NpgsqlRest

Appearance

NpgsqlRestYour SQL is the API.

Annotate PostgreSQL functions and SQL files with comments to declare HTTP routes, auth, caching, retries, and rate limits. Get a fast, typed REST API โ€” no controllers, no models, no boilerplate.

Get Started
View on GitHub
~ npgsqlrest
$โ–Œ
โšก

Fast & native

AOT executables. 4,500+ req/s on a single host in independent benchmarks.

๐Ÿ“

Declare in SQL

Caching, auth, retries, rate limits โ€” declared as SQL comments next to the query.

๐Ÿ˜

Database-first

PostgreSQL is the architecture โ€” not a detail to abstract away.

๐Ÿ”„

Typed clients

PostgreSQL types generate typed TypeScript clients automatically. No drift.

๐Ÿ”’

Secure by default

Cookies, JWT, OAuth2, conditional caching, per-user limits โ€” built in.

๐Ÿ’š

Open source

MIT-licensed. No paid tier, no telemetry, no vendor lock-in.

4,500+
req/s on a single hostยน
74
production endpoints,
zero C# or Pythonยฒ
12K
lines of SQL
(no host-language code)
MIT
licensed,
open source
  • Declare, don't code โ€” caching, auth, retries, rate limiting โ€” all declared as SQL annotations.
  • PostgreSQL at the center โ€” the opposite of Clean Architecture: the database drives everything.
  • Types flow outward โ€” PostgreSQL types generate TypeScript clients automatically.
  • No middle tier โ€” no controllers, no models, no mapping layers, no boilerplate.

Declarative Annotations โ€‹

Declare what you want from your endpoint โ€” caching, authorization, timeouts, retries, rate limiting โ€” right where the SQL lives.

SQL File

sql
/*
HTTP GET /users/
@authorize admin, user
@cached
@cache_expires_in 30sec
@timeout 5min
@table_format = excel
@excel_file_name = users.xlsx
*/
select id, name, email, role
from users
where $1 is null or department_id = $1;

PostgreSQL Function

sql
create or replace function api.get_users(
  _department_id int
)
returns table (id int, name text, email text, role text)
language sql
begin atomic;
select id, name, email, role
from users
where
  _department_id is null
  or department_id = _department_id;
end;

comment on function api.get_users(int) is '
HTTP GET /users/
@authorize admin, user
@cached
@cache_expires_in 30sec
@timeout 10sec
@retry_strategy aggressive
@rate_limiter_policy authenticated_limit
@tsclient_module = users
';

From the Blog โ€‹

NewFeaturedCase Study: 74 Endpoints, Zero Backend Code โ€” A Production App Built Entirely on NpgsqlRestWhat it actually looks like to ship a production application without a controller layer. Real numbers from a finance/visualization app: ~74 HTTP endpoints, 12K LOC of SQL, zero lines of C# or Python, and an estimated 5,000โ€“9,000 LOC of host-language boilerplate eliminated.
From SQL to Type-Safe TypeScriptGenerate typed fetch modules and TypeScript interfaces directly from PostgreSQL functions and SQL files. End-to-end type safety with @tsclient annotations.NpgsqlRest 3.13.0: Cache Profiles, Auth Schemes, Per-User Rate LimitsConditional caching with When rules, short-lived sensitive sessions, per-user rate limiting, and multi-tenant search_path with pgBouncer.PostgreSQL REST API Benchmark 2026Performance comparison of NpgsqlRest vs PostgREST, Django, FastAPI, Spring Boot, Go, Rust, and more โ€” 14 frameworks, identical PostgreSQL functions.Human WrittenSQL REST APIThe story behind NpgsqlRest 3.12.0 โ€” SQL file endpoints, the philosophy of database-first development, and why I think Clean Architecture got it wrong.
Build, Test, Publish and ReleaseLicenseGitHub StarsGitHub ForksCrafted with Claude
โค๏ธ Support this project: Patreon ยท Buy Me a Coffee
Released under the MIT License.
Copyright ยฉ 2024-2026 VB Consulting