Skip to content

Supabase Security Advisor says "Function Search Path Mutable" #17

New issue
New issue
Open
#18
Open
Supabase Security Advisor says "Function Search Path Mutable"#17
#18
Labels
bugSomething isn't working
@XStarlink

Description

@XStarlink
XStarlink
opened on Aug 31, 2024

Bug report

Describe the bug

Hello,

First of all, thank you very much for this great script that helps me manage the admin part of my App!

I recently noticed that the new Supabase Security Advisor raises a warning on the functions provided by your script, I don't clearly understand what needs to be changed to make the warning go away but I wanted to warn you.

The warnings says:

Issue: Function public.delete_claim has a role mutable search_path
Description: Detects functions where the search_path parameter is not set to an empty string.

Thanks in advance!

To Reproduce

Steps to reproduce the behavior:

  1. Install supabase-custom-claims in a Supabase project
  2. Go to Advisors on the Sidebar
  3. See warnings

Screenshots

Capture d’écran 2024-08-31 à 18 22 59

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions