profile
viewpoint
Ant Wilson awalias Supabase Singapore supabase.io Co-Founder & CTO @ Supabase

awalias/game-of-life 1

Conway's Game of Life

awalias/guacchain 1

(open)sourcing great avocados

MildTomato/Meth 1

Meth is for users to buy and sell [M]isleading [E]ncrypted [Th]umbnails, built on top of Ethereum blockchain.

awalias/ape 0

Ant's Privacy Extension

awalias/contracts 0

Alice smart contracts

awalias/despacito 0

Automatic Github Repositories

awalias/docusaurus 0

Easy to maintain open source documentation websites.

awalias/evaluation 0

final project evaluation repo

push eventsupabase/postgres

Inian Parameshwaran

commit sha 55f335331c28bfc342710d73d3a777c0516dcabf

arm instances for all aws regions and release v0.14.1

view details

push time in 19 minutes

startedpanjf2000/ants

started time in 41 minutes

startedMarcusRainbow/QuantMath

started time in an hour

startedmailru/easygo

started time in 4 hours

startedbeachio/chisel

started time in 4 hours

delete branch supabase/supabase

delete branch : chore/update-tailwind-2.0

delete time in 5 hours

pull request commentsupabase/supabase

build(deps): bump next from 9.5.2 to 9.5.4 in /examples/nextjs-live-tracker-map/archive

This pull request is being automatically deployed with Vercel (learn more).
To see the status of your deployments, click below or on the icon next to each commit.

main – ./

🔍 Inspect: https://vercel.com/supabase/main/3z6j7ri52
✅ Preview: In Progress

dependabot[bot]

comment created time in 5 hours

PR opened supabase/supabase

build(deps): bump next from 9.5.2 to 9.5.4 in /examples/nextjs-live-tracker-map/archive

