Should I expose database types to client?
I’m building a fintech application using Supabase (Postgres + TypeScript).
I don’t use Supabase directly in the client — it’s used behind my API server — but I’m wondering about best practices for sharing database types.
Is it considered safe or standard practice to bundle the generated Database types with the frontend app to get type safety (e.g., matching API response shapes), or should I only expose a limited subset of types since this could reveal parts of the schema?
Given this is a fintech product where security really matters, I’d love to hear how others handle this in production setups.
I don’t use Supabase directly in the client — it’s used behind my API server — but I’m wondering about best practices for sharing database types.
Is it considered safe or standard practice to bundle the generated Database types with the frontend app to get type safety (e.g., matching API response shapes), or should I only expose a limited subset of types since this could reveal parts of the schema?
Given this is a fintech product where security really matters, I’d love to hear how others handle this in production setups.
