[joshstrange]

I'm going to have to very kindly ask the Supabase devs to stop making such an appealing development platform as I don't have the time/energy to rewrite my existing web/apps.

But for real, congrats on this and it looks very nice. At this point I'm just waiting on a new project that would be a good fit so I can play with all of this. Keep up the great work!

[zinclozenge]

I think the best part is that if you're willing to go all in on RLS for your authorization, you can do away with needing a backend for your typical crud operations and use their functions for things like webhooks, or the occasional endpoint for more complicated operations.

[mildmustard]

Absolutely.

I find myself saying this a lot when I try and explain the concept of Supabase. We don't really emphasize this very much on our website either.

Disclaimer: I work at Supabase.

[Escapado]

I am a happy paying user of supabase and I did just that for my project which is meant to facilitate trading of left over wood between woodworker shops. I simply set RLS rules and now I only have a react frontend which calls supabase directly and it works great.

I haven't checked in a while but one thing that was a little cumbersome for me was that I wasn't familiar with writing proper RLS rules and felt like documentation was a bit sparse and iirc there was not autocomplete to guide me a little more - but that might just be me being an idiot and it worked out with a little trial and error. :)

[zinclozenge]

I would say it's definitely one of the missing pieces in their documentation. They have an example policy for the typical scenario of only allowing a user to read/update/delete their own resources, but there's definitely more patterns that are needed. One that took me a bit to figure out on my own was how to only allow a user access to a resource gated behind a subscription (ie a column value in a table).

[beaker52]

I can't quite get onboard with RLS directly from the client. It seems like a risky and finicky thing to design database access patterns around, but they might be a stroke of genius that I'm too blind to see right now.

[zinclozenge]

If you're not comfortable then that's totally ok, especially because it's not as easy to test it automatically, but it's definitely allowed me to do away with a backend completely except for a webhook, so that's been nice.

[alostpuppy]

Whoa. Didn’t think about that.

[kiwicopple]

thanks for the kind words

v2 isn't a huge change from v1, if you have anything existing that you need to migrate. The Typescript support should be quick/easy (if you used it in v1, it's mostly removing <Type> from a bunch of your methods). A lot of this is preparing for mutliplayer functionality (coming on thursday) - we needed a breaking change to support Phoenix's presence/broadcast interface.