Bumps next from 9.5.2 to 9.5.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vercel/next.js/releases">next's releases</a>.</em></p> <blockquote> <h2>v9.5.4</h2> <p><strong>This upgrade is <em>completely backwards compatible and recommended for all users on versions below 9.5.4.</em> For future security related communications of our OSS projects, please <a href="https://vercel.com/security">join this mailing list</a>.</strong></p> <p>A security team from one of our partners noticed an issue in Next.js that allowed for open redirects to occur.</p> <p>Specially encoded paths could be used with the trailing slash redirect to allow an open redirect to occur to an external site.</p> <p>In general, this redirect does not directly harm users although can allow for phishing attacks by redirecting to an attackers domain from a trusted domain.</p> <p>We recommend upgrading to the latest version of Next.js to improve the overall security of your application.</p> <h2>How to Upgrade</h2> <ul> <li>We have released patch versions for both the stable and canary channels of Next.js.</li> <li>To upgrade run <code>npm install next@latest --save</code></li> </ul> <h2>Impact</h2> <ul> <li><strong>Affected</strong>: Users of Next.js between 9.5.0 and 9.5.3</li> <li><strong>Not affected</strong>: Deployments on Vercel (<a href="https://vercel.com">https://vercel.com</a>) are not affected</li> <li><strong>Not affected</strong>: Deployments using <code>next export</code></li> </ul> <p>We recommend everyone to upgrade regardless of whether you can reproduce the issue or not.</p> <h3>How to Assess Impact</h3> <p>If you think users could have been affected, you can filter logs of affected sites by <code>%2F</code> with a 308 response.</p> <h2>What is Being Done</h2> <p>As Next.js has grown in popularity, it has received the attention of security teams and auditors. We are thankful to those that reached out for their investigation and discovery of the original bug and subsequent responsible disclosure.</p> <p>We've landed a patch that ensures encoding is handled properly for these types of redirects so the open redirect can no longer occur.</p> <p>Regression tests for this attack were added to the <a href="https://github.com/vercel/next.js/blob/canary/test/integration/production/test/security.js">security</a> integration test suite.</p> <ul> <li>We have notified known Next.js users in advance of this publication.</li> <li>A public CVE was released.</li> <li>If you want to stay on top of our security related news impacting Next.js or other Vercel projects, please <a href="https://zeit.co/security">join this mailing list</a>.</li> <li>We encourage responsible disclosure of future issues. Please email us at <strong><a href="https://github.com/vercel/next.js/blob/HEAD/mailto:security@zeit.co">security@vercel.com</a>.</strong> We are actively monitoring this mailbox.</li> </ul> <hr /> <h3>Core Changes</h3> <ul> <li>Make the image post-processor ignore SVG images: <a href="https://github-redirect.dependabot.com/vercel/next.js/issues/16732">#16732</a></li> <li>Only update lookups for dev overlay if mounted: <a href="https://github-redirect.dependabot.com/vercel/next.js/issues/16776">#16776</a></li> <li>Ensure interpolating dynamic href values works correctly: <a href="https://github-redirect.dependabot.com/vercel/next.js/issues/16774">#16774</a></li> <li>Add automatic reloading when editing GS(S)P methods: <a href="https://github-redirect.dependabot.com/vercel/next.js/issues/16744">#16744</a></li> <li>Update to show build indicator while re-fetching GS(S)P data in dev: <a href="https://github-redirect.dependabot.com/vercel/next.js/issues/16789">#16789</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/vercel/next.js/commit/658810815035e55a7031f27c5a6f3c01baa31ccf"><code>6588108</code></a> v9.5.4</li> <li><a href="https://github.com/vercel/next.js/commit/7108567b06bba6586296fe2bb7e6957410147c8f"><code>7108567</code></a> v9.5.4-canary.25</li> <li><a href="https://github.com/vercel/next.js/commit/5d79a8c0c4928d718e71707cf3305a51c9a5adc4"><code>5d79a8c</code></a> Update workflow step to restore cache (<a href="https://github-redirect.dependabot.com/vercel/next.js/issues/17656">#17656</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/4c38e3ed8ec402862ea6b42b02297f8c28ab9b53"><code>4c38e3e</code></a> fix typo (<a href="https://github-redirect.dependabot.com/vercel/next.js/issues/17653">#17653</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/241f38eaa8aa2199360dc28d76759c936f16cdd6"><code>241f38e</code></a> v9.5.4-canary.24</li> <li><a href="https://github.com/vercel/next.js/commit/7dec91175cb69f773fa623417e0e497acc606dc2"><code>7dec911</code></a> change anonymous functions to named in docs examples (<a href="https://github-redirect.dependabot.com/vercel/next.js/issues/17510">#17510</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/1659e4da617db3effc63f1dd919ce628eb59e135"><code>1659e4d</code></a> Update migrating from Gatsby docs. (<a href="https://github-redirect.dependabot.com/vercel/next.js/issues/17636">#17636</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/06a8b1ad67b07ffae68cba7863ba31b53fc8b95d"><code>06a8b1a</code></a> Add docs on how to migrate from Gatsby. (<a href="https://github-redirect.dependabot.com/vercel/next.js/issues/17491">#17491</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/04234cc312b7b780a52ba6f9f63490d5699da4a3"><code>04234cc</code></a> Update to use hasNextSupport for custom-routes in next export check (<a href="https://github-redirect.dependabot.com/vercel/next.js/issues/17630">#17630</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/742f5d9a46ed5244409ea0389d019fce375f28e3"><code>742f5d9</code></a> test(create-next-app): increase coverage (<a href="https://github-redirect.dependabot.com/vercel/next.js/issues/17507">#17507</a>)</li> <li>Additional commits viewable in <a href="https://github.com/vercel/next.js/compare/v9.5.2...v9.5.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1178 -840

0 comment

2 changed files

pr created time in 5 hours

delete branch supabase/supabase

delete branch : feature/ui__overlay_components

delete time in 5 hours

CommitCommentEvent

push eventsupabase/supabase

phamhieu

commit sha eded69d60ec7acc1aeea7623f1862e5802c967ce

chore: archive nextjs-live-tracker-map example

view details

push time in 5 hours

create barnchsupabase/supabase

branch : feature/ui__overlay_components

created branch time in 5 hours

PR closed supabase/supabase

Reviewers
fix signup for livemap #277
  • auth.signup is used from examples/nextjs-live-tracker-map/lib/gotrue/index.js not internal auth
+1 -1

4 comments

1 changed file

duncanhealy

pr closed time in 5 hours

pull request commentsupabase/supabase

fix signup for livemap #277

I think we should archive nextjs-live-tracker-map project for now until supabase-dart is finished. Then i will update the example again with a web/mobile app example.

The current example app contains legacy code. It doesn't use official gotrue-js and supabase-js.

Thanks @duncanhealy for your contribution. I'm sorry for the confusion.

duncanhealy

comment created time in 5 hours

startedredwoodjs/redwood

started time in 5 hours

startedstrapi/strapi

started time in 6 hours

startedstreamich/react-use

started time in 6 hours

issue openedsupabase/supabase

Support for invalid postgresql identifiers

Bug report

Describe the bug

I got stuck trying to figure out why my foreign keys were not rebuilt with a loop of pg_dump + psql. It turns out that one of my table had what seems to be an invalid name, based on the postgresql docs.

