this post was submitted on 19 Oct 2023
11 points (100.0% liked)

Programmer Humor

32561 readers
288 users here now

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

founded 5 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] Stumblinbear@pawb.social 0 points 1 year ago* (last edited 1 year ago) (1 children)

Unfortunately RustRover is still garbage for actual usage. And I refuse to use an ORM when I can just write the SQL in a more common syntax that everyone understands across every language instead of whatever inefficient library-of-the-week there is. Raw SQL is fine and can be significantly more performant. Don't be scared.

[–] hikaru755@feddit.de 0 points 1 year ago (1 children)

I'm not talking full blown ORM here, not a fan of those either. I'm talking about some light weight wrapper that basically just assembles SQL statements for you, while giving you just a little more type safety and automatic protection against SQL injection, and not sacrificing any performance. I'm coming from the JVM world, where Jooq and Exposed are examples of that kind of thing.

[–] Stumblinbear@pawb.social 0 points 1 year ago* (last edited 1 year ago) (1 children)

I'm currently using SQLx which you write raw queries in and it validates them against a currently-running db, using the description of the tables to build the typing for the return type instead of relying on the user. It makes it pretty hard to write anything that supports injection

[–] hikaru755@feddit.de 0 points 1 year ago

Oh, that sounds really cool! At what time does this validation happen? While you code, or later at build time?