mysql-native v2.1.0

[Nick Sabalausky (Abscissa)]

On 03/07/2018 04:16 AM, aberba wrote:
> On Tuesday, 6 March 2018 at 10:15:30 UTC, Martin Tschierschke wrote:
>> On Tuesday, 6 March 2018 at 07:39:00 UTC, aberba wrote:
>>> UNIX sockets provide a way to securely connect in an 
>>> enclosed/isolated environment without exposing connection externally. 
>>> This is used in my company in our microservice infrastructure on 
>>> Google Cloud: we connect to our db instance using a proxy and its the 
>>> recommended approach in microservices.
>>>
>>> Its a very common security practice. The default approach on Google 
>>> Cloud. I would do the same for any db I want to prevent external 
>>> access to. If vibe.d doesn't support it then its missing a big piece 
>>> of a puzzle.
>> Having sockets would be better, but you may configure your mysql to 
>> allow only
>> local connects. So external requests are blocked.
>>
>> https://dba.stackexchange.com/questions/72142/how-do-i-allow-remote-mysql-access-to-all-users 
>>
>>
>> Look at the first answer to set the right privileges for your 
>> environment.
>>
>> Additionally blocking the mysql port 3306 (beside many others) from 
>> outside the network would make sense.
> 
> The MySQL instance is running in a managed cloud instance. You don't get 
> to tweak things like with vps.  Proxy based connection its what's used. 
> Not just in my case...it supported in all major mysql libraries 
> "socketPath".

I'd say, please file a ticket here:

https://github.com/mysql-d/mysql-native/issues

The more clearly the case is presented, the more likely it is to be 
given appropriate priority.

I'd also encourage yourself, and others who may care about this issue, 
to please consider working on a PR for this. I am only one person and 
only have so many resources to go around, so if those who do find this 
important can offer an implementation, that's the best way to get a 
feature included ASAP. If it's left to me to implement, then it has to 
compete with all the rest of my projects and priorities.

I'd be more than glad to offer any help I can in either understanding 
the codebase, or in any other way I can help improve the "bus factor" of 
this project. Just ping me through a ticket on github, or privately via 
https://semitwist.com/articles/contact/form/contact-us  (and yes, I know 
the captcha system there is woefully out-of-date :/ )

To be clear, please understand, this ISN'T a "no" by any means. I am 
fully open to this feature getting implemented, and I want this lib to 
be as useful to as many people as possible. It's just that I only have 
so much resources of my own, and I don't get paid for this, so if it's 
left completely up to me then it has to compete with everything else 
vying for my attention.