All programmers should sudy and learn the relational algebra and the Codd Normal Forms. They should also study the horror of SQL and pray that they never have to use it.
It fills me with incredulity that _anyone_ thought that data access should be achieved through text statements that are compiled and executed in a running system. How many data breaches have been based on that dumb mistake alone?
Data access within a running system should always and only be accomplished through an API.
SQL is a nightmare
What about stored procedures?
Stored procedures are fine so long as they are:
1. precompiled.
2. Do not contain business rules.
From: graycat<-nathanday at 06/02/23 09:13:11 on wss://relay.damus.io
CC: #[4]
>---------------
>What about stored procedures?
In my experience with several ORMs, it’s not always easy to predict the SQL that gets generated, and sometimes it turns out to be inefficient. Better to just ask an SQL stored procedure to do the work, especially since it’s right there where the data are located.
Check Kysely
