New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WIP: prevent postgres from mutating migration history #911
base: develop
Are you sure you want to change the base?
Conversation
Should we do auth first so we can limit the blast radius & not have to be blocked on supautils changes? |
4e9e50c
to
e01b599
Compare
Hot take: this is ~never useful, just makes the test more brittle.
Removed the revoke/grant on auth.schema_migrations. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are we good to roll this out? Or do we need additional testing - if so, what's the path forward?
We've tested that this doesn't break any of the flows that we've laid out in guides, e.g. setting up views on auth data, or triggers, etc?
Lastly, are we also planning to backport this to existing projects?
This still needs additional testing, and I'll be having the Auth team test some of the common flows. And yes, we'll backport this to existing projects. |
What kind of change does this PR introduce?
Bug fix
What is the new behavior?
Adds RLS policy to auth and storage schema to prevent postgres from accidentally updating migration history.
Additional context
Add any other context or screenshots.