| ▲ | tossandthrow 5 days ago |
| Have you ever build a complex app like this? In particular, have you have to do testing, security (eg. row level security), manage migrations, change management (eg. for SOC2 or other security frameworks), cache offloads (Redis, and friends), support for microservices, etc. Comments like this give me a vibe of young developers trying out Supabase for the first time feeling like that approach can scale indefinitely. |
|
| ▲ | rbees 5 days ago | parent | next [-] |
| > Comments like this give me a vibe of young developers I don’t think so. The context is about avoiding joining in memory, which is fairly awful to do in a application, and should be avoided, along with uninformed use of ORMs, which often just add a layer of unwarranted complexity leading to things like the dreaded N+1 problem that most inexperienced Rails developers had when dealing with ActiveRecord. If anything, what you’re talking about sounds like development hell. I can understand a database developer having to bake in support for that level of security, but developing an app that actually uses it gets you so far in the weeds that you can barely make progress trying to do normal development. A developer with several years of experience or equivalent will have pride in developing complexity and using cool features that make them feel important. After a developer has maybe twice that many years experience or equivalent, they may develop frameworks with the intent to make code easier to develop and manage. And beyond that level of experience, developers just want code that’s easy to maintain and doesn’t make stupid decisions like excessive complexity. But, they know they have to let the younger devs make mistakes, because they don’t listen, so there is no choice but to watch hell burn. Then you retire or get a different job. |
| |
| ▲ | tossandthrow 5 days ago | parent [-] | | I don't know what I am talking about that sounds like hell? I am merely talking about properties of developing complex web applications that have traditionally not been easy to work with in SQL. I am in particular not proposing any frameworks. How can that sound like hell? |
|
|
| ▲ | lurking_swe 5 days ago | parent | prev | next [-] |
| Not the person you replied to, but I have! A java project I worked on a couple years ago used a thin persistence layer called JOOQ (java library). It basically helps you safely write sql in java, without ORM abstractions. Worked just fine for our complex enterprise app. Sql migrations? This is a solved problem:
https://github.com/flyway/flyway What about micro services? You write some terraform to provision a sql database (e.g. aws aurora) just like you would with dynamo db or similar. What does that have to do with ORMs? What about redis? Suddenly we need an ORM to query redis, to check if a key exists in the cache before hitting our DB? That’s difficult code to write? I’m confused reading your comment. It has “you don’t do things my way so you must be dumb and playing with toy projects” vibes. |
| |
| ▲ | __MatrixMan__ 5 days ago | parent | next [-] | | As a previous user of alembic I was surprised that flyway's migrations only go forward by default and that reversing them is a premium feature. That's like having the luxury trim being the one with seatbelts. | | |
| ▲ | lurking_swe 5 days ago | parent [-] | | it’s been a while since I used flyway. is there a better option in 2025? Just curious. |
| |
| ▲ | tossandthrow 5 days ago | parent | prev [-] | | From what I can se jooq is only really type safe with pojo mappings, to what point it is an orm with an expressive query dsl. Alternatively you use record style outputs, but that is prone to errors if positions are changed. Regardless, even with jooq you still accept that there is a sizable application layer to take responsibility of the requirements I listed. | | |
| ▲ | lurking_swe 5 days ago | parent [-] | | i guess it’s semantics, but i agree with you actually. After all ORM = object relational mapping. However it’s certainly the most lightweight ORM i’ve used in the java and c# world. With JOOQ you are in complete control of what the SQL statements look like and when those queries happen (avoids the common N + 1 risk). _Most_ ORMs i’ve seen attempt to abstract the query from the library user. In our project we generated pojo’s in a CI pipeline, corresponding to a new flyway migration script. The pojos were pushed to a dedicated maven library. This ensured our object mappings were always up to date. And then we wrote sql almost like the old fashioned way…but with a typesafe java DSL. |
|
|
|
| ▲ | Yokohiii 5 days ago | parent | prev | next [-] |
| I don't understand why all these problems should be easier handled with an ORM then with raw sql? |
| |
