Go Icon

Go

Go is a programming language built to resemble a simplified version of the C programming language.
465 Stories
All Topics

Go github.com

A highly customizable and lightweight framework for crafting Go CLIs

Nice is a highly customizable and lightweight framework for crafting CLI apps.

Nice respects idiomatic Go code and focuses to be clear, efficient and easy to write and maintain.

You can use it as a full-featured non-opinionated framework or use any nice packages as stand-alone libraries.

I’m a big fan of the similar projects section in the README. Classy!

A highly customizable and lightweight framework for crafting Go CLIs

Tom Payne github.com

Easy, secure dotfiles management with chezmoi

Here’s how Tom Payne describes his project:

chezmoi is a popular dotfile manager (currently over 4.5K stars on GitHub and increasing quickly). chezmoi helps you get your prefered environment synchronized across multiple machines (e.g. your home desktop, your work laptop, and a temporary development container in the cloud) while easily coping with differences from machine to machine and keeping all your secrets safe either with your password manager or encryption. Using chezmoi feels very much like using git (and indeed it builds on git). chezmoi is easy to install, quick to start with, runs everywhere, and scales from managing a handful of files on one machine to complex multi-machine set-ups with hundreds of dotfiles and plugins.

Getting a new machine set up looks like:

$ sh -c "$(curl -fsLS git.io/chezmoi)" -- init --apply <github-username>

My dotfiles “manager” is just a combination of git clone and setup.sh, but if I used many machines I’d probably reach for something more robust like this. If you’re already using a manager for yours, here’s a comparison guide of how chezmoi stacks up to other popular options.

Go github.com

GoKart – a static analysis tool for securing Go code

Static analysis is a powerful technique for finding vulnerabilities in source code. However, the approach has suffered from being noisy - that is, many static analysis tools find quite a few “vulnerabilities” that are not actually real. This has led to developer friction as users get tired of the tools “crying wolf” one time too many.

The motivation for GoKart was to address this: could we create a scanner with significantly lower false positive rates than existing tools? Based on our experimentation the answer is yes.

See also: npm audit and the shortcomings of security-focused static analysis tools.

Ahmed github.com

Deploy databases and services easily for dev and testing pipelines

Peanut provides a REST API, Admin Dashboard and a command line tool to deploy and configure the commonly used services like databases, message brokers, graphing, tracing, caching tools … etc. It perfectly suited for development, manual testing, automated testing pipelines where mocking is not possible and test drives.

Under the hood, it works with the containerization runtime like docker to deploy and configure the service. Destroy the service if it is a temporary one.

Technically you can achieve the same with a bunch of yaml files or using a configuration management tool or a package manager like helm but peanut is pretty small and fun to use & should speed up your workflow!

Deploy databases and services easily for dev and testing pipelines

Productivity github.com

A Unix-style personal search engine and web crawler for your digital footprint

Apollo is a different type of search engine. Traditional search engines (like Google) are great for discovery when you’re trying to find the answer to a question, but you don’t know what you’re looking for.

However, they’re very poor at recall and synthesis when you’ve seen something before on the internet somewhere but can’t remember where. Trying to find it becomes a nightmare - how can you synthezize the great material on the internet when you forgot where it even was? I’ve wasted many an hour combing through Google and my search history to look up a good article, blog post, or just something I’ve seen before.

If you scan Apollo’s README, you’ll know the author has put a lot of thought into this project. The more I grokked it, the more I thought of Monocle (which we’re doing an episode about soon). Turns out, it’s a direct inspiration (along with Serenity OS for the design).

Alex Ellis blog.alexellis.io

I wrote a book about Everyday Go

This is my third eBook on Go, and it’s one of the ways I’m supporting my time to make open source contributions and lead the OpenFaaS community. The book covers samples, examples and techniques that I’ve learned over the past 5-6 years.

The point is not to be an 800-page tomb with tenuous links between content, but code from real open source applications that are run in production at scale.

There’s been over 300 copies sold already and I’m offering a money back guarantee if anyone should feel it didn’t meet their expectations.

Security github.com

Security health metrics for open source projects

This project is a formalized list of checks that can be run against an open source codebase and a Go-based tool to run those checks and provide a report on the project’s health. Here are a few of the checks it runs, to get an idea of what it’s all about:

  • Does the project use fuzzing tools, e.g. OSS-Fuzz?
  • Does the project cryptographically sign releases?
  • Does the project contain a security policy?

Go github.com

A high-performance, columnar, in-memory storage engine for Go

The general idea is to leverage cache-friendly ways of organizing data in structures of arrays (SoA) otherwise known “columnar” storage in database design. This, in turn allows us to iterate and filter over columns very efficiently. On top of that, this package also adds bitmap indexing to the columnar storage, allowing to build filter queries using binary and, and not, or and xor (see kelindar/bitmap with SIMD support).

