mirror of
https://github.com/supabase/supabase.git
synced 2026-06-20 20:16:04 +08:00
2a8dc75e3d
## I have read the [CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md) file. YES ## What kind of change does this PR introduce? docs update ## What is the current behavior? Storage RLS polices unintentionally allow list access to buckets potentially setting a bad example for people starting a new project. ## What is the new behavior? Use more restrictive RLS polices that only allow the intended operations <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Documentation** * Updated Supabase Storage access-control policies and examples across docs and starter projects. * Tightened avatar image access rules to require explicit operation checks for public reads. * Clarified guidance and added explanatory comments in migration and README examples to illustrate the updated access patterns. <!-- review_stack_entry_start --> [](https://app.coderabbit.ai/change-stack/supabase/supabase/pull/46172?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack) <!-- review_stack_entry_end --> <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Chris Chinchilla <chris.ward@supabase.io>
