Go Icon

Go

Go is a programming language built to resemble a simplified version of the C programming language.
461 Stories
All Topics

Go Time Go Time #198

The little known team that keeps Go going

Ever wonder how new features get added to the go command? Or where tools like gopls come from? Well, there’s an open team that handles just those things.

Just like the programming language itself, many of the tools that Go engineers use everyday are discussed and developed in the open. In this episode we’ll talk about this team, how it started, where it’s going, and how you can get involved.

Go github.com

A highly customizable and lightweight framework for crafting Go CLIs

Nice is a highly customizable and lightweight framework for crafting CLI apps.

Nice respects idiomatic Go code and focuses to be clear, efficient and easy to write and maintain.

You can use it as a full-featured non-opinionated framework or use any nice packages as stand-alone libraries.

I’m a big fan of the similar projects section in the README. Classy!

A highly customizable and lightweight framework for crafting Go CLIs

Tom Payne github.com

Easy, secure dotfiles management with chezmoi

Here’s how Tom Payne describes his project:

chezmoi is a popular dotfile manager (currently over 4.5K stars on GitHub and increasing quickly). chezmoi helps you get your prefered environment synchronized across multiple machines (e.g. your home desktop, your work laptop, and a temporary development container in the cloud) while easily coping with differences from machine to machine and keeping all your secrets safe either with your password manager or encryption. Using chezmoi feels very much like using git (and indeed it builds on git). chezmoi is easy to install, quick to start with, runs everywhere, and scales from managing a handful of files on one machine to complex multi-machine set-ups with hundreds of dotfiles and plugins.

Getting a new machine set up looks like:

$ sh -c "$(curl -fsLS git.io/chezmoi)" -- init --apply <github-username>

My dotfiles “manager” is just a combination of git clone and setup.sh, but if I used many machines I’d probably reach for something more robust like this. If you’re already using a manager for yours, here’s a comparison guide of how chezmoi stacks up to other popular options.

Go github.com

GoKart – a static analysis tool for securing Go code

Static analysis is a powerful technique for finding vulnerabilities in source code. However, the approach has suffered from being noisy - that is, many static analysis tools find quite a few “vulnerabilities” that are not actually real. This has led to developer friction as users get tired of the tools “crying wolf” one time too many.

The motivation for GoKart was to address this: could we create a scanner with significantly lower false positive rates than existing tools? Based on our experimentation the answer is yes.

See also: npm audit and the shortcomings of security-focused static analysis tools.

Go Time Go Time #193

Caddy V2

Matt Holt joins Jon Calhoun to discuss Caddy, its history, and the process of creating a v2 of the popular web server. In the episode they discuss some of the challenges encountered while building the v2, reasons for doing a major rewrite, and more.

Go Time Go Time #192

Data streaming and Benthos

Mihai and Ashley join Jon to discuss data streaming. What is it, why is it being used, and common mistakes developers make when setting up. They also discuss some of the tools in the ecosystem, including Benthos, a tool created by Ashley Jeff’s to make the plumbing part of data streaming easier to get right.

Ahmed github.com

Deploy databases and services easily for dev and testing pipelines

Peanut provides a REST API, Admin Dashboard and a command line tool to deploy and configure the commonly used services like databases, message brokers, graphing, tracing, caching tools … etc. It perfectly suited for development, manual testing, automated testing pipelines where mocking is not possible and test drives.

Under the hood, it works with the containerization runtime like docker to deploy and configure the service. Destroy the service if it is a temporary one.

Technically you can achieve the same with a bunch of yaml files or using a configuration management tool or a package manager like helm but peanut is pretty small and fun to use & should speed up your workflow!

Deploy databases and services easily for dev and testing pipelines

Productivity github.com

A Unix-style personal search engine and web crawler for your digital footprint

Apollo is a different type of search engine. Traditional search engines (like Google) are great for discovery when you’re trying to find the answer to a question, but you don’t know what you’re looking for.

However, they’re very poor at recall and synthesis when you’ve seen something before on the internet somewhere but can’t remember where. Trying to find it becomes a nightmare - how can you synthezize the great material on the internet when you forgot where it even was? I’ve wasted many an hour combing through Google and my search history to look up a good article, blog post, or just something I’ve seen before.

If you scan Apollo’s README, you’ll know the author has put a lot of thought into this project. The more I grokked it, the more I thought of Monocle (which we’re doing an episode about soon). Turns out, it’s a direct inspiration (along with Serenity OS for the design).

Go Time Go Time #189

Do devs need a product manager?

What is a Product Manager, and do Engineers need them? In this episode, we will be discussing what a Product Manager does, what makes a good Product Manager, and debating if engineering teams truly need them, with some tech companies going without them. We are joined by Gaëlle Sharma, Senior Technical Product Manager, at the New York Times, leading the Identity group.

Go Time Go Time #188

SIV and the V2+ issue

Go modules brought about quite a few changes to the Go ecosystem. One of those changes is semantic import versioning (SIV), which has a fairly pronounced effect on how libraries are identified. In this episode we are joined by Tim Heckman and Peter Bourgon to discuss some of the downsides to these changes and how it has lead to what a subset of the Go community refers to as the “v2+ problem.”

Alex Ellis blog.alexellis.io

I wrote a book about Everyday Go

This is my third eBook on Go, and it’s one of the ways I’m supporting my time to make open source contributions and lead the OpenFaaS community. The book covers samples, examples and techniques that I’ve learned over the past 5-6 years.

The point is not to be an 800-page tomb with tenuous links between content, but code from real open source applications that are run in production at scale.

There’s been over 300 copies sold already and I’m offering a money back guarantee if anyone should feel it didn’t meet their expectations.

Security github.com

Security health metrics for open source projects

This project is a formalized list of checks that can be run against an open source codebase and a Go-based tool to run those checks and provide a report on the project’s health. Here are a few of the checks it runs, to get an idea of what it’s all about:

  • Does the project use fuzzing tools, e.g. OSS-Fuzz?
  • Does the project cryptographically sign releases?
  • Does the project contain a security policy?
0:00 / 0:00