Product
Introducing Socket MCP for Claude Desktop
Add secure dependency scanning to Claude Desktop with Socket MCP, a one-click extension that keeps your coding conversations safe from malicious packages.
By Alexandros Kapravelos - Jul 29, 2025
You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP →
github.com/zyazhb/go-sqlite
- Version published
- Created
Pure-Go SQLite driver for GORM
Pure-go (without cgo) implementation of SQLite driver for GORM
This driver has SQLite embedded, you don't need to install one separately.
Usage
import (
"github.com/zyazhb/sqlite"
"gorm.io/gorm"
)
db, err := gorm.Open(sqlite.Open("sqlite.db"), &gorm.Config{})
In-memory DB example
db, err := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{})
Foreign-key constraint activation
Foreign-key constraint is disabled by default in SQLite. To activate it, use connection URL parameter:
db, err := gorm.Open(sqlite.Open(":memory:?_pragma=foreign_keys(1)"), &gorm.Config{})
More info: https://www.sqlite.org/foreignkeys.html
FAQ
How is this better than standard GORM SQLite driver?
The standard GORM driver for SQLite has one major drawback: it is based on a Go-bindings of SQLite C-source (this is called cgo). This fact imposes following restrictions on Go developers:
- to build and run your code, you will need a C compiler installed on a machine
- SQLite has many features that need to be enabled at compile time (e.g. json support). If you plan to use those, you will have to include proper build tags for every
gocommand to work properly (go run,go test, etc.). - Because of C-compiler requirement, you can't build your Go code inside tiny stripped containers like (golang-alpine)
- Building on GCP is not possible because Google Cloud Platform does not allow gcc to be executed.
Instead, this driver is based on pure-Go implementation of SQLite (https://gitlab.com/cznic/sqlite), which is basically an original SQLite C-source AST, translated into Go! So, you may be sure you're using the original SQLite implementation under the hood.
Is this tested good ?
Yes, The CI pipeline of this driver employs whole test base of GORM, which includes more than 12k tests (see badge on the page-top). Testing is run against latest major releases of Go:
- 1.18
- 1.19
In following environments:
- Linux
- Windows
- MacOS
Is it fast?
Well, it's slower than CGo implementation, but not terribly. See the bechmark of underlying pure-Go driver vs CGo implementation.
Included features
- JSON1 (https://www.sqlite.org/json1.html)
- Math functions (https://www.sqlite.org/lang_mathfunc.html)
FAQs
Unknown package
Package last updated on 20 Mar 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Scala and Kotlin Support in Socket
Socket now supports Scala and Kotlin, bringing AI-powered threat detection to JVM projects with easy manifest generation and fast, accurate scans.
By Peter van der Zee, Eli Insua - Jul 28, 2025
Application Security
/Security News
AI + a16z Podcast: Vibe Coding, Security Risks, and the Path to Progress
Socket CEO Feross Aboukhadijeh and a16z partner Joel de la Garza discuss vibe coding, AI-driven software development, and how the rise of LLMs, despite their risks, still points toward a more secure and innovative future.
By Sarah Gooding - Jul 25, 2025