It’s encrypted at rest, but there is still an attack vector of if someone gains access to your cloud

It’s encrypted at rest, but there is still an attack vector of if someone gains access to your cloudflare account through a mistake. You should never be able to access someone’s plaintext password period

PhoenixSpaceOP•11/14/25, 1:35 PM

To be more specific, cloudflare encrypts D1 at rest, but passwords should be one way hashed for security which is different

PPhoenixSpace It’s encrypted at rest, but there is still an attack vector of if someone gains ...

Ronald•11/14/25, 1:35 PM

Yup, makes sense

Ronald•11/14/25, 1:36 PM

Thanks @PhoenixSpace

PhoenixSpaceOP•11/14/25, 1:36 PM

No problem :)

Matthew•11/15/25, 8:28 AM

SQLite 3.51.0 introduces and functions. Does D1 plan to support these? What version of SQLite is D1? is not supported.

MMatthew SQLite 3.51.0 introduces `jsonb_each` and `jsonb_tree` functions. Does D1 plan t...

lambrospetrou•11/16/25, 9:40 AM

It's SQLite 3.47 right now: https://github.com/cloudflare/workerd/blob/964823ff45df4b5033bae9bba1b43baf6a8c556c/build/deps/deps.MODULE.bazel#L81

We do upgrade SQLite versions but not in a specific cadence. I will ask the team to see if we can upgrade soon again.

CCole Xemi Does d1 retry read queries automatically if they write to a temporary table? Lik...

lambrospetrou•11/16/25, 9:43 AM

As long as it doesn't cause writes to the underlying storage of the database, it should retry them, if the error is marked as retryable and the DB is not overloaded. If I remember correctly, temp tables are in memory, so it should be retried.

CubityFirst•11/16/25, 1:03 PM

https://i.cubityfir.st/firefox_f2MemxSOV7.png

CubityFirst•11/16/25, 1:03 PM

Am I doing something wildly wrong?

CubityFirst•11/16/25, 1:03 PM

How is cloudflare reporting that there's two entries with the same primary key? Shouldn't that be unique?

CubityFirst•11/16/25, 1:04 PM

Additionally, when I try to delete those rows via the studio, it just doesn't, same with editing the values

CubityFirst•11/16/25, 1:06 PM

https://i.cubityfir.st/firefox_ESgnqDdGh4.mp4

CubityFirst•11/16/25, 1:08 PM

https://i.cubityfir.st/firefox_bvoCV4kEWU.png

CubityFirst•11/16/25, 1:21 PM

i've gone so far as removing the binding from the worker to ensure that it's not some leftover worker that hasn't terminated or whatever, it's just not saving.

CubityFirst•11/16/25, 1:21 PM

I've recreated the table, and it's still not letting me save the value via studio

CubityFirst•11/16/25, 1:28 PM

Ah, well, Is ee

CubityFirst•11/16/25, 1:28 PM

Thank you so much haha

Original message was deleted

CubityFirst•11/16/25, 1:35 PM

Just swapped it over, working great now, thanks again.

Matthew•11/17/25, 9:36 AM

How are people handling database backups?

was fine when my db was 30Mb (3-4 seconds downtime is acceptable) but now the DB is 500Mb an export takes it offline for ~2 minutes.

scruffy•11/17/25, 9:48 AM

Once a D1 read replica has been created in a region, does it remain there "forever", or is it evicted after a certain period of inactivity. If evicted, what's the policy?

Sscruffy Once a D1 read replica has been created in a region, does it remain there "forev...

Matthew•11/17/25, 9:56 AM

I believe replicas are based on Durable Objects https://developers.cloudflare.com/durable-objects/concepts/durable-object-lifecycle/#:~:text=While%20in%20the%20idle%2C%20in,transition%20to%20the%20inactive%20state

Cloudflare Docs

Lifecycle of a Durable Object

This section describes the lifecycle of a Durable Object.

MMatthew I believe replicas are based on Durable Objects https://developers.cloudflare.co...

scruffy•11/17/25, 10:07 AM

That's a good point (I believe all of D1 is based on Durable Objects, not just read replicas). In that case, I guess my question was a bit off... if D1 read replicas follow the DO lifecycle, then they'd stay in memory for a while (as per linked docs). I was hoping to learn whether or not the underlying read replica instance would be cleaned up after a period of inactivity.

Sscruffy That's a good point (I believe all of D1 is based on Durable Objects, not just r...

lambrospetrou•11/17/25, 10:26 AM

I was hoping to learn whether or not the underlying read replica instance would be cleaned up after a period of inactivity.

