fix(pg-delta): order RLS policy creation after referenced new tables

[Copilot]

RLS policies can reference other relations inside USING / WITH CHECK. When both the policy target table and the referenced table are new, pg-delta could emit CREATE POLICY before the referenced table existed, causing plan/apply failures on an empty database.

• Policy dependency extraction

  • Extend CreateRlsPolicy.requires to include table references found in policy expressions.
  • This adds the missing ordering edge without changing the planner itself.

• Shared expression parsing

  • Export a small pg-topo helper for extracting dependencies from raw SQL expressions.
  • Reuse that helper from pg-delta instead of duplicating AST traversal logic.

• Regression coverage

  • Add a pg-delta integration test covering:
    • two newly created tables
    • a policy on one table
    • a USING expression that references the other new table
  • Add unit coverage for policy requires and helper coverage in pg-topo.

Example of the newly tracked dependency:

CREATE TABLE app.accounts (id integer primary key);
CREATE TABLE app.users (id integer primary key);

ALTER TABLE app.accounts ENABLE ROW LEVEL SECURITY;

CREATE POLICY account_access ON app.accounts
  FOR SELECT
  USING (EXISTS (SELECT 1 FROM app.users));

With this change, pg-delta treats the policy as depending on app.users, so CREATE POLICY is ordered after the referenced table exists.

[changeset-bot]

🦋 Changeset detected

Latest commit: 7d2eb60

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 2 packages

Name	Type
@supabase/pg-delta	Patch
@supabase/pg-topo	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR