Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1ujebT-00AKCb-MZ for pgsql-general@arkaria.postgresql.org; Wed, 06 Aug 2025 13:54:52 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1ujebS-00G5g6-LC for pgsql-general@arkaria.postgresql.org; Wed, 06 Aug 2025 13:54:50 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1ujebS-00G5fv-8u for pgsql-general@lists.postgresql.org; Wed, 06 Aug 2025 13:54:50 +0000 Received: from mail-ej1-x62c.google.com ([2a00:1450:4864:20::62c]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96) (envelope-from ) id 1ujebP-0014e4-34 for pgsql-general@lists.postgresql.org; Wed, 06 Aug 2025 13:54:49 +0000 Received: by mail-ej1-x62c.google.com with SMTP id a640c23a62f3a-af949891d3aso622846266b.1 for ; Wed, 06 Aug 2025 06:54:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1754488487; x=1755093287; darn=lists.postgresql.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=uMmbQ3W5aEM1M8Xvkh8JghBNbnn0ebN3csOLK6Ikgyo=; b=TIFrQ+M7ptbyrBZwy871RD+Wuz6vTq6U12TPfHTiSzz5HhvwYFHrwxKJtegm3PBViF 5pj+hv6FJAekNiaclRLRNIP5JB9KatSaE6Pl0OKQMEk7rsgMblYNKEgCDTA9flp+/UpH f4t0YgtPc29JV62pTpiF2kcLEB5PafWUH6kYgV33d2Am/yOtKGGV9dChtRnUupengylO 6Tu1BPeeFUwIJFbYMQJ0MpECM7ECYBP+ZWX+ZHEl6K2kPEKN57+TiIEVUjlvreOEIJ14 x6RCxl0hUM8mLZTuYvrn6jNiv5rAPT4NJ2FpbNQWZaKrPoPr7+N67xnAGiAzdXsoPmt3 IeJQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1754488487; x=1755093287; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=uMmbQ3W5aEM1M8Xvkh8JghBNbnn0ebN3csOLK6Ikgyo=; b=cSApcpGdfg54HMc5JWEmTjE5chMDVwWKBKebWSCAIdtZcGgCW4DAIu50TSQr5xCZDx 2U0Ma5Jjvvbbfj8x4JZb3gJ3Fb7VDuvn+k5FyG7huCFY4kfKfsK2U6rwBlIWSoFGdrBK F+ey1K9KKpeDdwBghnd1RJj4zgpUWij1/sP8KFnjBtEUgZvLx3pxrKPbu35q0MSIrAMO PTB0m9aj2VWoqnEbRjZflOz9og5leFA84kNUiKyLhfuGLWObmS2b8yEtnANf6OksGGc2 gDuptUtF9PAZv3neMkDLxJNG4qALgk6H2bup2cwfGKLjT236jGnZnfP/1VWbyn+sPjRH 6Vcw== X-Gm-Message-State: AOJu0Yzz4auMwu9VqOsTohzEKPALSy0eqx2VOfkCsIWPYo8KV80q9qxG UPPyZaicMX2/Pcv8m8/vq2O6nOrtkEndGkqkvdthyeOxnW+PQ4PS2Nd77IDjpyW4FKesGQB4xbd oLoi1cA4U7z27PZyg8tlpXfaawhWeZqQ= X-Gm-Gg: ASbGnctpENAxOO2j3SJCpODj3xsZQqeWHA/llC9CUSnt2rd9mRUkWZR1VEC+R+fle5a Cv8HUiVdJ4bFEKi1l/PfXt3ZSK1kzopKTuYDb+z57tuTz7brh9Jwmc/49csrMMWoHNyUIB5aPv6 qY+czHjdGf8ViBghaMTkomPbg/8cbhRL3bG8FkRAD2pKOA48WwWNRy78xFDqQxgYsUXKXlCSY+c YeZC5oe X-Google-Smtp-Source: AGHT+IFUEITd/J3qIwKMfLT77aVl5K62pNVb7ywVVqdD4u95/+Z6wNEY4DZijEINCoosg0mP/bTVilEuCVnjeiTxLHQ= X-Received: by 2002:a17:907:6eab:b0:ad8:9a3b:b274 with SMTP id a640c23a62f3a-af9904a4c50mr286114566b.52.1754488486469; Wed, 06 Aug 2025 06:54:46 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Marco Torres Date: Wed, 6 Aug 2025 07:54:33 -0600 X-Gm-Features: Ac12FXzDKeSvL_KSE-VQJI8zR3gFqc4pl94n7lcLH4wKDWANcT3PE0EzTrCoSv8 Message-ID: Subject: Re: Stored procedures or raw queries To: Dominique Devienne Cc: pgsql-general@lists.postgresql.org Content-Type: multipart/alternative; boundary="000000000000ffa515063bb2ae39" List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk --000000000000ffa515063bb2ae39 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable In my experience, starting with store procedures in a project might seem overwhelming. Still, as time passes, and your deliverables output grows, it becomes easier to maintain and improve your products. It is just a different paradigm that allows you to focus on improving your code everywhere. Remember, the database is often neglected until you start facing problems. Use indexes and partitions from the beginning. Archiving and replication might sound unnecessary at the moment; however, dealing with their implications in production is just a pain. On Wed, Aug 6, 2025, 7:43=E2=80=AFAM Dominique Devienne wrote: > On Wed, Aug 6, 2025 at 2:04=E2=80=AFPM Simon Connah wr= ote: > > My main question is whether I should use stored procedures / functions > > or whether I should embed raw SQL queries in my backend? I understand > > that procedures are faster as it cuts down on the round trip speed and > > the database can optimise it better. > > > > On the other hand raw SQL is much easier to manage as you just change > > the query in your bankend code without having to apply changes to the > > database at deployment time of your backend. > > That depends. Our backend is configured on the fly using code and the > test's fixture, since our schemas are dynamically generated from > higher-level logical constructs. Even if you use .sql files, you can > run those yourself at test time. Creating/dropping a DB is fast, it's > just a folder after all. In this manner, client-side vs server-side > stored-proc for your code matters much less, as both are "dynamic" any > time you run. And FWIW, we started having tons of SQL in the > client-code, and are migrating to server-side for some of it, but for > privilege escalation via SECURITY DEFINER reasons (because it's a > 2-tier system), which doesn't sound like it applies to your use case. > Sprinkling RAISE NOTICE (or similar) in the server-side code helps > with debugging it, when it grows more complex, be sure to install a > notice-handler to get them client-side. But if you want to keep things > simple, sure, keep the SQL client-side. Another use-case for > server-side is to cut down on round-trips, which matters to us, since > 2-tier, and the client-side can be "far" away from the server, but in > a web-app scenario, that's unlikely, so again, doesn't apply to you > I'm guessing. FWIW. --DD > > > --000000000000ffa515063bb2ae39 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
In my experience, starting with store procedures in a pro= ject might seem overwhelming. Still, as time passes, and your deliverables = output grows, it becomes easier to maintain and improve your products.

