frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

SQL: Incorrect by Construction

https://chreke.com/posts/sql-incorrect-by-construction
17•ingve•3h ago

Comments

selimthegrim•1h ago
Wonder what the [check-constraints] part meant or if it's a placeholder.
taeric•45m ago
SQL is intended as a declarative query language. That it is not the correct tool for imperative processing of updates feels expected? And mostly fine?

Fair that things often grow beyond their original intent.

traderj0e•2m ago
You run into the same issues without using the weird imperative syntax in this article.
traderj0e•36m ago
I've encountered this dozens of times. It's not intuitive, but this implicitly locks the row from concurrent reads, where as SELECTing first won't:

  UPDATE accounts  
  SET balance = balance - 10  
  WHERE owner = 'alice' AND balance >= 10;
Another possible surprise, say two xacts do this at the same time:

  INSERT INTO foo(num) (
    SELECT 1 WHERE NOT EXISTS (
      SELECT * FROM foo WHERE num = 1
    )
  );
Without a UNIQUE on num, you get num=1 twice. Of course adding UNIQUE would prevent this, but what you might not expect is UNIQUE implicitly adds a lock too. So not only do you only get num=1 once, but also both xacts are guaranteed to succeed, which in some situations is an important distinction.

Schools teach that databases are ACID, but in most cases they aren't by default, and enabling full ACID comes with other caveats and also a large performance hit.

giancarlostoro•35m ago
This assumes you don't do any sort of caching or use distributed systems that can cache the data and choose to hold off to write it all to the DB. The cached system can show both users the in-process transactions as well.
traderj0e•29m ago
That introduces more questions, like are cache reads fully consistent
gonzalohm•24m ago
If you need concurrency design your system for concurrency.

Have a transactions table with the payer and receiver and calculate the current balance using the transactions.

Each transaction must have a unique Id (pk)

traderj0e•22m ago
That is actually worse, I've been there. It's good to keep logs like that, but you can't use that for locking, you need a separate balances table.

Edit: Well another option is to add a "pending" col and do three separate db xacts: 1. insert pending=true row 2. select balance with pending debits deducted (which ages out pending rows older than 1min) 3. update row to pending=false if successful. This is a useful pattern if you're waiting on an external system too, but not good in this case where you're just trying to update in one DB.

cozzyd•10m ago
your goal is to find if there is any combination of plausible transaction orders that results in a balance less than 0, so you can issue an overdraft fee.
traderj0e•6m ago
The original stated goal is that we want to disallow overdraft. If you want to allow it instead, then there are some followup questions like do you want to limit how much they could overdraft. But this is meant to be an example of race conditions, not a real world bank.
grebc•7m ago
This is the answer for any serious banking/accounting software.

Balance is calculated & stored after the fact from a known correct value.

chasil•15m ago
This document relies strongly upon Transact-SQL:

https://en.wikipedia.org/wiki/Transact-SQL

A more universal industry standard is SQL/PSM, which originated from Oracle PL/SQL:

https://en.wikipedia.org/wiki/SQL/PSM

Demonstrating the flaws in question in the PSM standard would be more useful.

Googlebook

https://googlebook.google/
382•tambourine_man•3h ago•588 comments

CERT is releasing six CVEs for serious security vulnerabilities in dnsmasq

https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html
144•chizhik-pyzhik•2h ago•44 comments

How to make your text look futuristic (2016)

https://typesetinthefuture.com/2016/02/18/futuristic/
47•_vaporwave_•48m ago•7 comments

Show HN: Needle: We Distilled Gemini Tool Calling into a 26M Model

https://github.com/cactus-compute/needle
125•HenryNdubuaku•3h ago•39 comments

Why senior developers fail to communicate their expertise

https://www.nair.sh/guides-and-opinions/communicating-your-expertise/why-senior-developers-fail-t...
227•nilirl•5h ago•114 comments

