8 things you should NEVER do in a Database!

Рет қаралды 13,250

Supabase

Күн бұрын

Пікірлер: 35

@wlockuz4467 8 ай бұрын

Absolutely love this. Best thing about this is that RLS is a Postgres feature so its not like wasted knowledge.

@vaidiksavaliya3577 8 ай бұрын

I really love supabase i use it on every project it's a one stop solution for my needs

@JonMeyers 8 ай бұрын

That’s awesome! Glad you’re enjoying it! 🚀

@josvdwest 3 ай бұрын

How did you add the swipe/transition sound? was it a manual add or automatic through some tool? Asking in case I want to try it in the future.

@benbowers3613 8 ай бұрын

After seeing PlanetScale's "schema reccomendations," Splinter is exactly the feature I was hoping for! Great work!

@ideagarage 8 ай бұрын

Great feature and video! I think it will be more accessible if these adviser will always appearer in the top of the Supabase Studio.

@techjandro 7 ай бұрын

Supabase is probably the best product out there for db, it's beyond words

@perc-ai 8 ай бұрын

But what if we are using the experimental Postgres user by column functionality. We wouldn’t need RLS persay. Forgot what it’s called by it’s in alpha mode in supabase

@whoman7930 8 ай бұрын

Why I don't see that sidebar, for my project? 2:44

@assaultressgamer 8 ай бұрын

It won't let me delete duplicate index. Is it because there are already entries? Also, there's this video about how to make triggers on auth via SQL Query since it's not possible manually. I created triggers on sign up following their instructions but this showed "Function Search Path Mutable" in the Security advisor. I tried to `drop` this trigger via SQL editor but it won't drop. How to fix this?

@captainpumpkinhead1512 5 ай бұрын

I feel like the title is misleading. I clicked on a video about database mistakes and bro launches into what sounds like a schpeel for a sponsored software.

@janglad9136 8 ай бұрын

This is pretty cool! Does the security linter take into account manually revoked privileges on anon/authenticated? Often do this when just using the DB through an ORM.

@rembautimes8808 4 ай бұрын

What happened to the signature black cap 🧢 ?

@mikelCold 7 ай бұрын

Supabase has become so amazing!

@supirman 8 ай бұрын

Ok, this is awesome -- but it also means I have a lot of work to do now to make my database better! Thanks supabase team!

@mikejohneviota9293 8 ай бұрын

Transaction API when 😢

@alialnaghmoush 8 ай бұрын

When will offline support be official?

@akash-kumar737 8 ай бұрын

Yeah man they need to work on DX

@Caldaron 8 ай бұрын

sweet, a nice way to learn postgres best practices, just what i needed. Even transfers to other db types 💪

@neeshsamsi 8 ай бұрын

Great video, however, it's super annoying that the whoosh sound effect is only in the left ear

@bryceyorkpm 7 ай бұрын

agreed! and it's too loud.

@BGdev305 8 ай бұрын

VERY VERY well done!

@richardhaddadau 7 ай бұрын

thank you so much for this. Brilliant tips!

@arpanghoshal2579 8 ай бұрын

This was nice, I was not aware of RLS in postgres, however I think its much easier to maintain security and access logic in our application instead of defining such policies on the DB itself. The end users won't access the DB directly and would go through our backend apis, therefore its much simpler to implement complex business logic related to authorization and authentication on the application instead of the DB.

@akash-kumar737 8 ай бұрын

Nope you want Security at DB layer too. Now I see how entire db get hacked and made public.

@arpanghoshal2579 8 ай бұрын

@@akash-kumar737 Why do you need RLS, when users access your db via your application, why is this required? Anyways this was added recently in postgres so how did people use their db before this feature? Remember, adding this stuff to your db can also affect performance of queries. Lastly ,I have worked in so many different organisations and never seen this kind of thing before, all the security logic was in the backend application. I am sure there are special situations where RLS would be useful however I don't think this is needed in general

@andersonmamede9625 8 ай бұрын

@@arpanghoshal2579 the thing is: if your project is using Supabase, your project's database is already exposed to the public internet via PostgRES and supabase-js, for instance. Then, without RLS and the appropriate policies configured for each table within the public schema, anyone could freely manipulate (select, insert, update, delete) any data from those tables without even being authenticated...