It is just a different paradigm th= at allows you to focus on improving your code everywhere. Remember, the dat= abase is often neglected until you start facing problems.=C2=A0

Use indexes and partitions from the= beginning. Archiving and replication might sound unnecessary at the moment= ; however, dealing with their implications in production is just a pain.


On Wed, Aug 6, 2025, 7= :43=E2=80=AFAM Dominique Devienne <ddevienne@gmail.com> wrote:
simon@connah.dev> wrote:
> My main question is whether I should use stored procedures / functions=
> or whether I should embed raw SQL queries in my backend? I understand<= br> > that procedures are faster as it cuts down on the round trip speed and=
> the database can optimise it better.
>
> On the other hand raw SQL is much easier to manage as you just change<= br> > the query in your bankend code without having to apply changes to the<= br> > database at deployment time of your backend.

That depends. Our backend is configured on the fly using code and the
test's fixture, since our schemas are dynamically generated from
higher-level logical constructs. Even if you use .sql files, you can
run those yourself at test time. Creating/dropping a DB is fast, it's just a folder after all. In this manner, client-side vs server-side
stored-proc for your code matters much less, as both are "dynamic"= ; any
time you run. And FWIW, we started having tons of SQL in the
client-code, and are migrating to server-side for some of it, but for
privilege escalation via SECURITY DEFINER reasons (because it's a
2-tier system), which doesn't sound like it applies to your use case. Sprinkling RAISE NOTICE (or similar) in the server-side code helps
with debugging it, when it grows more complex, be sure to install a
notice-handler to get them client-side. But if you want to keep things
simple, sure, keep the SQL client-side. Another use-case for
server-side is to cut down on round-trips, which matters to us, since
2-tier, and the client-side can be "far" away from the server, bu= t in
a web-app scenario, that's unlikely, so again, doesn't apply to you=
I'm guessing. FWIW. --DD


--000000000000ffa515063bb2ae39--