Only return schemas in the electric-schema header for the selected columns

[KyleAMathews]

E.g. if the table has columns a,b,c and the request only wants column a, the electric-schema should also only include a.

---

Discussed in #2252

^{Originally posted by gartz January 24, 2025}
First of all, I want to say I really appreciate the concepts behind Electric-SQL—it's an amazing project!

While learning about the shapes for proxy/gatekeeping, I noticed the recommendation to filter out sensitive or backend-only columns to ensure they aren't exposed to the client. However, I observed that the electric-schema header still includes columns that are not part of the shape.

Example

For instance, a users table might include sensitive columns such as salt and password_hash, which shouldn't be synced with the client. However, columns like username and email should be exposed. Despite excluding sensitive columns from the shape, they still appear in the electric-schema header.

Question

What is the best approach to address this issue? Could the documentation provide more clarity on this scenario? Some potential solutions I've considered are:

1. Creating a View Table: Define a database view that includes only the columns the client should access. Use this view in the shape definition instead of the original table.
2. Manipulating the electric-schema JSON: Modify the schema header to include only client-safe columns before propagating it.

Could you provide guidance on the recommended approach or suggest a best practice? Additionally, if a specific method is preferred, it would be helpful to include it in the documentation for others encountering this scenario.

Thank you for your time and for building such an exciting tool!