Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Supabase Security Advisor says "Function Search Path Mutable" #17

Open
XStarlink opened this issue Aug 31, 2024 · 1 comment · May be fixed by #18
Open

Supabase Security Advisor says "Function Search Path Mutable" #17

XStarlink opened this issue Aug 31, 2024 · 1 comment · May be fixed by #18
Labels
bug Something isn't working

Comments

@XStarlink
Copy link

Bug report

Describe the bug

Hello,

First of all, thank you very much for this great script that helps me manage the admin part of my App!

I recently noticed that the new Supabase Security Advisor raises a warning on the functions provided by your script, I don't clearly understand what needs to be changed to make the warning go away but I wanted to warn you.

The warnings says:

Issue: Function public.delete_claim has a role mutable search_path
Description: Detects functions where the search_path parameter is not set to an empty string.

Thanks in advance!

To Reproduce

Steps to reproduce the behavior:

  1. Install supabase-custom-claims in a Supabase project
  2. Go to Advisors on the Sidebar
  3. See warnings

Screenshots

Capture d’écran 2024-08-31 à 18 22 59
@XStarlink XStarlink added the bug Something isn't working label Aug 31, 2024
@nilsreichardt nilsreichardt linked a pull request Nov 24, 2024 that will close this issue
Open
@nilsreichardt
Copy link

I opened a pull request for this: #18

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
2 participants
@nilsreichardt @XStarlink