Comment by withinboredom
7 hours ago
Most teams I've been on will automatically reject a PR writing raw sql due to maintainability concerns. I would never consider it in a professional context unless it can be done in a way that guarantees it is easy to maintain without using concatenation.
Most ORMs don't have the SQL tools we did to sanitize variables when putting them into queries. Some do, but not all.
No comments yet
Contribute on Hacker News ↗