🎉 Introducing Honeybadger Insights — logging and observability from Honeybadger! Check it out →

Go News Brief (Q2 2021)

Several in-person Go conferences this year. The go collective has joined StackOverflow. A TinyGo release. Discussions on fuzzing and Generics.

Honeybadger's quarterly briefings keep you up to date on the most important developments in your programming communities. We curate the news so you can spend more time focusing on what's really important.

  • Events: Conferences and meetups. Upcoming and recently completed.
  • Security: Recent vulnerability reports
  • Projects: News about major community projects
  • Trending Topics: Summaries of the big topics everyone's talking about
  • Standout Content: Content that didn't fit in other sections, but that was too cool to leave out.

Events

Gophercon 2021 12/5/2021 - 12/8/2021

GC21 will be in-person at the Marriott Marquis San Diego Marina. With rooming and programming under one roof; we're excited to return to a venue where we can all be together, while still having the space to approach this year's conference with caution. CFP has passed

GoWest Conference 2021 on 10/22/2021 Salt Lake City & Online

This conference is meant to service the Rocky Mountain West Area (Arizona, Utah, Colorado, Idaho). The GoWest Conference was created with two main goals: to highlight the local talent and expertise in engineering with the Go programming language, and to bring world-renowned Go speakers to the area. CFP has passed

Gophercon UK on Aug 18, 19 & 20 Salt The Brewery, city of London

We are pleased to announce the 6th annual GopherCon UK conference. Three days of amazing talks, plentiful networking opportunities and great socials. GopherCon UK offers the most up-to-date Go programming information and training.CFP has closed

Gophercon Poland on 09/15/2021 Online

GopherCon Poland is the Polish edition of the GopherCon conference. The goal of the event is to raise the participants' qualifications and show the applications of new products in Go language.

Security

  • 2021-28820: The FTL Server (tibftlserver), FTL C API, FTL Golang API, FTL Java API, and FTL .Net API components of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contain a vulnerability that theoretically allows a low privileged attacker with local access on the Windows operating system to insert malicious software. The affected component can be abused to execute the malicious software inserted by the attacker with the elevated privileges of the component. This vulnerability results from the affected component searching for run-time artifacts outside of the installation hierarchy. Affected releases are TIBCO Software Inc.'s TIBCO FTL - Community Edition: versions 6.5.0 and below, TIBCO FTL - Developer Edition: versions 6.5.0 and below, and TIBCO FTL - Enterprise Edition: versions 6.5.0 and below.
  • 2021-21432: Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. An authentication mechanism added in version 0.7.0 enables some malicious user to obtain secrets utilizing the injected credentials within the ~/.netrc file. Refer to the referenced GitHub Security Advisory for complete details. This is fixed in version 0.7.5.

Projects

Golang

Go is an open source programming language that makes it easy to build simple, reliable, and efficient software.

  • 6/23/2021: The Go Collective on Stack Overflow! Go Collective is the very first open source project in Collectives™ on Stack Overflow, which came as a result of a partnership between Go & Stack Overflow. It will be an improved Stack Overflow experience
  • 6/10/2021: Go 1.17 Beta 1 is released
  • 6/10/2021: gopls v0.7.0 Released: gopls is the Go language server that makes your IDE experience somewhat more pleasant. The headline feature for 0.7.0 is postfix completions which can save you time by inserting commonly written code for various features.
  • 6/3/2021: Go 1.16.5 and 1.15.13 Released. These are minor point releases but do include security fixes according to the new security policy (below.)
  • 03/10/2021: Go has a new security policy proposal

Tiny Go

TinyGo - A Go Compiler For Small Places

  • 05/17/2021: 0.18.0 Released! Support for Go 1.11 and Go.12 is dropped, so you'll need to upgrade to Go 1.13 or later. Other key notes: improvements to refelection, a big change to the PWM API to make it powerful (including support for servos), support for CLI parameters and ENV's.)
  • 06/01/2021: TinyGo for Tiny Applications. Discover a New Plugin for GoLand.

Fuzzing (5)

Fuzzing is a type of automated testing which continuously manipulates inputs to a program to find issues such as panics, bugs, or data races to which the code may be susceptible. These semi-random data mutations can discover new code coverage that existing unit tests may miss, and uncover edge-case bugs which would otherwise go unnoticed. This type of testing works best when able to run more mutations quickly, rather than fewer mutations intelligently.

