Cinderblock docs

The forkable multi-tenant SaaS starter on Supabase whose load-bearing differentiator is a pgtap-tested Row-Level-Security suite that survives hostile multi-tenant fixtures.

Most Supabase multi-tenant deliveries trust the client to send the right tenant ID, use the service-role key to bypass RLS "for performance," or write policies that pass against the owner's own data and silently leak under joins. Cinderblock doesn't.

Start here

• Getting started — fork the template, set env vars, get a green pgtap suite locally in under 5 minutes (warm cache).
• Multi-tenancy concepts — the workspace / member / role / invite / audit model in 5 minutes.

Security (the load-bearing pages)

• How RLS works in Cinderblock — every policy in plain English plus the SQL.
• Live policy viewer — reads pg_policies on the deployed database.
• Test results — latest pgtap CI output.
• Disclaimer — what the test suite proves and what it doesn't.