Sharp
62 posts
Sharp
@SharpCoder
dev & marketing • building https://t.co/a4hVUxTZrF
Se unió Aralık 2019
39 Siguiendo6 Seguidores
@Defi__Papi @raroque - gets complex fast
- painful to debug and test
- no unified source of truth (aka the logic should live in your code, not in a supabase dashboard)
English
I love Chris and I truly respect his journey as an entrepreneur, but the real takeaway here should be DON'T USE RLS!
There is no way on earth someone who's worked with RLS once in there life can recommend using it. I honestly thought it was common knowledge nowadays that RLS was a very bad pattern, and that no serious application should be relying on it.
Chris Raroque@raroque
Sooo lets talk about app security and how to protect your app (esp if you are vibe coding) 👀 As someone who has been hacked so many times over the last 10 years 🥲 these are the top mistakes ive made (and i keep seeing others make today) and bonus in next tweet 👀
English
@MichaelArnaldi @EffectTS_ Thank you so much, couldn't have asked for more 🙏
English
@SharpCoder @EffectTS_ GPT-5.4 is exceptional at Effect, just add the effect repo as a git subtree to give the agent access to best practices, skills don't work well. Check out effect.solutions
English
GPT-5.4 is not really good at @EffectTS_ , is there any official skill to help him out?
English
@ReubenKib i would strongly recommend moving off supabase, but if you really have to stick with it, just create an admin client and call it from your api endpoints (or connect directly to their db using your preferred ORM)
English
@SharpCoder what would be the correct approach if you're using Supabase with no RLS?
English
Honestly this is the right move (no RLS + don’t use the client library)
I was on the fence about mentioning it in the video because I didn't want to cause any confusion (people might just turn off RLS blindly BUT still use client libraries which would have been a disaster)
But in hindsight I think I could have pulled it off 🥲
Maybe if I do a part 2 I’ll mention this
English
alright this is cooked for now, GPT 5.3 in ChatGPT Atlas keeps running out of time and losing.
might need to give Codex Spark with browser control a shot, or Composer 1.5 in Cursor's browser 👀
Anthony@kr0der
alright chatgpt atlas is now at 3 wins 1 loss in pokemon. it timed out and lost. it turns out if you take too long, your subsequent turns start getting shorter. gonna have to fix this issue 🤣 also it was down 4-6 anyway, bro was getting cooked
English
Sharp retuiteado
@imsantigamo - i'm working less and less in terminals (in favour of the codex app)
- more versatile (partial prompts, templates, etc.)
English
@SharpCoder Why not set up a command file? You can ask whatever agent you use and it's way simpler, just using /pr-description or whatever 😄
English
Nobody can convince me that the CLI experience for AI agents is better than using a proper GUI 😅
That's just impossible
English
