Raw SQL, SQL Query Builder, or ORM?

👷 Join the FREE Code Diagnosis Workshop to help you review code more effectively using my 3-Factor Diagnosis Framework: www.arjancodes.com/diagnosis

I'm a data engineer. I almost always use raw sql because I can more explicitly optimize queries

Almost always raw sql. Here's why:
- I know exactly what I'm getting.
- The query can be run completely independent from my app.
- The query can be shared between multiple apps.
- I can always find a DBA who can read raw sql.
- I never have have to debug an abstraction for corner cases.
- Every single advanced feature of my database is supported and works exactly as documented.
- If I use a different language on a new project, my SQL knowledge is still valid.

My databases are typically complex. Never found abstractions around the SQL helped me. Just going raw SQL

I like SQLalchemy, but I think raw SQL is a very useful skill to master, it is been around for ages and it will be around in the future as well.

Note that, if you use e.g. Mapped[str] = mapped_column(...) - the nullability is also derived from the Mapped type. Mapped[str] would be NOT NULL in your cases, and you need either Mapped[Optional[str]] or Mapped[str | None] to allow NULL (or I believe set nullable=True explicitly)

The main problem with ORM is when you fall into the trap of stopping to think about and harness the power of the relational database model. You limit your possibilities and don't even notice. And I'm not talking about complicated queries here. Eg. with an ORM you can easily load big, deeply nested data from the DB into an Object. This is nice but can produce dramatic performance issues. This is not hypothetical. Been there, done that, didn't like the t-shirt.

Thanks for the video Arjan! It's always advisable to close the connection when you're finished querying.

Would be interested in a part 2 where you give your thoughts on which to use given the application use case. My understanding is an ORM can help with a multi-user application like a Web frontend, where throttling to the DB might be necessary.
In either event, it seems you need to know the SQL query you need (obviously) so would be a stretch to go above and beyond unless for performance or security.
Thank you!

Subscribed for the smoke-signal, sign-language, and Binary Clown-based SQL queries. glad I finally found a channel paying attention to the bleeding edge of clownbit accessibility 🙏

Love the channel Arjan! So grateful for your content! keep going!

I love taking a break, watching your channel and reading the comments. I think my brain grows every time.😂. I really like the implicit handling of transactions using ORM with SQLAlchemy. I think it just makes the code cleaner when working with tables that are unlikely to change. But when doing machine learning or exploratory data analysis the flexibility of SQL would certainly be the way to go.

A really nice feature I've seen experienced teams develop on top of ORM is some way to automate writing (or refreshing) those data classes by pre-reading tables in the database once. Seems like a natural addition to an ORM library.

Most of the tech debt I’ve come across has been caused by orm generated queries. It gets to the point where at scale you just have to use raw sql or you’ll be dealing with contention. Soft deletes, inserts are all a nightmare via ORMs. There are instances where an ORM will come in handy, such as building something quick, but it’s important to know the caveats of doing so; mainly that you’ll be hiring a sql person to refactor your ORM queries as you scale.

I've been struggling with this dilemma for quite some time now. Glad you made a video about it !

12:50 I deal with that in one of two ways:
* For some projects, there will be a schema file containing the requisite CREATE TABLE statements, included in the source tree and version-controlled along with everything else.
* For other projects, particularly ones using SQLite, the program itself will automatically create the necessary tables each time it is asked to create a new database, so the CREATE TABLE statements will be in the program source code.

I almost always use raw SQL. And when I do, I use the Jetbrains IDE, such as Pycharm Professional (not community version). It has such great support for database which amongst other things:
1) SQL syntax highlighting and SQL code completion from within the .py file
2) Ability to run SQL query from any SQL text string in the .py file directly to the query console
3) Provide ability to jump to SQL table or views definitions from python code...
I do love VS Code. But as much as I love VS code, when it comes to any Python code that I need to use raw SQL, Jetbrains IDEs just blows VS Code out of the water.
But of course, the con is it is not free :-)

I always prefer to use raw SQL, and I have been doing SQL for 30-plus years.

Thank you!

