The most powerful SQLite database is a Cloudflare Developers Durable Object with row level security, query allowlist, data masking, REST API, web sockets + query caching. Today we're announcing Auth + RLS + Allowlist + Query Caching are available by default in StarbaseDB. Read more 🧵

StarbaseDB: Allowlist + RLS + Auth Example: Blog Post:

1. Query Caching Any request you make to your instance with the header "X-Starbase-Cache" in it will now automatically be cached for 60 seconds. Perfect for external data source use cases where connecting to Postgres, MySQL, Mongo or others and you want your data response cached on the edge. Early testing shows multi-second SQL requests going down to as little as ~50ms! Few caveats exist here including: - Response cached must be less than 1MiB (RPC restriction in Workers) - Query must not contain any modifying statements (SELECT only) - No dynamic parameters Many improvements to come here to improve all three of the above areas.

2. Allowlist You can now specify a specific list of queries that can be executed against your external data source to prevent users from trying to access data tables they shouldn't. This works when connecting StarbaseDB to other database viewers, or by hitting the endpoints your instance exposes. This feature is an essential piece to the puzzle for enabling executing SQL statements safely from the frontend and keeping security at the forefront.

3. Row Level Security A feature that is mostly touted as a core part of Postgres but always recommended to have a secondary layer in your application logic. Now as part of StarbaseDB it comes built in out of the box so you can define table policies that should exist. You can now query "SELECT * FROM todos;" and by design only get the todos that are relevant to the requesting user. When a policy exists on a table that indicates that RLS is turned "on" for that entire table. You can easily create rules for what operations can be performed. Again, another very important piece to the SQL from frontend goal. This feature is still in Early Access but want to give everyone the opportunity today to start working with it and providing feedback to us on how it should improve.

Lastly, all of this is still in EARLY ACCESS! More to come but we want to get this into peoples hands early and invite feedback. There will be quirks, limitations, and gotcha's I'm sure. The foundation has been set and now it is time for us to build & improve what we have. 🙏🚀

@CloudflareDev What are your thoughts on cost? Each time you query the DB it will count as 1 worker invocation, right?

@CloudflareDev 15,000,000 requests for $8 is a good problem to have in my books.