Go News Brief (Q2 2021)

Several in-person Go conferences this year. The go collective has joined StackOverflow. A TinyGo release. Discussions on fuzzing and Generics.

Honeybadger's quarterly briefings keep you up to date on the most important developments in your programming communities. We curate the news so you can spend more time focusing on what's really important.

  • Events: Conferences and meetups. Upcoming and recently completed.
  • Security: Recent vulnerability reports
  • Projects: News about major community projects
  • Trending Topics: Summaries of the big topics everyone's talking about
  • Standout Content: Content that didn't fit in other sections, but that was too cool to leave out.

Events

Gophercon 2021 12/5/2021 - 12/8/2021

GC21 will be in-person at the Marriott Marquis San Diego Marina. With rooming and programming under one roof; we're excited to return to a venue where we can all be together, while still having the space to approach this year's conference with caution. CFP has passed

GoWest Conference 2021 on 10/22/2021 Salt Lake City & Online

This conference is meant to service the Rocky Mountain West Area (Arizona, Utah, Colorado, Idaho). The GoWest Conference was created with two main goals: to highlight the local talent and expertise in engineering with the Go programming language, and to bring world-renowned Go speakers to the area. CFP has passed

Gophercon UK on Aug 18, 19 & 20 Salt The Brewery, city of London

We are pleased to announce the 6th annual GopherCon UK conference. Three days of amazing talks, plentiful networking opportunities and great socials. GopherCon UK offers the most up-to-date Go programming information and training.CFP has closed

Gophercon Poland on 09/15/2021 Online

GopherCon Poland is the Polish edition of the GopherCon conference. The goal of the event is to raise the participants' qualifications and show the applications of new products in Go language.

Security

  • 2021-28820: The FTL Server (tibftlserver), FTL C API, FTL Golang API, FTL Java API, and FTL .Net API components of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contain a vulnerability that theoretically allows a low privileged attacker with local access on the Windows operating system to insert malicious software. The affected component can be abused to execute the malicious software inserted by the attacker with the elevated privileges of the component. This vulnerability results from the affected component searching for run-time artifacts outside of the installation hierarchy. Affected releases are TIBCO Software Inc.'s TIBCO FTL - Community Edition: versions 6.5.0 and below, TIBCO FTL - Developer Edition: versions 6.5.0 and below, and TIBCO FTL - Enterprise Edition: versions 6.5.0 and below.
  • 2021-21432: Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. An authentication mechanism added in version 0.7.0 enables some malicious user to obtain secrets utilizing the injected credentials within the ~/.netrc file. Refer to the referenced GitHub Security Advisory for complete details. This is fixed in version 0.7.5.

Projects

Golang

Go is an open source programming language that makes it easy to build simple, reliable, and efficient software.

  • 6/23/2021: The Go Collective on Stack Overflow! Go Collective is the very first open source project in Collectives™ on Stack Overflow, which came as a result of a partnership between Go & Stack Overflow. It will be an improved Stack Overflow experience
  • 6/10/2021: Go 1.17 Beta 1 is released
  • 6/10/2021: gopls v0.7.0 Released: gopls is the Go language server that makes your IDE experience somewhat more pleasant. The headline feature for 0.7.0 is postfix completions which can save you time by inserting commonly written code for various features.
  • 6/3/2021: Go 1.16.5 and 1.15.13 Released. These are minor point releases but do include security fixes according to the new security policy (below.)
  • 03/10/2021: Go has a new security policy proposal

Tiny Go

TinyGo - A Go Compiler For Small Places

  • 05/17/2021: 0.18.0 Released! Support for Go 1.11 and Go.12 is dropped, so you'll need to upgrade to Go 1.13 or later. Other key notes: improvements to refelection, a big change to the PWM API to make it powerful (including support for servos), support for CLI parameters and ENV's.)
  • 06/01/2021: TinyGo for Tiny Applications. Discover a New Plugin for GoLand.