Katie Hockman blog.golang.org

Go's fuzzing effort now in beta

We first talked fuzzing with Katie Hockman back in August of 2020. Fast-forward 10 months and native fuzzing in Go is ready for beta testing! Here’s Katie explaining fuzzing, for the uninitiated:

Fuzzing is a type of automated testing which continuously manipulates inputs to a program to find issues such as panics or bugs. These semi-random data mutations can discover new code coverage that existing unit tests may miss, and uncover edge case bugs which would otherwise go unnoticed. Since fuzzing can reach these edge cases, fuzz testing is particularly valuable for finding security exploits and vulnerabilities.

It looks like the feature won’t be landing in Go 1.17, but they’re planning on it sometime after that. Either way, you can use fuzzing today on its development branch.

Kubernetes github.com

Porter is a Kubernetes-powered PaaS that runs in your own cloud provider

Porter brings the Heroku experience to your own AWS/GCP account, while upgrading your infrastructure to Kubernetes. Get started on Porter without the overhead of DevOps and customize your infrastructure later when you need to.

For more on Porter, tune in to Go Time live on June 1st! Mat Ryer will be asking Carolyn Van Slyck all about it. If live isn’t an option… subscribe to Go Time, why don’t ya?

Namespace conflict! I mistook this Porter for that Porter which Carolyn Van Slyck works on. That Porter will be the subject of the June 1st Go Time, not this Porter. If you want us to do a show on this Porter, let us know. 😎

Linux github.com

Lima is like a "macOS subsystem for Linux"

Lima launches Linux VMs on your Intel or ARM-based Mac with automatic file sharing, port forwarding, and containerd. That means you can easily do cool stuff like:

$ echo "files under /Users on macOS filesystem are readable from Linux" > some-file

$ lima cat some-file
files under /Users on macOS filesystem are readable from Linux

$ lima sh -c 'echo "/tmp/lima is writable from both macOS and Linux" > /tmp/lima/another-file'

$ cat /tmp/lima/another-file
/tmp/lima is writable from both macOS and Linux"

Patrick DeVivo github.com

Reqlite lets you query Redis with SQL

Patrick DeVivo:

This is a project in Go that compiles to a SQLite runtime loadable extension, which brings Redis commands into a SQL context. This allows you to write SQL queries against data in a Redis instance, using Redis commands like LRANGE as SQL functions.

Experimental for now. But why? Patrick says:

In general, Redis is fairly accessible from many programming languages, and any query using reqlite could probably be implemented in a language of your choice using a Redis client. However, sometimes declarative SQL can be a better choice to express what you’re looking for, and that’s where this project may be most useful.

Go github.com

A Go backend framework for rapidly creating APIs and distributed systems

Encore uses static analysis and code generation to reduce the boilerplate you have to write, resulting in an extremely productive developer experience.

The list of superpowers is impressive, to say the least. I know gophers tend to be skittish when they’re approached by a framework, though, so I’d love to hear more about this project on Go Time

Docker launchyourapp.meezeeworkouts.com

Why we don’t use Docker (we don’t need it)

In other jobs, we’ve used docker and it’s worked out just fine (for the most part… there was that time the RedHat filesystem on our prod server got mysteriously hosed – maybe it wasn’t docker’s fault.) But no, the reason we don’t use docker is because we don’t need it. Literally. Writing golang web services and static html embedded with with golang 1.16’s new //embed directive, we end up with a single deployable binary.

As a self-sustaining startup, we have limited resources to devote to tasks. We chose golang exactly for this reason. It sure would be nice if we could spend a couple weeks building the perfect CI/CD pipeline, an elegant deployment process, along with pretty dashboards. But we have software we need to ship in order to get users in order to drive subscriptions. Anything that doesn’t directly serve that goal is a complication. So at best, docker is a complication. A 9 million LoC complication that brings its own bugs and its own idiosyncrasies.

I’m not here to tell you whether or not you should use Docker. I don’t know what you should do. What I do know, is that you (all) need to make your own decisions based on your needs.

That’s why I like this piece by the team behind MeeZee Workout‪s. They share their decision and why they made it. Add this to your knowledge base for your next big decision.

Go github.com

Authelia is a multi-factor SSO portal for web apps

Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal. It acts as a companion of reverse proxies like nginx, Traefik or HAProxy to let them know whether queries should pass through. Unauthenticated users are redirected to Authelia Sign-in portal instead.

Authelia is a multi-factor SSO portal for web apps
0:00 / 0:00