Click any tag below to further narrow down your results
Links
This article explains techniques for shrinking the size of a Rust static library intended for use with Go. It details the process of removing unused code, optimizing linked sections, and converting LLVM bitcode to achieve a significantly smaller library file. The author shares practical steps and results of the optimization efforts.
GoStringUngarbler is a Python tool that extracts and deobfuscates strings from Go binaries obfuscated with the Garble tool. It requires specific flags during compilation and supports Windows and Linux binaries. The program works by patching decryption routines to reveal the original strings.
This article explains how to use ULID (Universally Unique Lexicographically Sortable Identifier) in Go programs with a Postgres database. It highlights ULID's benefits over traditional UUIDs, including sortability and efficiency, and provides sample code for integration.
The Go programming language has released updates 1.25.6 and 1.24.12 to fix six critical vulnerabilities, including denial-of-service risks and potential arbitrary code execution. Developers are urged to upgrade immediately to avoid exploitation in unpatched environments.
This article details Reddit's migration from a legacy Python service to Go microservices for handling comments. It outlines the challenges faced during the migration, including write endpoint validations and performance improvements achieved. The migration has successfully reduced latency while maintaining reliability.
The article details an experiment in porting the TinyEMU RISC-V emulator from C to Go using an AI named Claude. It discusses challenges faced during the process, including maintaining fidelity to the original C code and managing the AI's decision-making. The author reflects on the complexities of programming with AI assistance, particularly in the final stages of development.
Gotests is a tool that automatically generates table-driven tests for Go functions and methods by analyzing their signatures. It supports filtering, custom templates, and even AI-generated test cases, making it efficient for developers to ensure test coverage.
This article explains the new errors.AsType function in Go 1.26, which offers a type-safe way to check for specific error types. Unlike the older errors.As, it simplifies code by eliminating the need for intermediate variable declarations and reduces the risk of runtime panics. It's recommended for new code while errors.As remains available.
The article explores the distinct philosophies and trade-offs of Go, Rust, and Zig based on the author's recent experiences. It details Go's minimalism, Rust's complexity with a focus on safety and performance, and Zig's manual control over memory management. The author aims to clarify the values each language embodies rather than just listing features.
The author shares their experience using Claude Code to debug a Go implementation of the ML-DSA post-quantum signature algorithm. Despite initial difficulties, the AI quickly identified and suggested fixes for complex bugs in the cryptographic code, demonstrating its utility in low-level programming tasks.
The article details a case study where a payment service at TikTok, originally built in Go, faced CPU bottlenecks due to increased traffic. By selectively rewriting the most CPU-intensive endpoints in Rust, the team achieved double the performance and projected annual savings of $300,000 in cloud costs.
Go 1.26 introduces key language updates, including a new function syntax and self-referential generic types. Performance enhancements include a default garbage collector and reduced cgo overhead. The release also features tool improvements and several experimental packages.
mactop is a command-line tool for monitoring real-time metrics on Apple Silicon devices. It provides detailed insights into CPU, GPU, memory usage, and system power, all without requiring sudo access. You can customize the UI and output formats for specific needs.
GoDefender is a security toolkit in Go that protects against debugging, virtualization, and DLL injection attacks. It offers various detection methods and protective measures to complicate reverse engineering efforts. The tool is intended for educational use and legitimate security research.
This article introduces the ADK Go, an open-source toolkit for creating AI agents using the Go programming language. It emphasizes flexibility and modularity, allowing developers to build, evaluate, and deploy agents in cloud-native environments. The framework supports various tools and is model-agnostic.
The article clarifies that go.sum is not a lockfile and has no impact on version resolution; it merely serves as a local cache for module version hashes. Instead, go.mod is the key file that defines all dependencies and their exact versions, simplifying package management in Go.
OnlyShell is a Go-based tool for managing multiple reverse shell connections at once. It features automatic shell type detection, background shell support, and command broadcasting, making it useful for penetration testers and security researchers. The tool also includes options for secure communication through TLS.