Fuzzing (5)

Fuzzing is a type of automated testing which continuously manipulates inputs to a program to find issues such as panics, bugs, or data races to which the code may be susceptible. These semi-random data mutations can discover new code coverage that existing unit tests may miss, and uncover edge-case bugs which would otherwise go unnoticed. This type of testing works best when able to run more mutations quickly, rather than fewer mutations intelligently.

  • Design Draft: First Class Fuzzing
    • Katie Hockman
    • Systems built with Go must be secure and resilient. Fuzzing can help with this, by allowing developers to identify and fix bugs, empowering them to improve the quality of their code. However, there is no standard way of fuzzing Go code today, and no out-of-the-box tooling or support. This proposal will create a unified fuzzing narrative which makes fuzzing a first class option for Go developers.
  • Fuzzing is Beta Readya
    • Katie Hockman and Jay Conrad
    • Fuzzing is available for beta testing in its development branch, dev.fuzz. A brief example of how to get started trying it is also included in this article.

Generics (3)

  • Functional programming in Go with generics
    • Ani Channarasappa
    • This article discusses why functional programming is difficult without generics in Go. The author explains the key tenets of functional programming (pure functions, immutable data, function composition, and declarative over imperative) and then has a nice chart that shows which 'functional-esque' features Golang currently supports. First class functions + higher order functions, closures, tail call optimization, variadic functions + variadic type parameters and currying are all listed as functional programming features that Go has. The author wraps up showing an example utilizing Go 1.18 and how we can utilize generics to write functional programs.

Standout Content

  • Ten Commandments of Go
    • John Arundel
    • Go is an interesting language, that doesn't fit in a nice box like a traditional OOP, or procedural, or functional language. Instead, Go weaves in components of all three, which can be confusing at first. What is Go trying to do as a language, and why? I found this article to be really helpful in that regard as it describes some of the key tenets put forth by the creators of Go.
  • Thoughts on how to structure Go code

    • Jon Calhoun
    • Jon Calhoun has been one of my favorite Go teachers. I've taken a fair number of his courses and definitely recommend them to others who are looking to level up. In this article, Jon discusses how he organizes his file structure for Go repos. Since Go isn't really a typical "MVC" framework, there are a lot of opinions as to how code should be structured. Jon argues that ultimately, each project will likely be different, but it's important to think about the "contexts" of your application.
  • Go Modules Cheat Sheet

    • André Eriksson
    • Modules are still new to a lot of folks so I found this cheat sheet to be a super nifty page to bookmark -- commands, as well as the anatomy of a go.mod file are all included. Yay!
  • Go Performance Tools Cheat Sheet

    • Steve Azzopardi
    • There are a variety of tools available to developers to identify where your application might be spending CPU time or allocating memory. However, if you're like me (and the author of this cheat sheet), every time you're needing to run a performance analysis, you're back on Google search. :) No longer! Bookmark this cheat sheet and it'll be your quick reference to finding the best performance tool when you're in need of one.
  • Reducing Memory Allocations in Golang

    • Christopher Tarry
    • Go has become a popular "in between" for developers who seek a high level language like Python but want better performance like C. That said, Christopher Tarry discusses with examples how there is still 'no free lunch' and that Go's abstractions still come with a cost. This article discusses how to measure and monitor the performance of your Go code, specifically reducing allocations, reusing buffers if you can, and making sure to actually benchmark your code.

Honeybadger has your back when it counts. We're the only error tracker that combines exception monitoring, uptime monitoring, and cron monitoring into a single, simple to use platform.

Our mission: to tame production and make you a better, more productive developer. Learn more

“We’ve looked at a lot of error management systems. Honeybadger is head and shoulders above the rest and somehow gets better with every new release.”
Michael Smith
Try Error Monitoring Free for 15 Days
Are you using Bugsnag, Rollbar, or Airbrake for your monitoring? Honeybadger includes exception, uptime, and check-in monitoring — all for probably less than you’re paying now. Discover why so many companies are switching to Honeybadger here.
Try Error Monitoring Free for 15 Days
Stop digging through chat logs to find the bug-fix someone mentioned last month. Honeybadger's built-in issue tracker keeps discussion central to each error, so that if it pops up again you'll be able to pick up right where you left off.
Try Error Monitoring Free for 15 Days