I used Supabase for regular database and auth features, I have not used MCP or AI features.
However due to this critical security vulnerability in Supabase, I will not be using Supabase any longer.
The fact that the answer to the critical security vulnerability was responded to in such a calm manner instead of shutting down the whole feature, is just a cherry on top.
When there's a security incident along the lines of "leak an entire SQL database" the minimal response is "our CTO has resigned", and even that may not be enough, a resonable answer is "we are closing the company".
"We will wrap some stuff with prompts that discourage vulnerabilities" is laughably ridiculous, any company who uses Supabase or even MCPs at this stage deserves to go bankrupt, and any employee who brings these technologies deserves to get fired.
However due to this critical security vulnerability in Supabase, I will not be using Supabase any longer.
The fact that the answer to the critical security vulnerability was responded to in such a calm manner instead of shutting down the whole feature, is just a cherry on top.
When there's a security incident along the lines of "leak an entire SQL database" the minimal response is "our CTO has resigned", and even that may not be enough, a resonable answer is "we are closing the company".
"We will wrap some stuff with prompts that discourage vulnerabilities" is laughably ridiculous, any company who uses Supabase or even MCPs at this stage deserves to go bankrupt, and any employee who brings these technologies deserves to get fired.