Honeybadger's quarterly briefings keep you up to date on the most important developments in your programming communities. We curate the news so you can spend more time focusing on what's really important.

  • Events: Conferences and meetups. Upcoming and recently completed.
  • Security: Recent vulnerability reports
  • Projects: News about major community projects
  • Trending Topics: Summaries of the big topics everyone's talking about
  • Standout Content: Content that didn't fit in other sections, but that was too cool to leave out.

Events

Gophercon 2021 12/5/2021 - 12/8/2021

GC21 will be in-person at the Marriott Marquis San Diego Marina. With rooming and programming under one roof; we're excited to return to a venue where we can all be together, while still having the space to approach this year's conference with caution. CFP has passed

GoWest Conference 2021 on 10/22/2021 Salt Lake City & Online

This conference is meant to service the Rocky Mountain West Area (Arizona, Utah, Colorado, Idaho). The GoWest Conference was created with two main goals: to highlight the local talent and expertise in engineering with the Go programming language, and to bring world-renowned Go speakers to the area. CFP has passed

Gophercon UK on Aug 18, 19 & 20 Salt The Brewery, city of London

We are pleased to announce the 6th annual GopherCon UK conference. Three days of amazing talks, plentiful networking opportunities and great socials. GopherCon UK offers the most up-to-date Go programming information and training.CFP has closed

Gophercon Poland on 09/15/2021 Online

GopherCon Poland is the Polish edition of the GopherCon conference. The goal of the event is to raise the participants' qualifications and show the applications of new products in Go language.

Security

  • 2021-28820: The FTL Server (tibftlserver), FTL C API, FTL Golang API, FTL Java API, and FTL .Net API components of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contain a vulnerability that theoretically allows a low privileged attacker with local access on the Windows operating system to insert malicious software. The affected component can be abused to execute the malicious software inserted by the attacker with the elevated privileges of the component. This vulnerability results from the affected component searching for run-time artifacts outside of the installation hierarchy. Affected releases are TIBCO Software Inc.'s TIBCO FTL - Community Edition: versions 6.5.0 and below, TIBCO FTL - Developer Edition: versions 6.5.0 and below, and TIBCO FTL - Enterprise Edition: versions 6.5.0 and below.
  • 2021-21432: Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. An authentication mechanism added in version 0.7.0 enables some malicious user to obtain secrets utilizing the injected credentials within the ~/.netrc file. Refer to the referenced GitHub Security Advisory for complete details. This is fixed in version 0.7.5.

Projects

Golang

Go is an open source programming language that makes it easy to build simple, reliable, and efficient software.

  • 6/23/2021: The Go Collective on Stack Overflow! Go Collective is the very first open source project in Collectives™ on Stack Overflow, which came as a result of a partnership between Go & Stack Overflow. It will be an improved Stack Overflow experience
  • 6/10/2021: Go 1.17 Beta 1 is released
  • 6/10/2021: gopls v0.7.0 Released: gopls is the Go language server that makes your IDE experience somewhat more pleasant. The headline feature for 0.7.0 is postfix completions which can save you time by inserting commonly written code for various features.
  • 6/3/2021: Go 1.16.5 and 1.15.13 Released. These are minor point releases but do include security fixes according to the new security policy (below.)
  • 03/10/2021: Go has a new security policy proposal

Tiny Go

TinyGo - A Go Compiler For Small Places

  • 05/17/2021: 0.18.0 Released! Support for Go 1.11 and Go.12 is dropped, so you'll need to upgrade to Go 1.13 or later. Other key notes: improvements to refelection, a big change to the PWM API to make it powerful (including support for servos), support for CLI parameters and ENV's.)
  • 06/01/2021: TinyGo for Tiny Applications. Discover a New Plugin for GoLand.

