1. 12
  1. 3

    Ugh… I know it’s not the point of the article but still hurts me to see sql that’s vulnerable to injections.

    1. 1

      Ah you’re right. Fixed it.

    2. 2

      I did this once when designing an in-house programming language. It was a DSL for statisticians and it compiled down to C++. To get the users working quickly, I changed the parser so that anything between double ‘@’ pairs was emitted directly as C++. It was a good way to get people working as the language was being developed.

      1. 1

        The repository offering an execSql method isn’t a punched-through abstraction. For example, where is that Transaction type coming from? The ORM? The ORM is also the DB abstraction layer?

        I assume the repository is initialised with a connection to the database. That connection and the whole abstraction around the DB is what the author decided “punched-through” to…

        My takeaway is that the author feels services should expose their dependencies.