In defense of Cloudflare, the sys ops engineer should have understood the situation and knew they were misusing Cloudflares services. They decided to play hard ball by bringing up the fact they were thinking of leaving. And we have no history of the multiple phone calls they had with Cloudflare.

The only LLM library I've found at all useful is Microsoft's Guidance lib. Otherwise, I just do things by hand.

The problem with posting scientific papers (esp. those with high potential for hype) is that they are just a single data point and laypeople (myself included) don't have the expertise to evaluate them in the context of the larger body of research. There is no communication here on what the actual domain experts feel about this paper, or if domain experts have any consensus on this topic...

The issue isn't owning or writing viruses or malicious code, the issue is distribution and deployment of such code.

Also, is there any plan on the horizon to have the cloud offering support Google or Azure? Id love the option to use a different provider than AWS.

I've never worked at Zope. Must be my doppelganger.

> We don't "have" row level security per se, that is a native feature of Postgres we expose, and the customer is free to use or not. RBAC is a very broad term, and broadly speaking Postgres has roles and privileges that do access control. Did you have something more specific in mind?

I was referring to the ability to assign a user to one or more groups and then set, at the group level, access to a row or column. When I implemented this, I avoided using PG roles b/c I was unsure how this play safely with future changes to the hosted DB.

I think Firebase has the lowest barrier to entry and if you don't exceed the pricing tiers, its a very pleasant experience.

Hasura and Prisma are both awesome, but after having worked in GraphQL a lot, I now try to stay at least 10 feet away at all times from GraphQL paradigms unless their hidden costs can be justified for the project.

I haven't used Thin, but it looks like its React only. If there was a Svelte or JS agnostic option Id give it a try.

Even in light of the following critiques, I feel like its one of the simplest ways for an experienced developer to start a new project, and it's now my go to over spinning up a database, Firebase, ORMs, and other database abstractions.

My main critiques are:

- As others have said, default security is way too permissive. They should lock everything down by default. At some point, this is going to cause major problems for some company that decides to build off Supabase.

- Although they have row-level security, RBAC is completely missing. It's not hard to implement yourself through stored procedures and triggers (they have an example repo to copy from), but I don't see a lot of junior devs doing this.

- Stored procedures are more likely to be utilized in the Supabase paradigm, but I haven't felt like they have done much to address the inherent weakness and common critiques of using sprocs instead of application level functions.

- Escape hatches are missing in their fork of GoTrue (why did they fork it in the first place - now there are two competing versions?). It's still not clear to me how to add data to the JWT or get access to the JWT through their SDK.

- Slow dashboard with rendering problems. It doesn't render correctly on my Fedora laptop. And the slow speed becomes pretty annoying almost right away.

- I have experienced data loss when using their SQL editor. So now I copy all the SQL I write to a local file or just do everything through DBeaver.

- Lack of backups on the free tier. They should give this away for free up to a storage limit. Backups are a critical part of development and I don't have full trust in Supabase given that I've already experienced data loss through their UI.

- Misleading marketing. They make implicit claims all over the place on what they offer but then have disclaimers on their code bases about certain features not being production ready.

They clearly have work ahead of them, but I'm optimistic about the potential for Supabase and I look forward to the improvements!