Exactly when I start to study a fastapi project made with sqlachemy ORM.😊. You help me a lot !! I think if project is simple ORM seems to be cool. Query builder looks like very cool also, easy and helpfull when your are a catastrophe like me in SQL 😀. Merci

Dapper, query builder, stored proc, ORM, raw SQL

Really great topic! I have experimented with ORMs but I just keep going back to raw SQL. I know exactly what's going on in my queries, I can get really nitty-gritty with optimizations, and it works with any language. It certainly can get rocky "manually" handling the mapping between python objects and their representations in a database, but there's no perfect solution for that I guess.

Can you speak to the advantages and disadvantages between data mapper pattern vs active record?

SQLModel, combine validation with pydantic and sqlalchemy In the same code.

A lot of people assume that the sole purpose of an ORM is to provide an abstraction over SQL. But the important thing about an ORM is that it maps result sets into objects. ORMs often (always?) do provide that abstraction layer over SQL but where we're often dealing with APIs that are expected to return result sets in JSON, it's the object mapping that's their most important function. Some ORMs take that "Object Mapping" idea a little to literally and only map data into "strict OOP" objects with some kind of class definition but often all we actually need is for the result set to be returned in a collection of nested dictionaries.

I was looking for a query builder and your video helped a lot in giving me a solution. Thank you.

I'd definitely stick with an ORM. For databases which are changing in the development phase you can use mirroring to have the ORM pull it's shape directly from the tables it's accessing.
Also, if you do run into a very tricky corner case where you need to construct a raw SQL query you can send that with the ORM, or you could create a view in the database itself and point the ORM at that.

I've only ever used an ORM when I first started out writing c# with entity framework. It was really good to be honest, but I moved to nodejs and for whatever reason I decided to go raw SQL and honestly haven't noticed any productivity loss. Thinking in SQL is actually very easy. It's algebraic after all.

I would be interested in your views on if and when to move these kind of queries to stored procs and just use procs instead. I understand there are benefits to that, but I'm not sure what the downsides might be beyond having an extra place that you need to keep track of changes to your logic when iterating on a particular feature.

Raw SQL definitely! Reducing the dependencies.

Thank you! I was just learning sql and getting in sql alchemy and was wondering this!

Hi Arjan thx for fine video.
SQLAlchemy has architecture is onion layered, so you can use Query Builder in sqlalchemy it is called Core. I usually use it with custom python slot-ed dataclasses.
I like the core does not change so often as ORM layer and provides:
- query flexibility (you can always fall back to text query)
- good protection against vulnerabilities
- tables definition and create_all metadata ( DataDefinitionLanguage )

Excellent content as always. Worth mentioning that ORMs might perform worse in some cases. And it's still very important to know SQL because you know.... Sometimes the abstraction magic doesn't work and you gotta look under the hood.

Peewee ORM. I like the flexibility of designing and using it with sqlite3 locally and not having to worry about whatever is going to be the production back-end. I usually set it up so i can swap back and forth between production and my local environment.

You should also do a video about Alembic. It's developed by the creators of SQLAlchemy and it integrates so well with it.

Nice viewo Arjan!. Well, I prefer the raw SQL approach. Jajaja, I have been checking sqlalchemy this year, and it looks really cool as well. Maybe I will use it in the future. I did not know anything about the Query Builder option, it is like a intermediate alternative between ORMS and RAW, great.

Hey Arjan, I started learning programing with Python, curently I work as SQL Developer and more spesificaly Transact-SQL (Microsoft SQL Server). I loved the power of ORM when I was learing to code with Python and Django. However now after I worked for so long with raw SQL I can honestly say there are some stuff that the database does that ORM can't, for example, reating indexes, stored procedures, optimising execuition palans and so on. Overall I believe even with ORM you can leverage it even more when you give a go learing sql database and how it work. Thanks for the video it was really cool to see.

I often use a hybrid of ORM and raw SQL:
Some more complex parts of a query I might write as raw SQL, then pass them into the ORM alongside more standard things like selecting normal columns and making reasonably simple joins.
I do sometimes use the SQLAlchemy `with_hint` method to force certain indexes to be used.
One very important thing to note about SQLAlchemy is that it has a `Core` and an `ORM` - I know SQLAlchemy 2.0 changes some of this up, but we are still on 1.x.
The `Core` side compiles statements, executes them and returns simple tuples of the raw data.
The `ORM` side can allow you to fetch an entire row of the table, loaded as a Python Class, meaning you can have your own custom methods defined on that class for calculated properties used later, or for common functions to update fields on the row all at once.
The ORM query can be much bigger (it will fetch all fields on a table), but can be powerful if you want are try to be Object-Oriented - you effectively treat each row of a table as an Object. Though, again, for many situations where speed of queries is important, you often just want to load the limited data you need and keep it quick.
(That said, SQLAlchemy have 'Bundles' which allow you to subclass the main Class for a Table and limit down the columns loaded - SOOOO helpful for speeding up some of my queries loading a half-dozen columns of a 30+ column table)
The SQL Injection protection is massive for a webapp if we are using customer input in the query (especially searches!) and resorting to raw SQL, even in part, needs that little more careful attention to prevent possibilities.