The author details their transition from VSCode to Zed after growing frustrated with VSCode's intrusive AI features and performance issues. They highlight Zed's speed, stability, and a smoother setup for Go, though they faced challenges configuring it for Python.
This article discusses the findings from the 2025 Go Developer Survey, which received responses from over 5,000 developers. Key insights include a need for better best practices, mixed satisfaction with AI tools, and frequent documentation reviews for core Go commands.
Fence is a tool that wraps commands in a sandbox, blocking network access by default and allowing configurable filesystem restrictions. It's useful for executing semi-trusted code safely, making it ideal for package installations and CI jobs. The tool also integrates with various coding agents to enhance security.
Observability in applications comes with instrumentation overhead, which can impact performance and resource consumption. A benchmark of OpenTelemetry in a Go application revealed a CPU usage increase of about 35% and some additional memory usage, while still maintaining stable throughput. For teams prioritizing incident resolution, the tradeoff for detailed observability is often justified, though eBPF-based instrumentation offers a lighter alternative for monitoring without significant resource costs.
Building a functional code-editing agent is simpler than it appears, requiring just under 400 lines of code using Go and the Anthropic API. The article provides a step-by-step guide to creating a terminal-based conversational agent that can utilize tools for enhanced functionality, demonstrating how to maintain a conversation and integrate tool use effectively.
Wildcat is a high-performance embedded key-value database written in Go, featuring modern design principles such as LSM tree architecture and MVCC for efficient read and write operations. It supports ACID transactions, offers configurable durability levels, and provides comprehensive iteration capabilities, making it suitable for applications requiring immediate consistency and durability. Users can join a community for support and access resources for development and benchmarking.
A lightweight RESTful geospatial feature server for DuckDB has been developed using Go, supporting the OGC API - Features standard and enabling CRUD operations on spatial data. It leverages DuckDB's spatial extension for fast analytical queries and efficient processing, with features like CORS support, GZIP encoding, and a user-friendly HTML interface. The server can be configured via environment variables and supports both HTTP and HTTPS protocols for secure access.
A bug was discovered in the Go programming language's ARM64 compiler, which led to unexpected program behaviors. The team at Cloudflare detailed their investigation process, including testing and debugging steps, that ultimately helped identify and resolve the issue. This case highlights the importance of thorough testing in software development to catch potential compiler-related bugs.
The article discusses the implementation and benefits of using Go agents for managing and deploying services within the Hatchet framework. It highlights how Go agents facilitate streamlined processes and improve scalability in cloud environments. The piece emphasizes the efficiency and ease of use that Go agents bring to developers and operations teams.
hyperpb is a new high-performance Protobuf library for Go, designed to leverage optimizations from UPB while addressing the challenges of Go's C FFI. It features a dynamic, runtime-based parser that outperforms existing Go Protobuf parsers in benchmarks. The library aims to provide an efficient and flexible solution for handling Protobuf messages in Go applications.
Dolt, the version-controlled SQL database, tested Go's experimental Green Tea garbage collector but found no significant performance improvements. Despite the new collector's intention to enhance cache locality and throughput, real-world tests showed minimal differences in latency and throughput compared to the classic garbage collector. Consequently, Dolt will not enable Green Tea for production builds.
Skyline queries help identify optimal options in multi-dimensional data by finding points that are not dominated by others. The article explains various algorithms for executing skyline queries and provides a practical example of building a command-line tool in Go that processes a CSV file to identify skyline points based on specified dimensions. The tool simplifies the visualization of results without requiring complex infrastructure.
Since adopting Go in 2016, American Express has gained valuable insights into its performance, efficiency, and scalability. Key learnings include improved dependency management with Go Modules, the challenges of concurrency, the importance of training for idiomatic Go, the establishment of standardized frameworks, and fostering an internal community to enhance collaboration and innovation.
