What exactly does type-safe queries means?
QueryDSL and Criteria are libraries that try to enforce the data type validation when you assemble a query in JPA.
Just because JPQL is just a query that will be only verified on execution time, it's easy to write an invalid query that is not detected by the compiler. Of course, it's faster to fix things while you're coding than while you're running the app.
Of course, neither QueryDSL or Criteria can protect your query from all kinds of errors (data type related or not) but it's safer than JPQL.
On the other hand, writing queries in JPQL can be much easier and faster. Always the tradeoff :-)
An API is type safe if it leverages the type system of the programming language to prevent type errors. Specifically, QueryDSL enables the compiler to verify that
- all classes used in a query exist (no typos ...) and are persistent (i.e. mapped to a database)
- all properties used in a query exist for that object, and are persistent
- the resulting query is syntactically valid (no missing clauses or keywords)
- all operators receive operands of an acceptable type
Moreover, the expressive query api enables your IDE to provide code completion (also for domain classes and their properties), and refactoring support (if a property is renamed, you can simply rename it in the metamodel, and the IDE will rename in all queries).
As a side benefit, it's very difficult to write a query containing an SQL injection vulnerability.
In short, using QueryDSL instead of JPQL (or JPA critieria queries in the absence of a static metamodel) makes writing or changing queries faster and less error prone.