Fuzzing (5)

Fuzzing is a type of automated testing which continuously manipulates inputs to a program to find issues such as panics, bugs, or data races to which the code may be susceptible. These semi-random data mutations can discover new code coverage that existing unit tests may miss, and uncover edge-case bugs which would otherwise go unnoticed. This type of testing works best when able to run more mutations quickly, rather than fewer mutations intelligently.

  • Design Draft: First Class Fuzzing
    • Katie Hockman
    • Systems built with Go must be secure and resilient. Fuzzing can help with this, by allowing developers to identify and fix bugs, empowering them to improve the quality of their code. However, there is no standard way of fuzzing Go code today, and no out-of-the-box tooling or support. This proposal will create a unified fuzzing narrative which makes fuzzing a first class option for Go developers.
  • Fuzzing is Beta Readya
    • Katie Hockman and Jay Conrad
    • Fuzzing is available for beta testing in its development branch, dev.fuzz. A brief example of how to get started trying it is also included in this article.

Generics (3)

  • Functional programming in Go with generics
    • Ani Channarasappa
    • This article discusses why functional programming is difficult without generics in Go. The author explains the key tenets of functional programming (pure functions, immutable data, function composition, and declarative over imperative) and then has a nice chart that shows which 'functional-esque' features Golang currently supports. First class functions + higher order functions, closures, tail call optimization, variadic functions + variadic type parameters and currying are all listed as functional programming features that Go has. The author wraps up showing an example utilizing Go 1.18 and how we can utilize generics to write functional programs.

Standout Content

  • Ten Commandments of Go
    • John Arundel
    • Go is an interesting language, that doesn't fit in a nice box like a traditional OOP, or procedural, or functional language. Instead, Go weaves in components of all three, which can be confusing at first. What is Go trying to do as a language, and why? I found this article to be really helpful in that regard as it describes some of the key tenets put forth by the creators of Go.
  • Thoughts on how to structure Go code

    • Jon Calhoun
    • Jon Calhoun has been one of my favorite Go teachers. I've taken a fair number of his courses and definitely recommend them to others who are looking to level up. In this article, Jon discusses how he organizes his file structure for Go repos. Since Go isn't really a typical "MVC" framework, there are a lot of opinions as to how code should be structured. Jon argues that ultimately, each project will likely be different, but it's important to think about the "contexts" of your application.
  • Go Modules Cheat Sheet

    • André Eriksson
    • Modules are still new to a lot of folks so I found this cheat sheet to be a super nifty page to bookmark -- commands, as well as the anatomy of a go.mod file are all included. Yay!
  • Go Performance Tools Cheat Sheet

    • Steve Azzopardi
    • There are a variety of tools available to developers to identify where your application might be spending CPU time or allocating memory. However, if you're like me (and the author of this cheat sheet), every time you're needing to run a performance analysis, you're back on Google search. :) No longer! Bookmark this cheat sheet and it'll be your quick reference to finding the best performance tool when you're in need of one.
  • Reducing Memory Allocations in Golang

    • Christopher Tarry
    • Go has become a popular "in between" for developers who seek a high level language like Python but want better performance like C. That said, Christopher Tarry discusses with examples how there is still 'no free lunch' and that Go's abstractions still come with a cost. This article discusses how to measure and monitor the performance of your Go code, specifically reducing allocations, reusing buffers if you can, and making sure to actually benchmark your code.

Get the Honeybadger newsletter

Each month we share news, best practices, and stories from the DevOps & monitoring community—exclusively for developers like you.
    An advertisement for Honeybadger that reads 'Turn your logs into events.'

    "Splunk-like querying without having to sell my kidneys? nice"

    That’s a direct quote from someone who just saw Honeybadger Insights. It’s a bit like Papertrail or DataDog—but with just the good parts and a reasonable price tag.

    Best of all, Insights logging is available on our free tier as part of a comprehensive monitoring suite including error tracking, uptime monitoring, status pages, and more.

    Start logging for FREE
    Simple 5-minute setup — No credit card required