The article discusses a subtle bug that can arise from modernizing Go error handling, specifically when switching from type assertions to the errors.As function. It illustrates how mismatched pointer and value types in error handling can lead to silent failures that alter program behavior unexpectedly, emphasizing the importance of clarity in error type usage and documentation. The author proposes strategies to prevent these issues through compile-time assertions and consistent error practices.
Telemetry Harbor transitioned its data ingest pipeline from Python to Go to enhance performance and scalability. The move was driven by the need for improved concurrency and lower latency in processing large volumes of data. This rewrite aims to better meet the growing demands of their services and improve overall efficiency.
The TokenEx library enables secure access to cloud resources by providing a unified interface for obtaining and refreshing credentials from multiple cloud providers, including AWS, GCP, Azure, and OCI. It supports various authentication methods and handles token exchanges through workload identity federation, facilitating seamless integration into applications. Developers can easily implement the library in their Go projects to manage credentials efficiently.
The article provides a comprehensive guide on how to build GoReleaser, a tool that simplifies the release of Go applications by automating the entire process. It covers installation, configuration, and various features that enhance the release workflow, making it easier for developers to manage their projects. Additionally, the author shares tips and best practices for effectively using GoReleaser in development environments.
Software engineers frequently use diffs to represent changes in code, yet many existing libraries fall short of meeting diverse needs. The author shares insights from creating a new Go library to improve diff functionality while addressing issues such as readability, performance, and support for non-text inputs.
Go 1.25 introduces container-aware GOMAXPROCS defaults that improve the default behavior for applications running in container environments, particularly by adjusting GOMAXPROCS based on CPU limits set by orchestration platforms like Kubernetes. This change aims to reduce throttling impacts on tail latency and enhance production readiness by aligning Go's concurrency model with container resource management.
Go 1.25, released in August 2025, focuses on enhancements to the toolchain, runtime, and libraries while maintaining compatibility with previous versions. Key updates include new runtime features for GOMAXPROCS, an experimental garbage collector, and improved debugging tools, alongside several changes in the Go command and standard library. The release also introduces new analyzers for the vet command and updates to the compiler and linker for better performance and debugging support.
John Arundel shares ten essential commandments for writing effective Go code, emphasizing practices such as creating reusable packages, thorough testing, and prioritizing code readability. The guidelines also stress error handling, safe programming habits, and the importance of maintaining a clean environment while coding. By adhering to these principles, developers can enhance their code quality and overall efficiency.
Modern Go application design emphasizes the importance of structured code and repeatable processes for effective development. By applying principles such as SOLID and Domain-Driven Design (DDD), developers can create composable, reliable applications with well-defined components that enhance testing and reduce bugs. The article discusses the role of use cases and data models in shaping application architecture, advocating for a schema-first approach to maintain clean data models and improve application scalability.
Go programming language is characterized by its 80/20 design, offering 80% utility with only 20% complexity, which leads to criticism from those seeking more features. While many languages continually add complexity and features, Go maintains its simplicity, allowing for broader usability and efficiency in development. The article contrasts Go's approach with other languages, highlighting the trade-offs between utility and complexity in programming design.
Ebyte-Go-Morpher is a Go program that obfuscates Go source code by manipulating the Abstract Syntax Tree (AST) to enhance security. It offers various obfuscation techniques, including string encryption, identifier renaming, and number obfuscation, while preserving reflection compatibility and allowing configuration of features. The tool generates obfuscated files and runtime decryption logic, streamlining the process of protecting Go code.
Doltgres, a version-controlled SQL database, faced a performance regression due to the inclusion of system tables in its pg_catalog. The author utilized Go's pprof tool to visualize performance differences between code branches, ultimately identifying and fixing a bug that was causing unnecessary overhead in fetching table names. This fix not only resolved the slowdown but also improved overall performance benchmarks.
The article discusses unexpected security vulnerabilities in Go parsers, highlighting how certain design choices can lead to significant risks. It emphasizes the need for developers to be aware of these potential "footguns" to enhance the security of their applications. Best practices and recommendations for safer implementation are also provided to mitigate these risks.
