Comment by bhaney
There are a lot of major security vulnerabilities in the world that were made understandably, and can be forgiven if they're handled responsibly and fixed.
This is not one of them. In my opinion, this shows a kind of reputation-ruining incompetency that would convince me to never use Arc ever again.
Also, firebase? seriously? this is a company with like, low level software engineers on payroll, and they are using a CRUD backend in a box. cost effective I guess? I wouldn't even have firebase on the long list for a backend if I were architecting something like this. Especially when feature-parity competitors like Supabase just wrap a normal DBMS and auth model.