As the lifecycle doc explains, if there are no requests handled within a region then after some period the replicas will hibernate or get evicted, and the next requests in that region will have to boot the replica again. Those first requests will be forwarded to the primary until the replica is ready again to serve traffic.

In the future we want to allow dynamic replicas that follow your traffic, but the lifecycle will still exist.

Llambrospetrou > I was hoping to learn whether or not the underlying read replica instance woul...

scruffy•11/17/25, 10:33 AM

Sorry, I think I'm still being unclear. Would the Read Replica's Durable Object be removed from the data centre? My reason for asking was that I'd imagine larger databases would take more time to move and boot and I wondered whether Cloudflare optimised for quicker boots (keep the replica in the data centre) or lower storage (remove the replica from the data centre).

Sscruffy Sorry, I think I'm still being unclear. Would the Read Replica's Durable Object ...

lambrospetrou•11/17/25, 10:37 AM

Still not clear what "removed from the data centre" means.

If you are asking if the replica moves data centers after creation, then at the moment it doesn't unless that specific DC has network issues. But, it will definitely move servers within that data centre. The normal DO routing applies here that attempts to keep a replica on the same DC and server, but it can move anytime due to many reasons under the hood.
Also, replicas need to re-fetch data from cold storage when they are cold starting since they need the latest state in case there were any writes.

Llambrospetrou Still not clear what "removed from the data centre" means. If you are asking if...

lambrospetrou•11/17/25, 10:38 AM

Overall, your questions seem to suggest that your worry is with low traffic how fast will cold starts be. Then, at the moment, you need to assume actual cold starts all the time. In the future there will be optimizations, but at the moment cold starts are not optimized yet.

If your worry is not about low traffic use-cases, then please provide more details.

Llambrospetrou Overall, your questions seem to suggest that your worry is with low traffic how ...

scruffy•11/17/25, 12:44 PM

You're right, my initial worry was about cold starts. I guess there are two scenarios I'm wondering about: when a read replica is first created in a new data centre, and when an existing read replica has to be cold started. Which leaves me with three questions: 1. what's the heuristic for creating a read replica in a new data centre? 2. how quickly can a new read replica be created and booted (not looking for precise numbers, just a way to think about the impact of sqlite storage size)? 3. what affects the cold start time for a read replica (sqlite size, amount of data to be updated, something else)? Apologies if I'm asking silly questions, just trying to get my head around how to think about this.

Sscruffy You're right, my initial worry was about cold starts. I guess there are two scen...

lambrospetrou•11/17/25, 1:37 PM

The first a replica (or DO in general) is created in a region it's assigned a specific datacenter location in the region randomly. Then, every time that specific replica comes online it will start there, if that DC is available and healthy, or moved elsewhere in the same region temporarily. This behavior is what happens NOW, and is NOT a guarantee we provide. We want to be flexible to move replicas in the future, since that's the plan, to dynamically create and move replicas based on incoming traffic.
The main delay is fetching the DB from cold storage. That strictly depends on the size. It can be a few milliseconds or many seconds.
DB size is the main contributor.

Llambrospetrou 1. The first a replica (or DO in general) is created in a region it's assigned a...

scruffy•11/17/25, 1:43 PM

This is really useful, thanks. Do read replicas only get created when there's a certain amount of traffic in a given region, and if so, what level of traffic is required? Does the delay scale linearly on DB size and do you have any very rough ballpark delays for say 1GB?

Sscruffy This is really useful, thanks. Do read replicas only get created when there's a ...

lambrospetrou•11/17/25, 2:45 PM

The replicas will start booting on the first request to its region, and until they are ready requests are forwarded to the primary. So, if you are only doing 1 request per minute for example, it's unlikely you will get processed by a replica ever, but you will always keep waking it up.
The delay depends on the size yes, I don't have numbers to publicly state, but it's as like downloading N MBs from cold storage.

You can find more details about how it all works under the hood in our blog post: https://blog.cloudflare.com/d1-read-replication-beta/#under-the-hood-how-d1-read-replication-is-implemented

The Cloudflare Blog

Sequential consistency without borders: How D1 implements global re...

D1, Cloudflare’s managed SQL database, announces read replication beta. In this post, we do a technical deep dive of the read replication implementation and how your queries can remain consistent across all regions.

Llambrospetrou The replicas will start booting on the first request to its region, and until th...

scruffy•11/18/25, 10:33 AM

thanks for your help, much appreciated

ts•11/19/25, 10:27 PM

Thanks for the great product. I’m hitting an issue with D1 where very simple inserts are taking anywhere from one to eight seconds. I’m only inserting a single user row and returning it. The table has the primary key index and a unique index on email, nothing else. The SQL itself runs in a few milliseconds, but the D1 trace shows long delays before the statement actually completes, which makes it look like platform-level latency rather than anything in the query.

