Unable to use "use cache" with `createClient` because of `await cookies()`

[yudistiraashadi]

Bug report

• [x] I confirm this is a bug with Supabase, not with my own application.
• [x] I confirm I have searched the Docs, GitHub Discussions, and Discord.

Describe the bug

Unable to use "use cache" with createServerClient(). Example code:

// this will throw error because createClient called await cookies()
// createClient is from the docs https://supabase.com/docs/guides/auth/server-side/nextjs (utils/supabase/server.ts)
export const getAllProducts = async function () {
  "use cache";

  const supabase = await createClient();

  const { data: products, error } = await supabase.from("products").select();

  ....
};

To Reproduce

Steps to reproduce the behavior, please provide code snippets or a repository:

1. Install Next.js 15 Canary
2. enable DynamicIO in next.config.ts
3. copy above code on a server-side function

Expected behavior

I hope to be able to use use cache with server side supabase data fetching.

Additional context

Next.js docs regarding this topic here

[charislam]

Thanks for opening the issue @yudistiraashadi!

Can you describe in more detail your use case for wanting to cache a function that uses createServerClient?

createServerClient uses the request cookies to authenticate the Supabase request as the requesting user, and you would in general very much not want to cache this, since that would run the risk of leaking user data across requests. Looking at your example, it looks like you might be using this to fetch data that is available to any authenticated user, in which case you could just use a normal Supabase client authenticated with your service role key (assuming this is in backend code only).

[yudistiraashadi]

Thanks for opening the issue @yudistiraashadi!

Can you describe in more detail your use case for wanting to cache a function that uses createServerClient?

createServerClient uses the request cookies to authenticate the Supabase request as the requesting user, and you would in general very much not want to cache this, since that would run the risk of leaking user data across requests. Looking at your example, it looks like you might be using this to fetch data that is available to any authenticated user, in which case you could just use a normal Supabase client authenticated with your service role key (assuming this is in backend code only).

Yes, normally, I would like to use it to fetch data on the server side. Isn't the cookies param required for createServerClient()? How can I create createServerClient() without passing cookies?