Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1ujd0M-009zwi-7T for pgsql-general@arkaria.postgresql.org; Wed, 06 Aug 2025 12:12:26 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1ujd0J-00FYOV-Im for pgsql-general@arkaria.postgresql.org; Wed, 06 Aug 2025 12:12:23 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1ujd0J-00FYOK-7k for pgsql-general@lists.postgresql.org; Wed, 06 Aug 2025 12:12:23 +0000 Received: from mail-yb1-xb29.google.com ([2607:f8b0:4864:20::b29]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96) (envelope-from ) id 1ujd0H-0013iL-0J for pgsql-general@lists.postgresql.org; Wed, 06 Aug 2025 12:12:22 +0000 Received: by mail-yb1-xb29.google.com with SMTP id 3f1490d57ef6-e9033498768so211167276.2 for ; Wed, 06 Aug 2025 05:12:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1754482340; x=1755087140; darn=lists.postgresql.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=GCbMkOOsCuLB9s6O0UU84t9rh59v3s3BdV1c6+kHTw8=; b=i7UraWmxYlEK0L92EBD5I4FjdGRA9ZyZzahzxObrIKzUYQPU7q1depbru4u5y0C9E0 p8RvifrIc9NV4ORu++fF7509BqSw9mELfmMGa0Poe+URFvjvdgoY9wLxerp+KH6t9+uS 688ddbXOHqfuBEM4qGiNwD4u3fljSk2+siC7MSXob2GY7R1dlUGQ7jkw7dqWUdCJREEG NjzJdMmHF+IJTItSVgvIGMJhuFZdChEkLj86iU9CQAvRayRv75m8rKxYixpYlxBnM7MJ 1zLdWVVUFRJ8lMzYUDp2i8fh4GNypSihg+5b089qvcUsWT393q3BuUMW9dMzf6E9NRdW D+Ng== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1754482340; x=1755087140; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=GCbMkOOsCuLB9s6O0UU84t9rh59v3s3BdV1c6+kHTw8=; b=jIqUFnqTMgDlGCWHOhLz+/3dTD8+JljLUlv2V/EC/rhUDIBSYsX7JMfovJbumXP/GJ ZZbDrWeCzjUvu9yryxPEiVJ43G0AHixtkk1RY7sv/6ks/n0FB73WxH/Z3m2LG1BovvAI HWw1xW2+ftYirAN74MtVcit3Nkkp1WszHHweyVX2RGcuB1wvRYsX4EVI9ZYVlbfAo5eZ Y9hyHwgvkWObCK289S+DFpWFi9gMz4Fc1g5bZrjKAHok0c2Pl5RF7lpCy5DEh8rtsYZx 7ZiJsjf/jQ77txrzG0dJDxeUNEAnBWAbh8dPGwfqZJMQ/eZucdd8DmolI/MSpI26tLrh WnTw== X-Gm-Message-State: AOJu0Yxu4lBPKAAHelOJHDC2qUbBut8LOcpNcfA3fH/dWtNNNHOrpyvr /3U+wSdK55MfC6qWE7ouHkttCzoV6GioYDIvVQdonAaBX18eqYmZBbysLscdY0Qx1nhNhKVFbP/ VfJgwfE8UhniFawRAhiRWvznDV43Kn4A= X-Gm-Gg: ASbGncsv70SwAHJLrA9wHxrJTlqAGlvCHd3XRVtv6Nz58+Ri7YVeUlu4JCrZOeBDroB hDDVQPbp3XMupXts/rkEyf++oN8vGs88VmPPJ44K+G8c8rbIEUXzKNfqWEeGh9nWGjbsoZweNz1 UyxLN4cXapZqNrStriuDlDKmDxJitHB/zXW4rQdm0h6s8BW65qOK6VslAGCNMg5Sd0jXSDt6y84 vlW6+oLIKt17s8q7cTzd7GDTF30lwfzvePG+LadptX67BgccJw= X-Google-Smtp-Source: AGHT+IHx1LP1EJXMmo/gMVjOOZS68Cn4PzelALJ56b3wt/GZ3ftYf1fGnf/mSjObTTBWNJ7jEsIlTqPHScvqJttEOEY= X-Received: by 2002:a05:6902:6319:b0:e8d:fb81:8850 with SMTP id 3f1490d57ef6-e90287a5777mr3102289276.21.1754482339773; Wed, 06 Aug 2025 05:12:19 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Pavel Stehule Date: Wed, 6 Aug 2025 14:11:43 +0200 X-Gm-Features: Ac12FXxzglbjhWAHTmqVKA-UNfc10yH2cCzjMkBsUzRabAJYaRzKjWXRyFOjm3k Message-ID: Subject: Re: Stored procedures or raw queries To: Simon Connah Cc: pgsql-general@lists.postgresql.org Content-Type: multipart/alternative; boundary="000000000000a0827e063bb14095" List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk --000000000000a0827e063bb14095 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi st 6. 8. 2025 v 14:04 odes=C3=ADlatel Simon Connah napsa= l: > Hi, > > I'm pretty new to PostgreSQL and am building a simple website with it. > > My main question is whether I should use stored procedures / functions > or whether I should embed raw SQL queries in my backend? I understand > that procedures are faster as it cuts down on the round trip speed and > the database can optimise it better. > > On the other hand raw SQL is much easier to manage as you just change > the query in your bankend code without having to apply changes to the > database at deployment time of your backend. > > What is considered the best approach? My backend is written in Go if > that makes a difference. > The query executed from the stored procedure is executed with almost the same speed as the query executed from the application. There can be a small benefit from cached plans, but you can cache plans too from application. The sense of stored procedures is in possibility a) an reduce a necessity to transfer data from server to client, the network communication can be reduced b) with security definer function you can implement some very strong security solution c) with stored procedures you can implement your own rules related to data integrity and security. Stored procedures are executed on the server. There is no way this can be bypassed. Just for performance of queries there is not any benefit for stored procedures Regards Pavel > > If you need any additional information then please let me know. > > Simon. > > > --000000000000a0827e063bb14095 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi

st 6. 8. 2025 v=C2=A014:04 od= es=C3=ADlatel Simon Connah <simon@co= nnah.dev> napsal:
Hi,

I'm pretty new to PostgreSQL and am building a simple website with it.<= br>
My main question is whether I should use stored procedures / functions
or whether I should embed raw SQL queries in my backend? I understand
that procedures are faster as it cuts down on the round trip speed and
the database can optimise it better.

On the other hand raw SQL is much easier to manage as you just change
the query in your bankend code without having to apply changes to the
database at deployment time of your backend.

What is considered the best approach? My backend is written in Go if
that makes a difference.

The query exec= uted from the stored procedure is executed with almost the same speed as th= e query executed from the application.

There can b= e a small benefit from cached plans, but you can cache plans too from appli= cation.=C2=A0

The sense of stored procedures is in= possibility

a) an reduce a necessity to transfer = data from server to client, the network communication can be reduced
<= div>
b) with security definer function you can implement some= very strong security solution

c) with stored proc= edures you can implement your own rules related to data integrity and secur= ity. Stored procedures are executed on the server. There is no way this can= be bypassed.=C2=A0

Just for performance of querie= s there is not any benefit for stored procedures

R= egards

Pavel

=C2=A0
=

If you need any additional information then please let me know.

Simon.


--000000000000a0827e063bb14095--