this post was submitted on 04 Oct 2023
78 points (86.1% liked)
Programming
17508 readers
9 users here now
Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!
Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.
Hope you enjoy the instance!
Rules
Rules
- Follow the programming.dev instance rules
- Keep content related to programming in some way
- If you're posting long videos try to add in some form of tldr for those who don't want to watch videos
Wormhole
Follow the wormhole through a path of communities [email protected]
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
One alternative to both raw SQL and and ORM is a query builder, a procedural library for constructing database queries. Query builders typically don't have the object/relational "impedance mismatch" of ORMs; they don't encourage you to pretend that records in the database are the same as objects in your code. But they give you a syntax that looks more like your programming language, and automatically handles escaping (and thus, resistance to injection attacks).
However, query builders often don't expose all the power of your database. If you're using PostgreSQL, you've got one hell of a powerful set of tools in there. It's often worth spending the time to master them just so you don't end up reinventing the stone-age wheel on top of a warp-speed hovercraft.
I've been using Jooq to build my queries (and run them). Beats the hell out of writing prepared statements in strings.
Not sure what power I'm missing though, I've been able to do everything via Jooq that I want to do.
You're not missing much power with jOOQ, in my opinion as someone who has used it for years. Its built-in coverage of the SQL syntax of all the major database engines is quite good, and it has easy type-safe escape hatches if you need to express something it doesn't support natively.