Open-source tool rlsautotest auto-generates pgTAP tests for Supabase RLS policies
Row-Level Security (RLS) misconfigurations in PostgreSQL databases do not throw errors — they silently return wrong data, making leaks hard to detect before reaching production. A new open-source tool called rlsautotest addresses this by automatically generating pgTAP test suites and seed data directly from existing RLS policies. The tool works with any PostgreSQL deployment, including Supabase, Neon, and Amazon RDS, and can output an HTML permissions report or emit tests for CI pipelines. It creates realistic seed data tied to specific identities to avoid false positives from empty-table test passes. Released under the Apache-2.0 license, the project is available on GitHub at github.com/unitautogen/rlsautotest.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.
Discussion (0)
Log in to join the discussion and vote.
Log in