You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: skills/supabase/SKILL.md
+3Lines changed: 3 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -69,6 +69,9 @@ When working on any Supabase task that touches auth, RLS, views, storage, or use
69
69
-**Storage access control**
70
70
-**Storage upsert requires INSERT +SELECT+UPDATE.** Granting only INSERT allows new uploads but file replacement (upsert) silently fails. You need all three.
71
71
72
+
-**Dependency and supply-chain security**
73
+
-**Always pin package versions andcommit lockfiles** when installing Supabase packages (`supabase-js`, `@supabase/ssr`, `supabase-py`, etc.). See the [npm security guide](https://supabase.com/docs/guides/security/npm-security.md) for the full checklist.
74
+
72
75
For any security concern not covered above, fetch the Supabase product security index: `https://supabase.com/docs/guides/security/product-security.md`
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4&size=40){kind=avatar}
0 commit comments