This is cool because portability. But also because you can embed it as a library in your Go projects. It’s not identical to jq in practice, though. Here’s a long list of differences between the two.

Egon Elbre and Roger Peppe join Mat for a conversation all about bloat (and how to avoid it). Expect talk of code bloat, binary bloat, feature bloat, and an even-more-bloated-than-usual unpopular opinion segment.

Julie Qiu, announcing Go’s new support for vulnerability management:

Go provides tooling to analyze your codebase and surface known vulnerabilities. This tooling is backed by the Go vulnerability database, which is curated by the Go security team. Go’s tooling reduces noise in your results by only surfacing vulnerabilities in functions that your code is actually calling.

There’s a new govulncheck command you can/should install and run against your project. It surfaces only the vulnerabilities that actually affect you, which is awesome.

Govulncheck is a standalone tool to allow frequent updates and rapid iteration while we gather feedback from users. In the long term, we plan to integrate the govulncheck tool into the main Go distribution.

This week we’re sharing the most popular episode of Go Time from last year — Go Time #196. We believe this episode was the most popular because it’s all about building actually maintainable software and what goes into that. Kris Brandow is joined by Johnny Boursiquot, Ian Lopshire, and Sam Boyer. There’s lots of hot takes, disagreements, and unpopular opinions.

This is part two of a three part mini-series led by Kris on maintenance. Make sure you check out Go Time #195 and Go Time #202 to continue the series.

Ever wondered how GopherCon came to be, and how it’s put together every year. In this show we will be chatted with Erik St. Martin, who has been there from the start about how GopherCon came to be, how this year’s conference came together, as well as why events like GopherCon as so great!

We are joined by Erik St. Martin, GopherCon Organizer and Co-Author Go in Action.

In this episode, we’ll be further exploring PRs. Check out The art of the PR: Part 1 if you haven’t yet. What is it that makes a PR a good PR? How do you consider PRs in an open source repo? How do you vet contributions from people who aren’t a part of the repository? How does giving feedback and encouragement fit in to the PR process? We’ll be debating the details, and trying to help our fellow gophers perfect the art of the PR. We are joined by the awesome Anderson Queiroz, hosted by Natalie Pistunovich & Angelica Hill.

In this episode, we will be exploring PRs. What makes a good PR? How do you give the best PR review? Is there such thing as too small, or big of a PR? We’ll be debating the details, and trying to help our fellow gophers perfect the art of the PR. We are joined by three wonderful guests Jeff Hernandez, Sarah Duncan, and Natasha Dykes. Hosted by Angelica Hill & Natalie Pistunovich.

Every so often, engineers need to pick up a new language. After ~6 years of professional development using Java, with a bit of Ruby sprinkled in, coming to Deliveroo meant that I’d be starting to work on some Go codebases.

So when it came to accepting the offer, I ended up thinking about getting started with learning Go, so I could hit the ground running. In this post I share different ways to get practical experience of the language, as well as thoughts on what Go is like to a newbie

You can think of this like fetch() or curl but entirely in SQL:

select request_url, response_status, response_headers 
  from http_get('http://httpbin.org/get');

The cool thing is you can save everything from the request: status code, headers, the body (of course), timestamps, and more. Great for archiving!

-- initialize a table
create table snapshots as
  select * from http_get('https://changelog.com');

-- To add more rows later on
insert into snapshots
  select * from http_get('https://changelog.com');

Baruch Sadogursky (Chief Sticker Officer at JFrog) joins Natalie & Johnny to lament the current state of dependency management in Go and other languages. They discuss the problems dependency managers face, possible technical mitigations like SBOMs, people problems that will never be solved by tech, and take questions from listeners in the #gotimefm channel of Gophers Slack.

Pulls data from many sources. Built with Go. Demo video here.

Our award winning worthy survey game show is back, this time Mat Ryer hosts it live on stage at GopherCon Europe 2022!

Go Time’s Natalie Pistunovich joins forces with Ronna Steinberg & Robert Burke to battle it out with V Körbes, Tamir Bahar & Konrad Richie. Let’s see who can better guess what the GopherCon Europe gophers had to say!

This library is the spiritual successor to the one we covered late last year, now with generics.

Go 1.18 was a major release where we saw the introduction of generics into the language as well as other notables such as fuzzing and workspaces. With Go 1.19 slated to come out next month, one has to wonder what’s next. Are we in store to be blown away by new and major features like we saw in 1.18? Not exactly but there are still lots of improvements to be on the lookout for.

Joining Mat & Johnny to touch on some of the most interesting ones is Carl Johnson, himself a contributor to the 1.19 release.

Ben Johnson is at it again.

LiteFS is a FUSE-based file system for replicating SQLite databases across a cluster of machines. It works as a passthrough file system that intercepts writes to SQLite databases in order to detect transaction boundaries and record changes on a per-transction level in LTX files.

I believe Ben was alluding to this (then unreleased) tool on his recent Ship It! appearance…

How do beginners learn Go? This episode is meant to engage both non-Go users that listen to sister podcasts here on Changelog, or any Go-curious programmers out there, as well as encourage those that have started to learn Go and want to level up beyond the basics. On this episode we’re aiming to answer questions about how to learn Go, identify resources that are available, and where you can go to continue your learning journey.

Testing distributed systems under hard failures like network partitions and instance termination is critical, but it’s also important we test them under less catastrophic conditions because this is what they most often experience. Comcast is a tool designed to simulate common network problems like latency, bandwidth restrictions, and dropped/reordered/corrupted packets.

It works by wrapping up some system tools in a portable(ish) way. On BSD-derived systems such as OSX, we use tools like ipfw and pfctl to inject failure. On Linux, we use iptables and tc. Comcast is merely a thin wrapper around these controls.

TFW you come up with the perfect name for your open source project ✨

A conversation with Ronna Steinberg, who was an OOP developer for many years, and now is a Go Google Developer Expert. Ronna has been thinking about Go and OOP for awhile, asking herself whether or not Go is an object oriented programming language. Tune in to find out her answer and hear some of the options gophers have for object oriented design.

Matt Holt (creator of Caddy) gives a deep dive into how the web server works and some of the design decisions and patterns that make it reliable, extensible, and delightful.

One of the interesting things about the design of Caddy is that its core is just configuration management. It pushes out all other functionality into modules so that basically the only thing left in core is accepting and reacting to configuration changes.

Vaultless as in you do not need to manage a password vault.

Instead of storing your passwords in a vault it derives your password on the fly from your master password and supplied realm string (for example, resource URL).

How cool is that?! Here’s an example use:

gokey -p super-secret-master-password -r example.com

PocketBase is an open source Go backend, consisting of:

• embedded database (SQLite) with realtime subscriptions
• built-in files and users management
• convenient Admin dashboard UI
• and simple REST-ish API

For docs and examples, head to pocketbase.io/docs

We’re talking about the tools we use every day help us to be productive! This show will be a great introduction for those new to Go tooling, with some discussion around what we think of them after using some of them for many years.

A deep discussion on that tension between development speed and software quality. What is velocity? How does it differ from speed? How do we measure it? How do we optimize it?

Rewind like video, see output in a pager, Vim-like keymaps, and more. “Viddy well, gopher. Viddy well.”

The year is 2053. The tabs-vs-spaces wars are long over. Ron Evans is the only Go programmer still alive on Earth. All he does is maintain old Go code. It’s terrible! He must find a way to warn his fellow gophers before it’s too late. Good thing he finally got that PDQ transmission system working…