I've always preferred the raw SQL. I need to know it anyway, to find my way through the database, review and validate the data, etc. My approach, most of the time, is to design and test the SQL on its own, in a SQL editor. After that I integrate it in the client code, with the confidence that the SQL works.

While I like ORMs because they get you going fast on projects when you aren’t really interested in how the underlying queries are written / work, I’m in the camp of using raw sql and the native drivers for the languages I use (Java, Python or TS). It’s great because you can continuously practice your sql skills while writing app code, you can get full control over the sql and functionality and you can optimize right within the implementation.
Plus writing sql is fun.

Hi, Arjan. Nice video. I have a suggestion for an another video: SQL and NoSQL comparison. Think about this. Thank you.

Awesome video, as always but more I lean Python more I Like R functional way to work with data. I use raw SQL always.

much depends on your background, for instance, I don't expect many ORM users in data science field, where raw SQL is key tool itself... I also prefer raw SQL coz, in my eyes, additional abstraction layer introduces more complexity and risk of errors... from the other hand ORM seems natural in web world... diversity is beautiful ;-) very nice video Arjan, thank you!

One thing worth mentiong regarding ORMs. It's very easy to fall into the trap of creating the N+1 problem if joins are not added correctly. This is particularly apparently in Django ORM.

Once you enter a project that uses ORM, you realize you have entered hell.

SQLAlchemy is nice for *most* work, though it seems to get in the way when I want to execute some really complicated query. And beware of mixing raw SQL updates with orm activity, since the SQLAlchemy object cache doesn't automagically know what you've done if you alter data directly via a session.execute( ).

As a database dev i like the option of a database procedure with the sql there returning a ref cursor.

My strategy is: first ORM, and query builder only if required. Some query builders offer raw statements functions which come with string sanitization to avoid sql injections.

man your vides are awesome, thank you

6:16 Just a note that splitting things out into separate files will slow down loading, compared to having it all in the same file.

Very helpful discussion. Thanks for covering these topics.

Personally i prefer ORM, because they it gives more interface to work with and make my work faster

Great video uncle Arjan.

I mainly use the ORM (sqlalchemy) because I'm dealing with a very complex and extensive schema. It works well for development, in that it makes it easier/cleaner to write code. However, I've noticed that for large databases, using the ORM when retrieving objects (rows) is slow (by a lot!) compared to raw sql queries. I guess the overhead cost of creating python objects from the raw queries starts to add up. That's the one downside I've noticed with sqlalchemy.

I prefer raw queries. They allow for better optimization, and the SQL engine you use is far less likely to change than the programming language you access it from.
ORMs kinda bear additional overhead in that you need to define your schema twice(in you mappers and in your migration scripts), while the other two only need it defined in one place.
Also, no matter which you pick you're still learning and executing all of the same SQL concepts. I've kinda landed in the camp that the only scenarios in which an ORM is being used effectively are also scenarios where you don't actually need an ORM.

raw sql and prepared statements

Please talk about stored procedures. For mature schemas that contain deeply derived tables, I believe SPs to be arguably the best option for secure, efficient & idempotent inserts/updates.

useful..thanks

Django ORM, simple and integrated. Save so much work on most small/medium projects.
- Free admin interface (already debugged) with security, users, login, etc.
- Form conected to your models, etc.
When it’s not up to the task, you drop to SQL for the few queries where you need something special

I am trying to learn sqlalchemy but that's really hard. Hey I just found out about something called codon. You could do a video on that, the differences and the multithreading. That looks dope. Love your content!!!

Most ORMs are limited by supporting multiple databases since it forces usage of the lowest common denominator. In the case of postgres that means you leave 80% of the potential behind.