The Future of Obsidian Plugins

https://obsidian.md/blog/future-of-plugins/
219•xz18r•5h ago•88 comments

Rendering the Sky, Sunsets, and Planets

https://blog.maximeheckel.com/posts/on-rendering-the-sky-sunsets-and-planets/
348•ibobev•7h ago•32 comments

Quack: The DuckDB Client-Server Protocol

https://duckdb.org/2026/05/12/quack-remote-protocol
77•aduffy•3h ago•15 comments

Reimagining the mouse pointer for the AI era

https://deepmind.google/blog/ai-pointer/
66•devhouse•3h ago•55 comments

Dead.Letter (CVE-2026-45185) – How XBOW found an unauthenticated RCE on Exim

https://xbow.com/blog/dead-letter-cve-2026-45185-xbow-found-rce-exim
45•fedek_•3h ago•14 comments

Launch HN: Voker (YC S24) – Analytics for AI Agents

https://voker.ai
30•ttpost•5h ago•13 comments

Learning Software Architecture

https://matklad.github.io/2026/05/12/software-architecture.html
478•surprisetalk•11h ago•97 comments

Bambu Lab is abusing the open source social contract

https://www.jeffgeerling.com/blog/2026/bambu-lab-abusing-open-source-social-contract/
916•rubenbe•6h ago•318 comments

Show HN: Statewright – Visual state machines that make AI agents reliable

https://github.com/statewright/statewright
37•azurewraith•6h ago•9 comments

Beyond Semantic Similarity

https://arxiv.org/abs/2605.05242
8•44za12•1h ago•0 comments

Show HN: Agentic interface for mainframes and COBOL

https://www.hypercubic.ai/hopper
34•sai18•3h ago•14 comments

When life gives you lemons, write better error messages

https://wix-ux.com/when-life-gives-you-lemons-write-better-error-messages-46c5223e1a2f
76•luispa•3d ago•23 comments

Screenshots of Old Desktop OSes

http://www.typewritten.org/Media/
608•adunk•15h ago•316 comments

A Preview of the Future

https://unsung.aresluna.org/a-preview-of-the-future/
7•zdw•1d ago•0 comments

Postmortem: TanStack NPM supply-chain compromise

https://tanstack.com/blog/npm-supply-chain-compromise-postmortem
1047•varunsharma07•23h ago•435 comments

We accidentally recreated old Facebook

https://amrshawky.com/posts/we-accidentally-recreated-fb/
25•amr_shawky•2d ago•12 comments

Testing UPS Output Waveforms

https://www.lttlabs.com/articles/2026/05/12/ups-exploration
39•LabsLucas•4h ago•36 comments

Instructure pays ransom to Canvas hackers

https://www.insidehighered.com/news/tech-innovation/administrative-tech/2026/05/11/instructure-pa...
182•Cider9986•18h ago•170 comments

Text Blaze (YC W21) Is Hiring for a No-AI Summer Internship

https://www.ycombinator.com/companies/text-blaze/jobs/P4CCN62-the-blaze-no-ai-summer-internship
1•scottfr•9h ago

Canada’s Bill C-22 Is a Repackaged Version of Last Year’s Surveillance Nightmare

https://www.eff.org/deeplinks/2026/05/canadas-bill-c-22-repackaged-version-last-years-surveillanc...
136•Brajeshwar•3h ago•43 comments

Show HN: Gigacatalyst – Extend your SaaS with an embedded AI builder

28•namanyayg•4h ago•8 comments

The Real Story of Troy

https://storica.club/blog/troy-was-real/
38•cemsakarya•2d ago•17 comments

SQL: Incorrect by Construction

https://chreke.com/posts/sql-incorrect-by-construction
18•ingve•3h ago•13 comments

The Moth Story Map

https://themoth.org/dispatches/story-map
15•jxmorris12•3d ago•2 comments

They Live (1988) inspired Adblocker

https://github.com/davmlaw/they_live_adblocker
522•tokenburner•20h ago•169 comments