This is true but like with any build there are many decisions to make. We have settled on this stack for our API's and we think others will find it useful.
Could you expand on how security is an afterthought in Postgraphile? My experience of using RLS and the graphile pro plugin was nice and secure imo. Curious if I missed something here
So I have a list of my own stuff but I want for other people who are in my circle to be able to see outfits I've shared with them. If all the lists of stuff are created in an automated way doing things like this is somewhat harder than the default crud stuff and managing passing tokens and doing the filtering is fine but feels like a use case that should be as automatic as possible. I haven't used the Pro plugin, I'm not sure if we knew about it or what it does.