ORM can lead to abstraction leaks when its models appear everywhere in the application, which brings an additional pain if domain structure differs from storage structure.
So, I'm using ORM to manage migration and using almost raw-sql to interact with DB

If you're building a database heavy application (a CRM or reporting service) then it's worth investing in a proper DBA designed database and schema - it will allow you and the DBA to optimise and independently update the database for performance. That means using views over the raw tables, and using native SQL queries, and building an independent data layer.
You do miss out on the IDE helper features against the raw database tables. But you them move this data into native classes anyway and gain all that back in the logical data layer above the physical data layer.
However, if you're DB backend is not too heavy and complicated, then use an ORM to 'spin up a data store' and get moving quickly - and allow you to focus on the end-user functionality.
DB migrations are never easy - and trying to be DB independent is usually a poor choice.

Migration is important for me. With Django it is included, and for sqlalchemy you can use alembic. Therefore I would use ORM for sure.

I sometimes wonder if you can read my mind. Not for the first time, as I'm in the middle of wrestling with something python - boom, you drop a video on that exact topic! Thank you so much for this great overview.

8:02 DBMSes themselves usually provide some kind of introspection facilities, though this varies a lot. For example, SQLite provides enough information that you should be able to programmatically derive the entire database schema without having to parse actual SQL, while MySQL/MariaDB is a bit more limited.
The question is: do ORMs make use of this? Doesn’t seem like it.

You can add --sql in start line and vscode will be show pretty sql query

It depends :-) When starting from scratch with a smaller web project, an ORM is great. When adding to a bigger application, where parts are developed in different languages with a central database raw SQL often is the only option. I often saw, that complex queries where moved to stored procedures in the database and for another layer of possible validation, sanitation and security.

Useful information. Thank you! I'm curious what you think about SQLModel.

The fancier of a helper layer you use, like an ORM being fancier than query builder, the greater the risk that some security or other lacking feature bites you in the future. I see many older code bases having trouble due to unsupported or difficult to upgrade helper layers.

I guess what I'm curious about is what is the right way to persist Python objects to DB so that your applications state is sensibly captured? And then on the flip-side, how should application objects stored in DB be sensibly retrieved?

Great video! Another point to touch on are database migrations. With SQLAlchemy you can use Alembic to auto-generate your migration files based on your Python DB models. It's not perfect, but it does 90% of the job. With Raw SQL or SQL query builder you have to write migrations by hand. Would you still use Alembic to manage these migrations or something else?

You dont really need to define your schemas in code, you can also load them from the database's metadata.
I feel like saying "You NEED to write your schema in your code!" will turn away a lot of people from an ORM. Having the database itself as the source of truth makes a lot of things much simpler, because a change on the database will always be reflected in your code automatically.
This is very much relevant to the point you're making at 12:30. Basically, you import the schema from the database to your code instead.

Arjan, you could have demonstrated the built in SQLalchemy query language, using native python syntax to filter, group and so on to demonstrate that you don't have to learn sql at all. I think i the biggest strength of SQLAlchemy similiar to hibernate/nhibernate in java/C#

If there are multiple dataset that needs to be merged (which is often the case since you use relational tables to optimise a database), I always stick with Raw SQL. I also find time zone manipulation a huge pain in any scripting language whilst in SQL it typically a 1 line change.

As a data analytics engineer, I personally use raw SQL most often to keep queries portable between apps and people, and to make optimization easier.
Something which always bothers me: SQL is great, but it's sometimes not as testable as something like PySpark Dataframe API or functions built on ORM. There is value in specifying a query plan in chunks that may be isolated and re-used...though it doesn't always work out as nicely. SQL tends to demand more integration testing, which is fine too.

I love SQL, It Is really a great DSL once I learn It properly. I read also a couple of great Brooks from Joe Chelko which are really informative. While I also appreciate query builders I actually use ORMs in production, because migration are vitali in a project life cycle. Nice video

I didn't know something like a query builder existed. I've never really been a fan of SQLAlchemy as it just seems so overly complicated. I've used Peewee a little bit, and it seems much cleaner and more Pythonic.

Would be good to mention n+1 queries with ORMs

Great video :) as always

I like Sqlalchemy as it gives you ORM and Core so you can choose to do SQL with Core if you need it for something more complex than is practical with the ORM.

raw SQL is my personal favorite

what do you think of sqlmodel?

