The Lovable Exit Checklist: Get Everything Out Before You Cancel

Why can't I just cancel Lovable and export my project afterward?

Because cancelling or downgrading restricts the exact controls you need to export. The GitHub sync toggle, the editor, and project settings often sit behind your paid plan. Once you drop to free or a cancelled state, you can be locked out of the buttons that pull your code and connect your own backend. Your data is not deleted, but you may lose self-service access to extract it.

There is a common, costly assumption here: that the project sitting in your dashboard will always be one click away from export. In practice, the export surface area is a paid feature. The day your billing lapses, the GitHub connection screen, the publish controls, and sometimes the editor itself stop responding the way they did when you were a paying customer.

The safe sequence is the opposite of what most people do. Export every asset first, verify each export actually loaded somewhere you control, and only then touch your billing. Treat cancellation as the final step, not the first one. Everything below assumes your subscription is still active right now.

What exactly do I need to get out before I leave Lovable?

Four assets, and the code is the least important of them. Your frontend and backend code, your Supabase database (schema plus rows), your authenticated user accounts, and your storage bucket files. Code regenerates and exports cleanly. Auth users, live data, and uploaded files do not regenerate — if you leave them behind they are genuinely hard to recover. Inventory all four before you start.

Most exit panics focus entirely on the code, which is actually the safest asset because Lovable syncs it to GitHub. The real risk lives in your backend: the rows in your tables, the users who signed up, and the files they uploaded. These are the things that do not exist anywhere except inside the connected Supabase project, and they are the things people discover are missing only after they have cancelled.

Related: what actually breaks when you export a Lovable app · moving your data to your own Supabase project

How do I get my code out of Lovable first?

Connect Lovable to GitHub and push your code to a repository you own, then clone it locally to prove the export is real. The GitHub sync is the cleanest, most complete code export Lovable offers — it includes your full frontend, backend, and config. Do this while subscribed, because the GitHub connection screen is a paid-plan control that can disappear on downgrade.

1. In the Lovable editor, open the GitHub integration and connect it to a GitHub account you personally own — not a client's, not a shared one.
2. Push the project to a new repository and confirm the latest commit timestamp matches your most recent changes in the editor.
3. Clone the repo locally: git clone https://github.com/your-username/your-repo.git
4. Run npm install then npm run dev and confirm the app boots locally without missing-file errors.
5. If the build fails on a missing import or a missing env var, note it now — that is a What-Breaks-on-Export gap, not a reason to stop. Capture it and continue.

Related: step-by-step GitHub export from Lovable

How do I export my Supabase database, users, and storage?

Go straight to the Supabase project connected to your Lovable app — this data lives in Supabase, not Lovable, so Supabase access is what you need. Dump the database with pg_dump, export auth users, and download every storage bucket. This is the part people skip and regret, because rows, accounts, and uploaded files do not regenerate from a code export.

If your Lovable plan provisioned a managed Supabase instance for you, confirm you have direct Supabase dashboard access to it before you cancel anything. Without that access, your database is reachable only through the Lovable editor, and losing the editor means losing the path to your own data.

1. Open the Supabase dashboard for the project linked to your Lovable app and confirm you can log in directly.
2. Database: run a full dump — pg_dump "postgresql://USER:PASS@HOST:5432/postgres" > backup.sql — or use the dashboard backup export.
3. Auth users: export the auth.users table via SQL or the dashboard so you keep emails, IDs, and metadata (note: password hashes are not portable to a new provider).
4. Storage: download every bucket's contents — via the dashboard for small sets, or the Storage API / Supabase CLI for large ones.
5. Restore the dump into a throwaway local Postgres or a fresh Supabase project to prove the backup is complete and not corrupt.

Related: migrating to your own Supabase project · running the exported app locally to verify it

What about my environment variables and secrets — do those come out too?

Copy every secret value manually before you leave, because secrets are write-only — once you navigate away you cannot read them again, only overwrite them. Your Stripe keys, API tokens, and service credentials live in Lovable and Supabase settings panels that often mask the value after saving. If you have not recorded them somewhere safe, a cancelled account can take them with it.

This is The Vanishing Env-Var, and it bites hardest at exit time. The exported code references variables like VITE_SUPABASE_URL, VITE_SUPABASE_ANON_KEY, and your Stripe secret key by name, but the actual values are not in the repo — they live in the platform's environment settings. Clone the code, find every process.env or import.meta.env reference, and make sure you have captured a value for each one.

Store the captured secrets in a password manager, never in a committed file. If any secret was ever exposed in client-side code or a public repo during the build, treat the exit as your moment to rotate it — generate a fresh key on the provider side once you are off Lovable.

Related: handling Lovable env secrets safely

How do I verify the export is actually complete before I cancel?

Stand the app up somewhere you fully control and click through it before you touch billing. An export that sits in a folder is not a proven export. Clone the repo, restore the database dump, wire in your captured secrets, and run the real user flows. If sign-up, login, a data read, a data write, and a file upload all work, your exit is safe.

1. Clone the GitHub repo and run npm install && npm run dev locally with no errors.
2. Restore your database dump into a fresh Supabase or local Postgres and point the app at it.
3. Add your captured environment variables to a local .env file and restart.
4. Sign up a new test user, then log out and log back in — confirm auth works end to end.
5. Create a record, reload, and confirm it persisted; upload a file and confirm it lands in storage.
6. Only when all five flows pass: return to Lovable billing and cancel or downgrade.

When should I have someone do this migration for me instead?

Bring in a senior engineer when the app has real users, real revenue, or a managed backend you cannot directly access. A failed self-export at exit time is uniquely dangerous: you discover the gap after cancelling, when the editor is already locked. A migration specialist exports all four assets, stands the app up on infrastructure you own, and verifies it before any billing change.

The judgement call is simple. If your Lovable app is a side project with no live users, the steps above are very doable in an afternoon. If real customers have accounts, if money flows through Stripe, or if you are unsure whether you even have direct Supabase access, the downside of a botched exit is losing customer data — and that is not worth saving a single subscription month. We do this as a fixed-scope migration: full export, your own GitHub and Supabase, verified live, with you keeping ownership throughout.

Related: our Lovable migration service · book a free exit-planning call