What are your use cases for noSql dbs? I haven't really found a reason beyond stuff like chat messages or logs, but even those tend to work perfectly fine with SQL.

I imagine they're pretty good for prototyping, but haven't really tried them out for that yet. Perhaps for cases where you're handling billions of records?

Whenever I see an ORM that supports creating and transforming objects in bulk, I can't help but think about the poor misdirected users who forced it to do that. It's an Object-Relational Mapper. It maps objects. The whole concept isn't designed for bulk operations, the point is that you add logic to each and every record and convert your operations to SQL so that you never have to keep a lot of them in memory.

A question to all software security specialists of devRant. Please, take it serious.

Is it fundamentally possible to restrict a SQL database like Postgres in a way that unintended SQL queries are impossible to execute? Perhaps in some kind of whitelist fashion. Is it possible to achieve the kind of security that will be just fine exposed to the outside world akin to "SQL queries in onClick handlers" scenario?

Or is this an uphill battle of never being able to moderate an infinite set of possible fraudulent queries?