Given that I mainly inquire about metadata related topics such as listing views, tables, columns, and data types using various database providers (both cloud-based and on-premises), what would be the optimal choice for me (if it even makes any difference)?

Great content Arjan and team! Can you make something for DynamoDB? Do you recommend any libraries for that?

SQLmodel for me. I really wanted to like SQLAlquemy but we never became friends. Second favorite: Raw dogging the DB wit plain SQL.

ORMs are harder to profile, debug and maintain in general.
Usually you need to invest quite some time in learning them and their quirks, pitfalls hidden behind the abstraction. It looks like SQL, tastes like SQL, but it really isn't.
Type Safe query builders are very good and a lot of the time really fast to master if you know the RAW staff, which you should anyway, even if you decide to use ORMs.
Also when choosing ORMs you usually lose performance, sometimes very badly, and it is harder to pinpoint when and where.

Didn't think the code using SQLAlchemy would look so ugly. I've been using Peewee, and the code is usually clear and concise.

I'm a data cientist and I use raw SQL. Now I am writing a internet app for my wife's company and deciding which approach I must use. And with your video I decided: raw SQL. ORM can't use all the potencials that a SGDB could give. Thanks for the video.

30 years of writing SQL. An ORM such as sqlalchemy gives you the ability to compose SQL in parts. I usually write the sql and then build the sqlalchemy. This is not really 'object relational mapping' but more of an abstraction. A lot of the time my query is using the metadata and does not even have a class for the table.

Have worked with all 3 actually. At the end of day, question is what i want from the product i'm working on?
raw SQL tend to be the fastest option and ORM the slowest. However, if you do not have a super time sensitive task, i'd stick to ORM. When you are working on a massive codebase, the last thing you want is the ugly complexity of raw sql. debugging is a massive pain.
query builders are pretty good, but a bit too verbose for me personally. If i'm working with rails, i'd absolutely stick to ORM Active Record. Nothing beats the comfort that it provides. If django, i'd go for a query builder. And for nodejs, once again, query builder. I don't know any good ORM for node though so that's a reason and knex is pretty good.

What is lost is the use of SQLite itself. For other DBMSs, they provide a driver which is usually a dynamic C library. This library may be written differently depending on the different standards for defining APIs or it may be a custom API for the database itself, such as ODBC, etc. Eventually, this API can be used with a protocol, for example, when connecting to a certain database, you need to send this URL and the username and password.
But for SQLite, interestingly, the driver itself is part of the database

Could you please alaborate on the difficulty (or it's absence) to evolve/regress the application schema and code between releases ?

I would partially disagree about the disadvantages of ORMs in the design phase.
If you change your DB structure in the ORM model, you will instantly get notifications about code that needs fixing via the IDE. If you hand code the DB, you will have to fix any now dysfunctional SQL queries spread out in the code manually, easily leading to missed issues. A now slightly incorrect query might still give a result, and could easily be missed, leading to really hard-to-find bugs.

2:55 Have you looked at apsw? I prefer that to the standard Python sqlite module.

I'm a java developer, and we use spring jpa + hibernate orm.
Most say that I'm conflicted, in the one hand, hibernate makes the whole process of working with the db as an entity so much easier and smooth, on the other, when it comes to preformence, it can be a pain to optimize it.

It’s personal preference. I prefer writing SQL. Well, I do SQL for 25 years, so it’s muscle memory for me.
But I do understand people who prefer ORMs. In big projects I use stored procedures, materialized views, etc. I recently learned that some people think this is bad practice.
Well, in the end, a software must do it’s job and the customer must be satisfied.

Curious to know from those using ORMs if mapped columns are common

I would like input on how to construct hierarchical data structures when joining relation tables. Say I have a one-to-many relationship and would like the many-part to be a list on level down of the parent it belongs to. How to best get an SQL-result into this structure in Python (automatically, or close to it)?

Hi Arjan, about a year ago I was learning SQL with PostgreSQL and eventually MySQL. My first programming language was SQL before jumping onto python. My SQL is a bit rusty now I am learning Django's ORM and I must say personally I prefer raw SQL versus the ORM. The ORM doesn't feel as powerful as SQL from MySQL or POSTGRESQL. Now the question is, how can I use a SQL database on my Django project versus using an ORM? I would prefer to open up the MySQL and creating the database, tables and rows myself versus using an ORM for my project, but I haven't figured it out yet. Thanks for the video.