The point about a binary protocol is interesting, because it would inherently solve the injection issue.

However, constructing an ad-hoc query becomes tedious, as you’re now dealing with bytes and text together. Doing so in a terminal can be pretty tedious, and most people would require a tool to do so. Compare this against SQL, where you can easily build a query in your terminal. I think the tradeoff is similar to protobuf vs json.

You could do a text representation (like textproto), but guess what? Now injection is an issue again.

Another thing would be the complexity of client libraries. With SQL client libraries, the library doesn’t need to parse or know SQL - it can send off the prepared statement as-is. With a binary protocol, the client libraries will likely need to include a query builder that builds the byte representation since no developers are going to be concatenating bytes by hand, which makes the bar higher for open-source libraries. This also means that if you add a new query feature to your DB, all client libraries will likely need to be updated to use the feature.

And you’re still going to need to tune and optimize queries for this new DB. That’s just the nature of the beast: scaling is hard especially when you can’t throw money at the problem.

Quite frankly, it’s a lot of hard tradeoffs to not need to use prepared statements or query builders. Injection is still is an issue for SQL today, but it’s been “solved” as much as it possibly can.

I’ve been using Jooq to build my queries (and run them). Beats the hell out of writing prepared statements in strings.

Not sure what power I’m missing though, I’ve been able to do everything via Jooq that I want to do.

I’m calling the cops

Not understanding the true power you wield or the consequences of your actions

Sibling, I make CRUD apps with React and Python. I don’t think it’s that dramatic lmao

Stanford Prison Experiment rears its head again.

My gf pronounced it Leemy once, and I’ve never let her live it down

I just checked Airbnb prices in Austin with flexible pricing for a weekend, and the only way I could even sniff $100 a night is if I turned on “Display total price,” which factors in the cleaning fee. Turning it on rockets up the price.

The cheapest place that gives you the whole place to yourself on Airbnb is the Holiday Inn lol.

Which again, supports my experience of hotels being competitive. They’ve only just given you the option to turn on “Display total price,” so if you’re browsing Airbnb’s before, the price didn’t include the exorbitant cleaning fees which is how the owners hid their prices.

Maybe worth taking a look at those receipts in your email to see if you actually paid $100 a night. If 90% of people are complaining, either your a genius or it’s actually a real issue ;)

True, but are Airbnb’s even cheaper than hotel rooms anymore in cities?

Only time I’ve found that to be true is when you have a lot of people, getting a single Airbnb can be cheaper than multiple hotel rooms. Otherwise, Airbnb’s basically are similar in price or negligibly cheaper.

Even audited source code is not safe. Supply-chain attacks are possible. A lot of times, there’s nothing guaranteeing the audited code is the code that’s actually running.

Have you seen the dependency trees of projects in npm? I really doubt most packages are audited on a regular basis.

It’s a good bet. Breaking habits is hard, but removing some people’s preferred way of using Reddit forces them to go cold turkey. It’s a great opportunity for all the alternatives.