Armin Ronacher shares his insights on agentic coding, emphasizing his use of Claude Code and the Sonnet model for efficient tool usage. He discusses the importance of optimizing workflows, selecting programming languages like Go for backend projects, and ensuring effective tooling and logging practices to enhance AI agent performance in coding tasks.
F2 is a cross-platform command-line tool developed in Go for batch renaming files and directories, emphasizing safety and efficiency. It features a default dry run mode, supports file attributes for flexible renaming, and includes conflict resolution, undo functionality, and extensive documentation to assist users. Installation options are available for Go developers and other methods can be found on the releases page.
After 19 years at Google, the author reflects on their journey with the Go programming language, highlighting its evolution and their contributions to the project. Despite feeling out of sync with the current direction of Go at Google, they express a continued interest in the language's future development and plan to take a break before potentially contributing again.
Observability in applications introduces instrumentation overhead that can impact performance, particularly when using OpenTelemetry with Go. A benchmark comparing a Go HTTP server's performance with and without OpenTelemetry revealed a notable increase in CPU and memory usage, but maintained stable throughput. The choice of observability method should balance the need for detailed tracing against resource costs, with eBPF-based instrumentation offering a more lightweight alternative for high-load environments.
Turso has rewritten significant portions of their API using Go to enhance performance and maintainability. This transition aims to leverage Go's efficiency and concurrency features, ultimately improving the overall experience for developers and users alike. The blog post details the motivations behind this decision and the expected benefits.
The article discusses common mistakes made by developers when using the Go programming language. It highlights pitfalls related to concurrency, error handling, and performance optimization that can lead to inefficient code. Understanding these mistakes can help programmers improve their skills and write more effective Go applications.
hyperpb is a new high-performance Protobuf library for Go that implements many optimizations from UPB while addressing the unique challenges of Go's runtime. It leverages a dynamic table-driven parsing approach to improve performance and reduce instruction cache issues associated with traditional Protobuf parsers. The library's API allows for efficient message handling and compilation, making it faster than existing Go Protobuf solutions.
Go has introduced native FIPS 140-3 support in its standard library, enhancing compliance for users in regulated environments. The Go Cryptographic Module v1.0.0, which is integrated into Go 1.24, simplifies the developer experience while ensuring uncompromised security and broad platform support. This new module provides a compliant and efficient solution for cryptographic operations in Go applications.
Designing custom error types in Go can lead to subtle bugs if best practices are not followed, particularly regarding the implementation of the Is method. A common pitfall arises when using the errors.Is function within an Is method, which can violate Go's error handling semantics and create misleading error equivalences. Developers should prioritize direct comparisons for error equality in custom Is methods to avoid such issues.
The article discusses the evolution of caching libraries in Go, focusing on the differences between on-heap and off-heap caches and highlighting the development of notable libraries such as Ristretto, Theine, and Otter v1. It critiques their advantages and disadvantages, particularly in terms of performance, hit rates, and feature sets, while emphasizing the need for efficient caching strategies in modern applications.
The project provides tools in Go for automated testing against Fastly's WAF simulator, incorporating a CI/CD pipeline with GitHub actions to run tests on code changes. Test cases are structured in YAML format within the test/rules directory, detailing various fields such as identifiers, requests, expected responses, and signals. Users must set up their Fastly NGWAF credentials, run Terraform commands, and check workflow statuses on GitHub to ensure the WAF rules function correctly.
The article explores the inefficiencies in Go related to handling io.Reader interfaces, particularly when decoding images with libraries like libavif and libheif. It discusses the challenges of type inspection and the need for optimization to avoid unnecessary data copying, ultimately leading to a workaround that allows for efficient byte extraction. The author critiques the design of Go's standard library concerning structural typing and the hidden requirements for certain functionalities.
The article discusses a memory regression issue encountered during the development of a Go application, highlighting the steps taken to identify and resolve the problem. It emphasizes the importance of monitoring memory usage and provides insights into debugging techniques used to tackle the regression effectively.
