MikeWatch Forks of the Mike legal-AI codebase, distilled for legal-tech readers
Home · jrklaus8/mike-Canada · this thread

jrklaus8 stops Mike from querying its database as a superuser

A fix in the Canadian fork closes a gap that let every request reach across the lines meant to separate one user's data from another's.

securityinfrastructure

Out of the box, Mike talks to its database with a master key that ignores the per-user access rules entirely. In practice that means any request could read past the boundaries that are supposed to keep one user's records walled off from the next. jrklaus8 rewires this so each request now carries the identity of the person making it, and the database enforces the limits that were being skipped. It's worth noting there's still a fallback path that can quietly revert to the old behaviour, so anyone adopting this should look closely before relying on it.

The same stretch of work also adds the option to run Mike's AI on your own hardware instead of routing every request through an outside cloud provider - a meaningful switch for anyone wary of where client material travels.

So what Anyone weighing Mike for client-confidential work should care: this is the difference between a slick demo and something you'd trust with privileged data.

View this fork on GitHub →

Spotted something wrong? Or know the PR text has fresher detail than the writeup above?

Commits in this thread

2 commits from jrklaus8/mike-Canada, oldest first. Source extracted verbatim from the harvested git log.

SHA Subject Author Date
86f1ef02 refactor: Add Ollama local inference, RLS middleware, and extract chatTools schemas MikeOSS Bot 2026-05-22 ↗ GitHub
0a309b61 security: Enforce RLS JWT passthrough across all routes. refactor: extract parsers. MikeOSS Bot 2026-05-22 ↗ GitHub

Capture this thread into my fork

Download a single Markdown prompt that tells Claude how to port every commit above into your working tree — adapting paths and structure to match your repo. Run it via claude -p < capture-thread-548.md from inside the repo you want the changes in.

⬇ Download capture-thread-548.md