I’m also seeing the same kind of latency spikes on KV puts from time to time. I’m trying to understand whether there are plans to reduce these stalls, or if there’s anything specific I can do on my end to improve D1 insert or KV write performance.
Thanks in advance

fawwaz•11/20/25, 6:52 AM

Hey all I'm excited about the new release of tanstack db (v1 expected to be realsed next month), I'm curious if any one yet used with d1?

fawwaz•11/20/25, 6:53 AM

there is a concern that progressive mode would get expensive with traditional fetch but I'm thinking that cache-tags would solve this, what do you guys think?
https://developers.cloudflare.com/cache/how-to/purge-cache/purge-by-tags/

Cloudflare Docs

Purge cache by cache-tags

Cache-tag purging makes multi-file purging easier because you can instantly bulk purge by adding cache-tags to your assets, such as webpages, image files, and more.

Tts Thanks for the great product. I’m hitting an issue with D1 where very simple ins...

Florent•11/20/25, 9:36 AM

I sent you a DM to get more info, so that I can take a look a your specific D1 DB.

Matthew•11/21/25, 9:22 AM

Is there any indication of when Time Travel might gain the ability to clone and fork databases? Understand you won't have a precise date, but helpful to know if it's closer to "next quarter" or "maybe one day"

https://developers.cloudflare.com/d1/reference/time-travel/#restore-a-database

In the future, D1 will support branching & cloning databases using Time Travel.

At the moment, backups feel like a big missing piece.

Time travel destructively overwrites the entire database - so restoring one deleted row means losing all good data newer than the bookmark.
takes the db offline, potentially for multiple minutes depending on size.
I could create a workflow to query tables one by one and output a file, but there could be inconsistent data between tables, foreign key problems, etc.
Maybe I'm missing an option?

MMatthew Is there any indication of when Time Travel might gain the ability to clone and ...

lambrospetrou•11/21/25, 9:49 AM

Asked a few times every month, we do know people want it, we do have plans to do it, but unfortunately cannot promise any delivery estimates.

We are hoping that over the next few quarters we will be switching back to doing all the read replication improvements we want, and that will enable features like this.

Llambrospetrou Asked a few times every month, we do know people want it, we do have plans to do...

Matthew•11/21/25, 10:25 AM

Thanks!

tobystr•11/21/25, 11:28 AM

That and also Change Data Capture to a pipeline / queue would be nice

Earl•11/21/25, 6:59 PM

Is there a possibility to do a D1 restore via HTTP API or bindings API?

I can get the current bookmark at runtime via the binding but I see no way to restore to a bookmark except via wrangler, which is not available at runtime.

EEarl Is there a possibility to do a D1 restore via HTTP API or bindings API? I can ...

Florent•11/21/25, 11:35 PM

There might be a way but it's not documented in our OpenAPI. I'll check with the team if I can get more information but I can't guarantee you a response.

Earl•11/21/25, 11:37 PM

That would be great

currently I'm looking into using a durable object container to run wrangler. But this is pretty hacky.

Florent•11/21/25, 11:38 PM

What would be your use case for restoring a database via an HTTP api call?

FFlorent What would be your use case for restoring a database via an HTTP api call?

Earl•11/22/25, 12:47 AM

I've been talking about it with lambrospetrou in #durable-objects .

Quick summary: I'm processing live data and sometimes that data is faulty and I need to revert to an earlier point and replay the corrected data.

With durable objects that's possible at runtime. But I also have D1s.

I'm trying to avoid writing revert logic for all the incoming data since this is difficult to maintain.

Paul•11/22/25, 7:54 PM

Does D1 have triggers for tables? Like can I raise an event to a Queue when a insert/update/delete happens?

Earl•11/22/25, 11:04 PM

Only internal SQLite triggers, you can't call outside. Maybe durable objects would be a better fit?

PPaul Does D1 have triggers for tables? Like can I raise an event to a Queue when a in...

lambrospetrou•11/23/25, 12:58 AM

This feature is commonly called CDC (change data capture), and it's not supported at the moment. The SQLite triggers feature is supported, but that's only to execute SQL things when certain rows change, so not what you are asking.

PPaul Does D1 have triggers for tables? Like can I raise an event to a Queue when a in...

Hello, I’m Allie!•11/23/25, 1:07 AM

Dumb idea, use SQLite triggers to push to a triggers table, and then periodically poll it?

Aman•11/23/25, 1:08 AM

I am facing an issue where I am unable to access some parts of my site
For example, when I try to remove something from the cart, it throws an error and does not let me remove it, additionally it does not let me logout

When used in development mode, it works fine
I purged cache and all but still not working, any insights?