Comment by cbondurant

1 day ago

Admittedly, I try and stay away from database design whenever possible at work. (Everything database is legacy for us) But the way the term is being used here kinda makes me wonder, do modern sql databases have enough security features and permissions management systems in place that you could just directly expose your database to the world with a "guest" user that can only make incredibly specific queries?

Cut out the middle man, directly serve the query response to the package manager client.

(I do immediately see issues stemming from the fact that you cant leverage features like edge caching this way, but I'm not really asking if its a good solution, im more asking if its possible at all)

9 comments

cbondurant

bob1029 1 day ago

There are still no realistic ways to expose a hosted SQL solution to the public without really unhappy things occurring. It doesn't matter which vendor you pick.

Anything where you are opening a TCP connection to a hosted SQL server is a non-starter. You could hypothetically have so many read replicas that no one could blow anyone else up, but this would get to be very expensive at scale.

Something involving SQLite is probably the most viable option.

IshKebab 20 hours ago

Feels like there's an opening in the market there. Why can't you expose an SQL server to the public?
Also Stackoverflow exposes a SQL interface so it isn't totally impossible.

yawaramin 10 hours ago

There's no need to have a publicly accessible database server, just put all the data in a single SQLite database and distribute that to clients. It's possible to do streaming updates by just zipping up a text file containing all the SQL commands and letting clients download that. Or even a more sophisticated option is eg Litestream.

zX41ZdbW 1 day ago

ClickHouse can do it. Examples:

    https://play.clickhouse.com/

    clickhouse-client --host play.clickhouse.com --user play --secure

    ssh play.clickhouse.com

baobun 19 hours ago
Yes but CH is not SQL.
- Hasnep 3 hours ago
  
  Yes, SQL is a query language and clickhouse is a database that uses SQL as a query language, but I don't see why that's relevant.

brendoncarroll 1 day ago

I personally think that this is the future, especially since such an architecture allows for E2E encryption of the entire database. The protocol should just be a transaction layer for coordinating changes of opaque blobs.

All of the complexity lives on the client. That makes a lot of sense for a package manager because it's something lots of people want to run, but no one really wants to host.

mirekrusin 1 day ago

You can use fossil [0]

[0] https://fossil-scm.org