There is a shift happening right now that too many people are treating as harmless convenience.
People are starting to let tools write their SQL. Not snippets or suggestions, but full queries, and they are running them as-is.
That should concern you more than it does.
The Problem
Here is a simple example. A user asks Copilot for 'all customers who have not ordered in the last year'.
The generated query looks reasonable:
SELECT
c.CustomerID,
c.CustomerName
FROM dbo.Customers c LEFT JOIN dbo.Orders o
ON c.CustomerID = o.CustomerID
WHERE
o.OrderDate < DATEADD(YEAR, -1, GETDATE())
OR o.OrderDate IS NULL
ORDER BY
c.CustomerID;
GO
It runs. Returns data. Everything looks fine. But it is wrong.
Why is it wrong?
Adams has a recent order, but why is Adams in the result set? It does not return only the customers who have not ordered in the last year. Instead, it returns:
• Customers with old orders
• Customers with no orders
Those are not the same as 'have not ordered in the last year'. Adams appears because the JOIN returns multiple rows per customer, and one of those rows is an older order, which satisfies the WHERE clause. That single matching row is enough to include Adams, even though he has ordered within the last year.
This is the correct query:
SELECT
c.CustomerID,
c.CustomerName
FROM dbo.Customers c
WHERE NOT EXISTS
(
SELECT 1
FROM dbo.Orders o
WHERE o.CustomerID = c.CustomerID
AND o.OrderDate >= DATEADD(YEAR, -1, GETDATE())
)
ORDER BY
c.CustomerID;
GO
As you can see, the difference matters. A lot.
The Real Risk
That's a very small example and this is not about syntax errors. It is about logic errors that look correct, run fast, and quietly return the wrong data.
No error message. No warning. Just incorrect results.
Now let's scale up a bit:
• Financial reporting
• Auditing queries
• Data exports
• Application logic
If the query is wrong, everything downstream from it is also going to be wrong. Do you want your balance sheets or income statements to quietly include bad data?
It Gets Worse
The AI tools do not understand your data. Repeat. AI does not know your data, your business rules, your edge cases or your intent.
AI predicts patterns. That is all.
And sometimes those patterns are just convincing enough to pass review.
The DBA Problem
This is where things shift. The AI tool is not technically answering your question. It is generating a query that it predicts will match your question. It is a fine line between the two, but pattern matching is not the same as answering a question.
If AI misinterprets your request, misunderstands the schema, or guesses at relationships, the SQL can still run and return results that look reasonable.
If you're using AI to write your SQL, your job is no longer just to verify that it runs. It is also to confirm that the result actually answers the question that was asked.
The Bottom Line
If you did not write the query... You do not trust it blindly. Because 'it runs' is not validation, 'it looks right' is not proof, and 'it seems fine' is not a strategy.
More to Read
AI-generated code changes need debugging — Venturebeat
Closing the AI trust gap for developers
Why Text-to-SQL Fails — Omni
Text-to-SQL Accuracy: Why Semantic Errors Are the Real Problem — AI2SQL
No comments:
Post a Comment