Ok. The main point was to discuss making languages that are better at preventing bugs. I simply threw out one to get the conversation started, not to be the final answer. Other thoughts?
You can't prevent injection bugs on a language level, since injection happens when you use string manipulation to dynamically create code that you send to another program. This means that it is just as easy to create SQL injection bugs in Haskell or Rust or any other language, because they all support concatenating strings to create SQL.
