My Kagi-fu fails me, but I recall a builder generated code use Supabase row level security, and it fails open, and no longer filtering out data from other users. Is this guaranteed to protect your data?
My Kagi-fu fails me, but I recall a builder generated code use Supabase row level security, and it fails open, and no longer filtering out data from other users. Is this guaranteed to protect your data?
we have an extensive system prompt to instruct the Supabase to follow RLS best practices: https://github.com/dyad-sh/dyad/blob/de2cc2b48f2c8bfa401608c...
What you're describing as the fail-open behavior is from the Supabase platform (and not specific to any app builders): https://supabase.com/docs/guides/database/postgres/row-level...