  • Design Draft: First Class Fuzzing
    • Katie Hockman
    • Systems built with Go must be secure and resilient. Fuzzing can help with this, by allowing developers to identify and fix bugs, empowering them to improve the quality of their code. However, there is no standard way of fuzzing Go code today, and no out-of-the-box tooling or support. This proposal will create a unified fuzzing narrative which makes fuzzing a first class option for Go developers.
  • Fuzzing is Beta Readya
    • Katie Hockman and Jay Conrad
    • Fuzzing is available for beta testing in its development branch, dev.fuzz. A brief example of how to get started trying it is also included in this article.

Generics (3)

  • Functional programming in Go with generics
    • Ani Channarasappa
    • This article discusses why functional programming is difficult without generics in Go. The author explains the key tenets of functional programming (pure functions, immutable data, function composition, and declarative over imperative) and then has a nice chart that shows which 'functional-esque' features Golang currently supports. First class functions + higher order functions, closures, tail call optimization, variadic functions + variadic type parameters and currying are all listed as functional programming features that Go has. The author wraps up showing an example utilizing Go 1.18 and how we can utilize generics to write functional programs.

Standout Content

  • Ten Commandments of Go
    • John Arundel
    • Go is an interesting language, that doesn't fit in a nice box like a traditional OOP, or procedural, or functional language. Instead, Go weaves in components of all three, which can be confusing at first. What is Go trying to do as a language, and why? I found this article to be really helpful in that regard as it describes some of the key tenets put forth by the creators of Go.

  • Thoughts on how to structure Go code

    • Jon Calhoun
    • Jon Calhoun has been one of my favorite Go teachers. I've taken a fair number of his courses and definitely recommend them to others who are looking to level up. In this article, Jon discusses how he organizes his file structure for Go repos. Since Go isn't really a typical "MVC" framework, there are a lot of opinions as to how code should be structured. Jon argues that ultimately, each project will likely be different, but it's important to think about the "contexts" of your application.

  • Go Modules Cheat Sheet

    • AndrĂ© Eriksson
    • Modules are still new to a lot of folks so I found this cheat sheet to be a super nifty page to bookmark -- commands, as well as the anatomy of a go.mod file are all included. Yay!

  • Go Performance Tools Cheat Sheet

    • Steve Azzopardi
    • There are a variety of tools available to developers to identify where your application might be spending CPU time or allocating memory. However, if you're like me (and the author of this cheat sheet), every time you're needing to run a performance analysis, you're back on Google search. :) No longer! Bookmark this cheat sheet and it'll be your quick reference to finding the best performance tool when you're in need of one.

  • Reducing Memory Allocations in Golang

    • Christopher Tarry
    • Go has become a popular "in between" for developers who seek a high level language like Python but want better performance like C. That said, Christopher Tarry discusses with examples how there is still 'no free lunch' and that Go's abstractions still come with a cost. This article discusses how to measure and monitor the performance of your Go code, specifically reducing allocations, reusing buffers if you can, and making sure to actually benchmark your code.
What to do next:
  1. Try Honeybadger for FREE
    Honeybadger helps you find and fix errors before your users can even report them. Get set up in minutes and check monitoring off your to-do list.
    Start free trial
    Easy 5-minute setup — No credit card required
  2. Get the Honeybadger newsletter
    Each month we share news, best practices, and stories from the DevOps & monitoring community—exclusively for developers like you.
    Stop wasting time manually checking logs for errors!

    Try the only application health monitoring tool that allows you to track application errors, uptime, and cron jobs in one simple platform.

    • Know when critical errors occur, and which customers are affected.
    • Respond instantly when your systems go down.
    • Improve the health of your systems over time.
    • Fix problems before your customers can report them!

    As developers ourselves, we hated wasting time tracking down errors—so we built the system we always wanted.

    Honeybadger tracks everything you need and nothing you don't, creating one simple solution to keep your application running and error free so you can do what you do best—release new code. Try it free and see for yourself.

    Start free trial
    Simple 5-minute setup — No credit card required

    Learn more

    "We've looked at a lot of error management systems. Honeybadger is head and shoulders above the rest and somehow gets better with every new release."
    — Michael Smith, Cofounder & CTO of YvesBlue

    Honeybadger is trusted by top companies like:

    “Everyone is in love with Honeybadger ... the UI is spot on.”
    Molly Struve, Sr. Site Reliability Engineer, Netflix
    Start free trial
    Are you using Sentry, Rollbar, Bugsnag, or Airbrake for your monitoring? Honeybadger includes error tracking with a whole suite of amazing monitoring tools — all for probably less than you're paying now. Discover why so many companies are switching to Honeybadger here.
    Start free trial
    Honeybadger's logo: a lightening bolt inside of a diamond shape.
    Product
    Stacks
    Company
    Resources