| ▲ | LinXitoW 5 days ago | parent | next [-] | | Why is it so hard to believe that well tested, typed code is better than manual string concatenation? Before you tell me about how you just use a Query Builder/DSL and a object mapper for convenience: That's a freaking ORM! | |
| ▲ | tossandthrow 5 days ago | parent | prev [-] | | It is a granluarity tradeoff. With SQL you need to explicitly test all queries where the shape granularity is down to field level. When you map data onto an object model (in the dto sense, not oop sense) you have bigger building blocks. This gives a simpler application that is more reliable. Obviously you need to pick a performant orm - and it seems a lot of people in these threads have been traumatized. Personally, I run a complex application where developers freely use a graphql schema and requests are below 50ms p99 - gql in translated into joins by the orm, so we do not have any n+1 issues, etc. | | |
| ▲ | johnmaguire 5 days ago | parent | next [-] | | The issue with GraphQL tends to be unoptimized joins instead. Is your GraphQL API available for public consumers? How do you manage them issuing inefficient queries? I've most often seen this countered through data loaders (batched queries that are merged in code) instead of joins, or query whitelists. | | |
| ▲ | tossandthrow 5 days ago | parent [-] | | While this api in particular is not publicly exposed, that would not be a concern. The key is to hold the same schema on the database as on the graphql and use tooling that can translate a gql query into a single query. | | |
| ▲ | johnmaguire 5 days ago | parent [-] | | The issue I've seen with GraphQL isn't necessarily the count of queries run, but rather the performance or said queries (i.e. most SQL queries are not performant without proper indexes for the specific use case, but GraphQL allows lots of flexibility in what queries users can run.) | | |
| ▲ | tossandthrow 3 days ago | parent [-] | | Yes - one needs to ensure that the data is well indexed - that is reasonable. But indices does not need to yield a single result. It is OK that indices reduce the result set to tens or couple of hundreds of result. That is well within the performance requirements (... of our app) |
|
|
| |
| ▲ | Yokohiii 5 days ago | parent | prev | next [-] | | In my ears that's just neglect? You assume your ORM does the basic data mapping right and don't verify it? | | |
| ▲ | marcosdumay 5 days ago | parent | next [-] | | > You assume your ORM does the basic data mapping right You know, it should. There's no good reason for an ORM to ever fail at runtime due to mapping problems instead of compile time or start time. (Except, of course if you change it during the software's execution.) | | | |
| ▲ | tossandthrow 5 days ago | parent | prev [-] | | No? The difference is to verify it ones for the orm VS ones for every single place your query. | | |
| ▲ | Yokohiii 5 days ago | parent | next [-] | | I have to respond here as I seemingly the depth limit is reached. As you've mentioned graphql you probably comparing ORM in that sense to an traditional custom API with backed by raw sql. In a fair comparison both version would do the exactly same, require the same essential tests. Assuming more variations for the raw sql version is just assuming it does more or somehow does it badly in terms of architecture. Which is not a fair comparison. | | |
| ▲ | tossandthrow 5 days ago | parent [-] | | The orm represents deferred organization. Ie someone else is testing mapping and query generation for you. An example is prisma. Prisma has a team og engineers that work on optimizing query generation and provide a simple and intuitive api. Not using an orm forces you to take over that organization and test that extra complexity that goes into you code base. It might be merited if you get substantiel performance boosts - but I have not seen any reasonably modern orm where performance is the issue. |
| |
| ▲ | Yokohiii 5 days ago | parent | prev [-] | | A raw query doesn't has to be repeated in every place it's required. Not sure what your point is. | | |
| ▲ | tossandthrow 5 days ago | parent [-] | | You will have a bigger variety of queries hwne you don't use an orm - this puts a higher load on software testing to get the same level of reliability. |
|
|
| |
| ▲ | 5 days ago | parent | prev | next [-] | | [deleted] | |
| ▲ | sgarland 5 days ago | parent | prev [-] | | > 50 ms p99 You realize that’s abysmally bad performance for any reasonable OLTP query, right? Sub-msec (as measured by the DB, not including RTT etc.) is very achievable, even at scale. 2-3 msec for complex queries. | | |
| ▲ | tossandthrow 3 days ago | parent [-] | | The is the response time for the server, not the database - which is appears that everyone but you understood clearly from the context. |
|
|
|
|
| ▲ | cpursley 5 days ago | parent | prev [-] |
| Guessing you are a Rails dev? |