The article discusses various routing options available for Go applications, comparing their features, performance, and community support. It aims to guide developers in selecting the most suitable router based on their specific project needs.
Google commissioned Trail of Bits to audit Go's cryptography packages, resulting in one low-severity finding related to memory management in the legacy Go+BoringCrypto integration and several informational findings about potential timing side-channels. The audit confirms the security of Go's cryptography libraries and highlights ongoing improvements, including a new FIPS 140-3 mode and post-quantum cryptography support.
Go's data race detector has a limitation that can lead to missed data races in code, particularly when mutexes are used. The article illustrates a scenario where a race condition occurs due to an unguarded increment in a concurrent environment, which the race detector fails to detect under certain execution orders. Understanding the detector's boundaries is crucial for ensuring thread safety in Go applications.
Go's interfaces utilize structural typing, leading to challenges in implementation and documentation, particularly when adding methods to existing interfaces. The article discusses the problems with the standard library’s flag package and suggests using struct embedding and unexported methods to enforce interface satisfaction. Additionally, it explores potential solutions for default method implementations and optional methods, highlighting the complexities of Go's type system.
After two years of using serverless technology on Cloudflare Workers, the Unkey team transitioned to stateful Go servers to improve API performance and reduce latency by six times. This shift simplified their architecture, enabled self-hosting, and removed the complexities associated with serverless limitations, ultimately enhancing developer experience and operational efficiency.
After years as a software engineer, the author created two card games, Truco and Escoba, using Go. The first game took three months to develop without LLMs, while the second game was completed in just three days with LLM assistance, showcasing the drastic improvement in development efficiency. The article also offers a guide on how to create similar games using Go and WebAssembly.
The article discusses effective strategies for handling HTTP errors in Go programming, emphasizing the importance of proper error management to enhance application robustness. It outlines various approaches, including the use of custom error types and middleware, to provide meaningful feedback and improve user experience. Additionally, best practices for logging and tracking errors are highlighted to facilitate debugging and maintenance.
The article provides a step-by-step guide on executing Kubernetes commands using the Go programming language. It covers best practices for integrating Kubernetes client libraries and highlights essential tips for effective command execution. The focus is on improving developer productivity and ensuring robust application management within Kubernetes environments.
The article discusses the tension between using Go's built-in testing capabilities versus adopting external testing frameworks that create mini-languages, reflecting on the implications of each approach. It draws from personal experiences and industry examples to argue for the simplicity and clarity of using Go's native testing features while critiquing the complexity introduced by various frameworks. The author emphasizes the importance of consistency and ease of refactoring in testing practices.
The article discusses the implementation of Swiss Tables in the Go programming language, highlighting their efficiency in handling various data structures. It emphasizes the advantages of using this approach for organizing and accessing data quickly in software engineering practices. Additionally, it covers practical examples and performance comparisons with traditional methods.
Memory safety is often misunderstood as separate from thread safety, but the author argues that both concepts are intertwined, emphasizing that absence of Undefined Behavior is the true goal. Using a Go programming example, the article illustrates how data races can lead to memory safety violations, pointing out that Go lacks the robust protections seen in languages like Java and Rust. Ultimately, the author advocates for a clearer understanding of safety guarantees in programming languages, particularly regarding the implications of Undefined Behavior.
Deep recursion in Go can lead to stack exhaustion, especially in inherently recursive problems like calculating Fibonacci numbers. The lack of tail call optimization in Go exacerbates this issue, making it critical to implement safe limits on recursion to prevent crashes. The article also discusses real-world implications of deep recursion, particularly in parsing recursive data formats such as XML.
Finch is a lightweight reverse proxy developed in Go that enhances traffic management by extracting fingerprints from TLS handshakes and HTTP requests to allow, deny, route, or deceive traffic based on customizable rules. It features an authenticated admin API, real-time event streaming, and experimental support for HTTP/3 and QUIC. The tool is still in development and not yet suitable for production use.
