supabase-prod-checklist

Solid

Execute Supabase production deployment checklist covering RLS, key hygiene, connection pooling, backups, monitoring, Edge Functions, and Storage policies. Use when deploying to production, preparing for launch, or auditing a live Supabase project for security and performance gaps. Trigger with "supabase production", "supabase go-live", "supabase launch checklist", "supabase prod ready", "deploy supabase", "supabase production readiness".

AI & Automation 2,266 stars 315 forks Updated today MIT

Install

Quality Score: 99/100

Stars 20%

100

Recency 20%

100

Frontmatter 20%

70

Documentation 15%

100

Issue Health 10%

50

License 10%

100

Description 5%

100

Skill Content

# Supabase Production Deployment Checklist ## Overview Actionable 14-step checklist for taking a Supabase project to production. Covers RLS enforcement, key separation, connection pooling (Supavisor), backups/PITR, network restrictions, custom domains, auth emails, rate limits, monitoring, Edge Functions, Storage policies, indexes, and migrations. Based on Supabase's official [production guide](https://supabase.com/docs/guides/deployment/going-into-prod). ## Prerequisites - Supabase project on Pro plan or higher (required for PITR, network restrictions) - Separate production project (never share dev/prod) - `@supabase/supabase-js` v2+ installed - Supabase CLI installed (`npx supabase --version`) - Domain and DNS configured for custom domain - Deployment platform ready (Vercel, Netlify, Cloudflare, etc.) ## Instructions ### Step 1: Enforce Row Level Security on ALL Tables RLS is the single most critical production requirement. Without it, any client with your anon key can read/write every row. ```sql -- Audit: find tables WITHOUT RLS enabled -- This query MUST return zero rows before going live SELECT schemaname, tablename, rowsecurity FROM pg_tables WHERE schemaname = 'public' AND rowsecurity = false; ``` ```sql -- Enable RLS on a table ALTER TABLE public.profiles ENABLE ROW LEVEL SECURITY; -- Create a basic read policy (authenticated users see own rows) CREATE POLICY "Users can view own profile" ON public.profiles FOR SELECT USING (auth.uid() = user_id); -- ...

Details

Author: jeremylongshore
Repository: jeremylongshore/claude-code-plugins-plus-skills
Created: 7 months ago
Last Updated: today
Language: Python
License: MIT

Integrates with

Anthropic · AI Cloudflare · Cloud Vercel · Cloud Netlify · Cloud Supabase · Cloud

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Solid

supabase-security-basics

Apply Supabase security best practices: anon vs service_role key separation, RLS enforcement, policy patterns, JWT verification, and API hardening. Use when securing a Supabase project, auditing API key usage, implementing Row Level Security, or running a production security checklist. Trigger with phrases like "supabase security", "supabase RLS", "secure supabase", "supabase API key", "supabase hardening", "row level security", "service role key".

2,266 Updated today

jeremylongshore

AI & Automation Solid

supabase-deploy-integration

Deploy and manage Supabase projects in production. Covers database migrations, Edge Functions deployment, secrets management, zero-downtime rollouts, blue/green branching, rollback procedures, and post-deploy health checks. Use when deploying Supabase to production, running migrations, deploying Edge Functions, managing secrets, or implementing zero-downtime deployments. Trigger: "deploy supabase", "supabase migration push", "deploy edge function", "supabase rollback", "supabase blue green", "supabase health check".

2,266 Updated today

jeremylongshore

API & Backend Listed

supabase

Supabase platform standards — Row-Level Security, publishable/anon and secret/service_role key boundaries, Postgres and Edge functions, Storage, Realtime, and the CLI migration workflow. Use when working with RLS policies, Supabase clients, Edge Functions, or supabase/ migrations. Loads alongside the database (Postgres) domain.

1 Updated 2 days ago

AI & Automation Solid

supabase-policy-guardrails

Enforce organizational governance for Supabase projects: shared RLS policy library with reusable templates, table and column naming conventions, migration review process with CI checks, cost alert thresholds, and security audit scripts scanning for common misconfigurations. Use when establishing Supabase standards across teams, creating RLS policy templates, setting up migration review workflows, or auditing existing projects for security and cost issues. Trigger with phrases like "supabase governance", "supabase policy library", "supabase naming convention", "supabase migration review", "supabase cost alert", "supabase security audit", "supabase RLS template".

2,266 Updated today

jeremylongshore

AI & Automation Solid

supabase-known-pitfalls

Avoid and fix the most common Supabase mistakes: exposing service_role key in client bundles, forgetting to enable RLS, not using connection pooling in serverless, .single() throwing on empty results, missing .select() after insert/update, not destructuring { data, error }, creating multiple client instances, and not using generated types. Use when reviewing Supabase code, onboarding developers, auditing an existing project, or debugging unexpected behavior. Trigger with phrases like "supabase mistakes", "supabase anti-patterns", "supabase pitfalls", "supabase code review", "supabase gotchas", "supabase debugging", "what not to do supabase", "supabase common errors".

2,266 Updated today

jeremylongshore