Relation#where build BoundSqlLiteral rather than eagerly interpolate #51139
Conversation
Ref: rails#51139 Makes it more clear that the expected behavior really is.
Ref: rails#51139 Makes it more clear that the expected behavior really is.
|
Here's a quick & dirty rebase of my stash from when I was working on this: main...matthewd:rails:assemble-sql I don't really remember what state it was in at the time, sorry, but I'm guessing it was something other than "usable" -- at most it might be interesting as a sketch of the approach that I had in my head. |
casperisfine
force-pushed
the
relation-bound-sql-literal
branch
2 times, most recently
from
da28b5e
to
27facb9
Compare
Thanks for the link. There's definitely some resemblance with my PR, especially |
casperisfine
force-pushed
the
relation-bound-sql-literal
branch
2 times, most recently
from
1a144e3
to
03e8f44
Compare
|
IIRC the intention was to move all internals to compile, and leave sanitize as existing public API (at least pending deprecation) |
I see. So just a cleanup / consolidation. Deferring the quoting wasn't a concern. That helps! BTW, I'm on the fence between merging this pretty much as is, or trying to also support the named binds in the same PR. |
casperisfine
force-pushed
the
relation-bound-sql-literal
branch
from
03e8f44
to
ab5b9af
Compare
|
Alright, It now also handle The |
casperisfine
force-pushed
the
relation-bound-sql-literal
branch
2 times, most recently
from
dfcddbb
to
679a6c6
Compare
Ref: rails#50793 To make not caching connection checkout viable, we need to reduced the amount of places where we need a connection. Once big source of this is query/relation building, where in many cases it eagerly quote and interpolation bound values in SQL fragments. Doing this requires an active connection because both MySQL and Postgres may quote values differently based on the connection settings. Instead of eagerly doing all this, we can instead just insert these as bound values in the Arel AST. For adapters with prepared statements this is better anyway as it will avoid leaking statements, and for those that don't support it, it will simply delay the quoting to just before the query is executed. However, the `%` API (`where("title = %s", something)`) can't realistically be fixed this way, but I don't see much value in it and it probably should be deprecated and removed.
casperisfine
force-pushed
the
relation-bound-sql-literal
branch
from
679a6c6
to
8e6a5de
Compare
Ref: rails#51139 Makes it more clear that the expected behavior really is.
Ref: rails#51139 Makes it more clear that the expected behavior really is.
Ref: #50793
To make not caching connection checkout viable, we need to reduced the amount of places where we need a connection.
Once big source of this is query/relation building, where in many cases it eagerly quote and interpolation bound values in SQL fragments.
Doing this requires an active connection because both MySQL and Postgres may quote values differently based on the connection settings.
Instead of eagerly doing all this, we can instead just insert these as bound values in the Arel AST. For adapters with prepared statements this is better anyway as it will avoid leaking statements, and for those that don't support it, it will simply delay the quoting to just before the query is executed.
However, the
%API (where("title = %s", something)) can't realisticallybe fixed this way, but I don't see much value in it and it probably should
be deprecated and removed.
Also CC @matthewd because I noticed #46600 so it look like you were headed in this same direction? Perhaps you have some insights to share.