Non-standard file locations

[probablykasper]

Bug report

Describe the bug

Supabase is storing files in the non-standard location ~/.supabase.

To Reproduce

Run a command like supabase login, I think supabase functions serve also creates it

Expected behavior

Would expect files to be stored in a standard location like ~/Library/Application Support, ~/Library/Preferences or ~/Library/Caches.

System information

• OS: macOS
• Version of Node.js: v16.13.1

[sweatybridge]

The file that we currently store under ~/.supabase is the personal access token that you used to login. I don't think it falls under the category Application Support, Preferences, or Caches. A safer place to store is probably Keychain but getting it to work consistently across Linux and Windows will be non-trivial.

One way to stop the CLI from creating this file is to set the SUPABASE_ACCESS_TOKEN=<your token> env var, either manually or in your ~/.bashrc.

[probablykasper]

Application Support is where app data is stored. The guidelines say this:

Application Support

Contains all app-specific data and support files. These are the files that your app creates and manages on behalf of the user and can include files that contain user data. By convention, all of these items should be put in a subdirectory whose name matches the bundle identifier of the app. For example, if your app is named MyApp and has the bundle identifier com.example.MyApp, you would put your app’s user-specific data files and resources in the ~/Library/Application Support/com.example.MyApp/ directory. Your app is responsible for creating this directory as needed. Resources required by the app to run must be placed inside the app bundle itself.

But using Keychain would absolutely be more secure. The keyring Rust crate might be helpful for figuring out how to store secrets cross-platform.