DEV.co
Open-Source DevOps · cookieY

Yearning

Yearning is an open-source SQL audit and query management platform for MySQL, built in Go. It provides SQL validation, approval workflows, query logging, RBAC, and an AI assistant for optimization—deployed locally to keep data private.

Source: GitHub — github.com/cookieY/Yearning
9k
GitHub stars
2k
Forks
Go
Primary language
AGPL-3.0
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
RepositorycookieY/Yearning
OwnercookieY
Primary languageGo
LicenseAGPL-3.0 — OSI-approved
Stars9k
Forks2k
Open issues166
Latest releasev3.1.9.1 (2024-11-10)
Last updated2025-10-13
Sourcehttps://github.com/cookieY/Yearning

What Yearning is

Go-based audit platform with SQL syntax checking, approval workflows, query anonymization, role-based access control, and LLM-powered SQL optimization. Deployable via Docker or binary; requires MySQL backend for state storage.

Quickstart

Get the Yearning source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/cookieY/Yearning.gitcd Yearning# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

DBA/Developer SQL Governance

Enforce SQL approval workflows, syntax validation, and audit trails for database changes across teams. Useful for regulated environments requiring change traceability.

On-Premises Data Privacy

Deploy locally to avoid sending SQL statements to external services. Includes encryption for sensitive data and query anonymization for PII protection.

SQL Performance Optimization

Use integrated AI assistant to review and optimize SQL statements in real-time, plus generate rollback statements for DDL/DML operations automatically.

Implementation considerations

  • Configure config.toml and initialize database (./Yearning install) before first run. Docker deployment requires environment variables (SECRET_KEY, MYSQL_* credentials).
  • AI Assistant features appear to rely on external LLM; verify prompt injection risks and data residency if using custom prompts with sensitive queries.
  • RBAC setup required to restrict access by role; default installation may have overly permissive roles—review before production.
  • No mention of backup/restore automation for audit logs; plan retention and archival policy for compliance.
  • Latest release (v3.1.9.1, Nov 2024) indicates active development; evaluate stability for mission-critical deployments.

When to avoid it — and what to weigh

  • Non-MySQL Databases (Primary) — Platform is tailored for MySQL. Support for PostgreSQL, Oracle, SQL Server not evident from data provided; requires review.
  • AGPL Licensing Conflict — AGPL v3.0 requires derivative works to be open-source and available to network users. Incompatible with closed-source commercial products without careful architecture isolation.
  • Minimal Maintenance Tolerance — 166 open issues and community-driven development. No SLA or commercial support mentioned; not suitable if production uptime guarantees are required.
  • Multi-Database SaaS Platform — If you need to audit multiple database vendors (Oracle, PostgreSQL, SQL Server) as a unified service, this MySQL-specific tool requires significant extension work.

License & commercial use

Licensed under AGPL-3.0 (GNU Affero General Public License v3.0). This is a copyleft license that requires any networked use or derivative distribution to provide source code and apply the same license to modifications. Not a permissive OSI license for proprietary/closed-source use.

AGPL v3.0 does not permit closed-source commercial products to use Yearning as-is without open-sourcing modifications and making them available to network users. Internal use in a closed organization is typically permitted; selling a closed-source product embedding Yearning is not. Consult legal counsel if considering commercial deployment.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationAdequate
License clarityClear
Deployment complexityModerate
DEV.co fitGood
Assessment confidenceHigh
Security considerations

Platform emphasizes local deployment and encryption of sensitive data. RBAC enforces access control. Query anonymization available for PII. However, no independent security audit, CVE history, or threat model provided. OSCS badge referenced but details not available. AI Assistant features introduce LLM dependency—verify prompt injection and data leakage risks if using for sensitive queries. Assume standard web app security best practices (e.g., SQL injection in audit rules themselves) require review.

Alternatives to consider

Bytebase

Multi-database SQL review platform with GitOps workflows and RBAC. Supports MySQL, PostgreSQL, Oracle, etc. Commercial support available; open-source variant (Community Edition) also exists. More mature for enterprise use.

Sqle (UCloud)

Open-source SQL audit platform with similar features (SQL review, workflow, audit logs). Also supports multiple databases and RBAC. Lighter AGPL footprint; may have different community maturity.

Apache Ozone Audit / Ranger (Hadoop)

Enterprise data governance suite with audit, RBAC, and policy enforcement across databases. Heavier, more complex, but broader ecosystem for large organizations.

Software development agency

Build on Yearning with DEV.co software developers

Yearning offers strong privacy, local deployment, and automation for SQL auditing—but verify AGPL compliance, MySQL-only scope, and community-support readiness before production adoption.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

Yearning FAQ

Can I use Yearning in a closed-source commercial product?
Not without legal review and likely source-code disclosure. AGPL-3.0 requires modifications and networked use to be open-sourced. Internal business use in a closed organization is typically permitted; selling a product that includes Yearning is not.
Does Yearning support databases other than MySQL?
No evidence in the provided data. It is explicitly tailored for MySQL. Support for PostgreSQL, Oracle, or SQL Server would require significant extension or is not documented.
Is there commercial support or SLA?
No SLA or commercial support plan mentioned. Support contact is [email protected], but no response-time guarantees or paid support tiers are documented.
What does the AI Assistant do, and where does it send data?
It provides SQL optimization suggestions and text-to-SQL conversion via LLM. External data residency and privacy guarantees are not explicitly stated; verify with vendor if using sensitive queries.

Software developers & web developers for hire

DEV.co is a software development agency delivering custom software development services to companies building on open source. Our software developers and web developers design, integrate, and ship production systems — spanning web development, APIs, AI, data, and cloud. If Yearning is part of your open-source devops roadmap, our team can implement, customize, migrate, and maintain it.

Evaluate Yearning for Your SQL Governance Needs

Yearning offers strong privacy, local deployment, and automation for SQL auditing—but verify AGPL compliance, MySQL-only scope, and community-support readiness before production adoption.