The article discusses the issue of dependency bloat in Go modules, particularly focusing on the honk ActivityPub server. The author highlights the unexpected dependencies pulled in by gofeed, leading to unnecessary complexity and increased file sizes, while also expressing frustration over the need for online access to documentation tools. Ultimately, the author demonstrates how trimming dependencies can significantly reduce file sizes without sacrificing functionality.
The article explains the use and implications of the `//go:nosplit` directive in Go programming, which allows functions to skip stack overflow checks for performance reasons. While it can enhance speed, using this directive poses risks such as potential stack overflows, undefined behavior, and complications with asynchronous preemption, leading to hard-to-diagnose bugs. Caution is advised when employing `nosplit` functions in high-performance applications.
Local development can be streamlined with Fiber v3's new Services API and Testcontainers, allowing developers to manage external service dependencies like PostgreSQL containers seamlessly within their applications. This integration promotes a consistent development environment, enhances testing capabilities, and simplifies the lifecycle management of backing services. The article provides a guide on building a Fiber app with these new features for improved local development experiences.
Go programming language releases new major features every six months, with each version supported until two subsequent versions are released. The article provides a detailed timeline of features introduced in each version, alongside links to documentation, proposals, and commits for further exploration.
The author argues that the Go programming language should adopt a more opinionated approach regarding application structure, particularly for larger projects. They suggest implementing official templates for common project types to ease the learning curve and facilitate migration from other languages, drawing parallels with past improvements like the introduction of the go mod dependency manager.
Wig is a Vim-like text editor developed in Go, currently in early development with support for languages such as Go, C, Odin, and Python. It features LSP autocomplete, Tree-sitter support, and various keybindings, aiming to provide a simple yet functional editing experience while still being prone to bugs. The project is intended as an exploratory exercise rather than a polished product, with plans for future improvements.
The article covers best practices and strategies for error handling in Go programming, emphasizing the importance of clear error reporting and management. It discusses various techniques, such as using error types, wrapping errors, and leveraging Go's built-in error handling features to create more resilient applications. Effective error handling is positioned as a crucial aspect of building robust and maintainable Go software.
Genkit Go 1.0 has been officially released as a stable, production-ready AI development framework for the Go ecosystem, offering a unified interface for various AI model providers and enhanced tools for AI-assisted development. Key features include type-safe AI flows, a CLI for local development, and integration with AI coding assistants to streamline the coding process. Developers can now easily build and deploy AI-powered applications with the reliability of Go, alongside comprehensive documentation and support tools.
Understanding software performance often requires profiling to determine where code execution time is spent. Go offers built-in profiling tools and the article explains how to use flame graphs to visualize profiling data, helping developers identify performance bottlenecks effectively.
The article provides a detailed guide on how Go implements maps as hash tables, explaining their structure, collision handling, and dynamic growth. It covers fundamental concepts such as hashing, bucket indexing, and the memory management strategies used in Go's map implementation, particularly focusing on the older version prior to Go 1.24.
PocketBase is an open-source real-time backend written in Go that features an embedded SQLite database, user management, and a simple REST API. It allows developers to create custom applications with minimal setup, offering both a standalone app and a library for integration into other Go projects. The project is actively developed, and users are encouraged to contribute and report any security vulnerabilities.
The article discusses how memory maps (mmap) can significantly enhance file access performance in Go applications, achieving up to 25 times faster access compared to traditional methods. It explains the mechanics of memory mapping, the performance benefits it provides for read operations, and the limitations regarding write operations. The author also shares insights from implementing mmap in real-world applications, highlighting its effectiveness in improving performance.
The article introduces the reactive programming paradigm in Go, highlighting its advantages over traditional goroutines and channels for building event-driven applications. It emphasizes the use of the "ro" package for creating cleaner, more maintainable data processing pipelines, inspired by the mature RxJS library. The author critiques existing solutions like RxGo for their limitations and presents the benefits of using the new approach for handling complex event flows in Go applications.