22T08:37:18Z
+updated_at: 2026-03-22T08:38:57Z
 ---
 
 Local GoTrue signs JWTs with HS256, but the JWKS migration only supports RS256. The JWKS endpoint returns empty keys locally, causing 500 errors on all authenticated endpoints. Add HS256 fallback using SUPABASE_JWT_SECRET for local dev.
+
+## Summary of Changes\n\nAdded HS256 fallback to JWT verification so local GoTrue (which signs with HMAC) works alongside the JWKS/RS256 path used in production. Added `SUPABASE_JWT_SECRET` config setting, passed it in docker-compose.yml, and updated .env.example files.