mancitrus/system-prompts-and-models-of-ai-tools
1
0
Fork 0
mirror of https://github.com/x1xhlol/system-prompts-and-models-of-ai-tools.git synced 2026-06-17 23:09:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
f0af56ae4e
system-prompts-and-models-o.../dealix/docs/SUPABASE_PROJECT_MEMORY_SETUP.md
Sami Assiri f79c69ff25 ci(dealix): root GitHub workflows, ai-company track, full Dealix API tree 
Made-with: Cursor
2026-05-01 14:03:52 +03:00

55 lines
2.4 KiB
Markdown
Raw Blame History

# Supabase / pgvector — Project Memory Setup
## Enable pgvector
In the Supabase dashboard: **Database → Extensions →** enable `vector` (pgvector).
Alternatively, the migration `supabase/migrations/202605010001_v3_project_memory.sql` runs `create extension if not exists vector;` (requires sufficient DB privileges).
## Run migration
1. Install [Supabase CLI](https://supabase.com/docs/guides/cli).
2. Link the project: `supabase link --project-ref <ref>`.
3. Push SQL: `supabase db push` **or** paste the migration file into the SQL editor and execute.
## Environment variables
| Variable | Purpose |
|----------|---------|
| `SUPABASE_URL` | Project API URL (server-side only). |
| `SUPABASE_SERVICE_ROLE_KEY` | **Server only** — bypasses RLS; never expose to browsers or mobile clients. |
| `SUPABASE_ANON_KEY` | Optional for public features — **not** for project memory tables. |
Local indexing (no keys required):
```bash
python scripts/index_project_memory.py --root . --out .dealix/project_index.json
python scripts/index_project_memory.py --root . --query "personal operator"
```
## Embedding model choices
- **gte-small** (384 dims) via Edge Function or local worker — low cost, aligns with migration vector(384).
- **OpenAI `text-embedding-3-small`** — set dimension to match your DB column if you change size.
- **BGE-small** — similar footprint; validate dimension before altering the column type.
## Security notes
- **RLS** is enabled on `project_documents`, `project_chunks`, and `strategic_memory` with **no default policies** — intended for **service role from backend only**.
- **Never store API keys, tokens, or private keys** in `content` or `metadata` destined for embeddings.
- Strip or redact secrets **before** chunking; use `should_block_embedding()` in `project_intelligence.py` as a guardrail.
## RLS policy examples (commented in migration)
Uncomment and adapt only after security review. Typical pattern: allow `service_role` full access; deny `anon`/`authenticated` direct reads on strategic embeddings.
## Launch checklist
- [ ] Extension `vector` active
- [ ] Migration applied without errors
- [ ] Indexes created (`project_chunks_embedding_hnsw`, etc.)
- [ ] Backend uses service role only in trusted runtime
- [ ] Chunk pipeline redacts secrets
- [ ] Staging load test on `match_project_chunks`
- [ ] Retention / deletion policy documented
Reference in New Issue View Git Blame Copy Permalink