I think Supabase just have bad defaults... Especially for non technical people that they market to.
I think by default they have some sort of public schema which is the default schema and for which PostgREST is enabled. There may be a checkbox to change that during setup but it's not checked by default.
Instead, one should probably use a different schema for the actual tables and create views that define the public API in the public schema.
I think by default they have some sort of public schema which is the default schema and for which PostgREST is enabled. There may be a checkbox to change that during setup but it's not checked by default.
Instead, one should probably use a different schema for the actual tables and create views that define the public API in the public schema.
I just googled this and it seems to be even recommended in the PostgREST documentation itself: https://postgrest.org/en/v10/schema_structure.html#