>But programming language types are different than SQLite types so that's already a mismatch that could introduce errors.
No...because they can be boiled down to the sqlite types and again it doesn't matter if you properly validate the data on insertion which you should be doing.
>Also, there is much more boilerplate in man-in-the-middle-ing each database query to validate data rather than have a single entry point which validate the data types which is the database.
No...because they can be boiled down to the sqlite types and again it doesn't matter if you properly validate the data on insertion which you should be doing.
>Also, there is much more boilerplate in man-in-the-middle-ing each database query to validate data rather than have a single entry point which validate the data types which is the database.
No...you don't validate queries..you validate insertion
>Also, using any in-database feature like functions or triggers should also have this security baked in but won't due to SQLite's missing validation.
You don't need to depend on it...because you validated on insertion.