To Reproduce

  1. Create a blank db (all through supabase web admin)
  2. Add first_table with just the default primary key (the names matter)
  3. Add 2nd_table with the default primary key
  4. Add an extra column to 2nd_table named fkey and make it reference id in first_table
  5. use pg_dump -h db.xxxx.supabase.co -U postgres -W --schema-only --schema=public > db.sql to export the schema
  6. In the web UI, delete the two tables we just created
  7. use psql -h db.xxxx.supabase.co -U postgres < db.sql to restore the schema
  8. Go to 2nd_table / fkey and notice that the foreign key has not been restored

If the table is named second_table instead of 2nd_table then everything works fine. You can try this out by doing something like s/2nd_/second_/g in the dumped file.

Expected behavior

Based on the postgresql docs linked above, 2nd_table does not seem to be a valid table identifier. From 4.1.1 in the docs:

SQL identifiers and key words must begin with a letter (a-z, but also letters with diacritical marks and non-Latin letters) or an underscore (_). Subsequent characters in an identifier or key word can be letters, underscores, digits (0-9), or dollar signs ($).

This tells me that a digit in the first position is not valid. The weird thing is that there is no error nor warning, but things don't work as expected: I expect that the foreign key should be recreated, or postgresql should tell me there is an error, not just silently ignore it.

I see 2 options:

  • either it's a bug in postgresql tools (seems unlikely)
  • supabase lets me pick an illegal identifier for my table which causes the unexpected behaviour down the line (weird as well, why doesn't postgres complain at table creation?)

I'm not entirely sure what the solution is here, but my guess would be that supabase should check the identifier and not let me use it in this case.

created time in 6 hours

issue openedsupabase/ui

Feat: Accordian/collapse

options could include:

expandIconPosition prop - , for left or right chevron position • ability to show 1, or multiple items (see Vercel for singular examples) • bordered prop - to show border/background version, if false then show no background/border •expandIcon prop - ReactNode prop to use your own chevron icon

example of in use:

<Accordian
  defaultActiveId={['1']}
  onChange={callback}
  expandIconPosition="left"
>
  <Accordian.Item label="This is panel header 1" id="1">
    <div>{text}</div>
  </Accordian.Item>
  <Accordian.Item label="This is panel header 2" id="2">
    <div>{text}</div>
  </Accordian.Item>
  <Accordian.Item label="This is panel header 3" id="3">
    <div>{text}</div>
  </Accordian.Item>
</Accordian>

vercel example https://user-images.githubusercontent.com/8291514/105789085-c051aa80-5fbc-11eb-85da-013549f5cd33.mov

antd example https://ant.design/components/collapse/ Screenshot 2021-01-26 at 09 55 20

created time in 6 hours

pull request commentsupabase/supabase

fix signup for livemap #277

cc @phamhieu

duncanhealy

comment created time in 6 hours

issue commentsupabase/ui

Feat: Side panel

@mrkldshv also had problems using tailwind divide 😒 it's probably a related problem

MildTomato

comment created time in 7 hours

issue commentsupabase/ui

Feat: Side panel

@mrkldshv yea i've had problems using borders, especially tailwind classes like border-t, i wasn't actually able to reproduce it in tailwind playground though, it seemed like a problem with tailwind setup on this repo.

ah way round it could be (if you want to keep using tailwind classes) is to do something like this.

/* Sidepanel.css */

.top-border-example {
  @apply border-gray-200 dark:border-dark-500;
  border-top-style: solid;
  border-top-width: 1px;
}
MildTomato

comment created time in 7 hours

issue commentsupabase/ui

Feat: Side panel

@MildTomato finishing it up 🚀 Got couple questions regarding colors for light and dark variants though, and I think we can discuss it in MR. Also, the only problem I have is adding top border (any border) to footer, it just does not apply for some reason. Did you had similar issue? I've tried to reproduce it on playground, but wasn't able to.

MildTomato

comment created time in 9 hours

startedTinkoffCreditSystems/taiga-ui

started time in 15 hours

startedSAP-samples/fundamental-ngx-sample-apps

started time in 17 hours

startedSAP/fundamental-ngx

started time in 17 hours

startedcamsong/fetch-jsonp

started time in 18 hours

issue commentsupabase/ui

Feat: Side panel

@mrkldshv awesome! ping me in here if you have any trouble.

MildTomato

comment created time in 18 hours

issue commentsupabase/ui

Feat: Side panel

@MildTomato Thanks for details! I'll try to make simple side over component and then we can think of handling nesting. Sounds good to you?

MildTomato

comment created time in 18 hours

more