Features

Aligned to SQLite 3.46.0;
A single executable file (written in Go);
HTTP/JSON access, with client libraries for convenience;
Directly call ws4sqlite on a database (as above), many options available using a YAML companion file;
In-memory DBs are supported;
Serving of multiple databases in the same server instance;
Batching of multiple value sets for a single statement;
Parameters may be passed to statements positionally (lists) or by name (maps);
Results of queries may be returned as key-value maps, or as values lists;
All queries of a call are executed in a transaction;
For each query/statement, specify if a failure should rollback the whole transaction, or the failure is limited to that query;
"Stored Statements": define SQL in the server, and call it from the client;
CORS mode, configurable per-db;
Scheduled tasks (VACUUM, sql or backups), also configurable per-db;
Provide initialization statements to execute when a DB is created;
WAL mode enabled by default, can be disabled;
Embedded web server to directly serve web pages that can access ws4sqlite without CORS;
Quite fast!
Compact codebase;
Comprehensive test suite (make test);
11 os's/arch's directly supported;
Docker images, for amd64, arm and arm64.

Authentication can be configured
- on the client, either using HTTP Basic Authentication or specifying the credentials in the request;
- on the server, either by specifying credentials (also with hashed passwords) or providing a query to look them up in the db itself;
A database can be opened in read-only mode (only queries will be allowed);
It's possible to enforce using only stored statements, to avoid some forms of SQL injection and receiving SQL from the client altogether;
CORS Allowed Origin can be configured and enforced;
It's possible to bind to a network interface, to limit access.

Some design choices:

Very thin layer over SQLite. Errors and type translation, for example, are those provided by the SQLite driver;
Doesn't include HTTPS, as this can be done easily (and much more securely) with a reverse proxy;
Doesn't support SQLite extensions, to improve portability.

Last updated 9 months ago

Aligned to SQLite 3.46.0;
A single executable file (written in Go);
HTTP/JSON access, with client libraries for convenience;
Directly call ws4sqlite on a database (as above), many options available using a YAML companion file;
In-memory DBs are supported;
Serving of multiple databases in the same server instance;
Batching of multiple value sets for a single statement;
Parameters may be passed to statements positionally (lists) or by name (maps);
Results of queries may be returned as key-value maps, or as values lists;
All queries of a call are executed in a transaction;
For each query/statement, specify if a failure should rollback the whole transaction, or the failure is limited to that query;
"Stored Statements": define SQL in the server, and call it from the client;
CORS mode, configurable per-db;
Scheduled tasks (VACUUM, sql or backups), also configurable per-db;
Provide initialization statements to execute when a DB is created;
WAL mode enabled by default, can be disabled;
Embedded web server to directly serve web pages that can access ws4sqlite without CORS;
Quite fast!
Compact codebase;
Comprehensive test suite (make test);
11 os's/arch's directly supported;
Docker images, for amd64, arm and arm64.

Authentication can be configured
- on the client, either using HTTP Basic Authentication or specifying the credentials in the request;
- on the server, either by specifying credentials (also with hashed passwords) or providing a query to look them up in the db itself;
A database can be opened in read-only mode (only queries will be allowed);
It's possible to enforce using only stored statements, to avoid some forms of SQL injection and receiving SQL from the client altogether;
CORS Allowed Origin can be configured and enforced;
It's possible to bind to a network interface, to limit access.

Some design choices:

Very thin layer over SQLite. Errors and type translation, for example, are those provided by the SQLite driver;
Doesn't include HTTPS, as this can be done easily (and much more securely) with a reverse proxy;
Doesn't support SQLite extensions, to improve portability.

Last updated 9 months ago