#346 — January 22, 2021

Unsubscribe  |  Read on the Web

Go Weekly

Illustration by Ekaterina Stanchenko  

Go 1.15.7 and 1.14.14 Released(Requires Google login.) Two new releases to primarily fix two reported security issues around arbitrary code execution (covered in more depth in the item below) and an error in crypto/elliptic. Downloads here.

Roland Shoemaker

Command PATH Security in Go — Go 1.15.7 and Go 1.14.14 address a arbitrary code execution bug that can occur around go get and other commands that build code. This bug is significant enough to get a full write up with where it came from and ways to improve the situation.

Russ Cox

Secure Redis Hosting with RedisGreen — SSL encryption, key size tracking, memory mapping, online upgrades, and more.

RedisGreen sponsor

AWS SDK for Go Version 2 Now Generally Available — There’s a lot to like in version 2, including modularized clients per service, better config and pagination, and performance improvements. Requires Go 1.15 or higher.

Shantanu Kotambkar (AWS)

Go's ioutil Package to Be Deprecated in 1.16 — Most of the useful functions in this package (called a “poorly defined and hard to understand collection of thingsby Russ Cox) have been moved to io and os, so this is really just clean up.

Oliver Lowe

📘 Tutorials and Stories

Packages as Layers, Not Groups — Looking at your packages as layers is a step toward a hexagonal architecture and can clean up your code structure significantly.

Ben Johnson

How to Debug Go-Powered AWS Lambda Functions with Gebug — Go is a fantastic language for serverless use cases but local debugging can be a pain point. Here are some pointers that involve Gebug, a tool for debugging Dockerized Go apps.

Moshe Beladev

Non-Blocking Parallelism for Services in Go — Dubbed “The Tickler Pattern”, it’s a way to handle a queue using channels and semaphores that isn’t too complicated and won’t block the client adding work to the queue.

Peter Goldsborough

Cheerful, Collaborative Project Management — Some PM tools are too simple. Others, unwieldy and unpleasant. Clubhouse is nothing but good adjectives. Give us a try.

Clubhouse.io sponsor

▶  Go Pointers Explained, Once and for All — A simple, practical introduction to pointers in a 14-minute screencast covering their use in implementing stacks and heaps.

Junmin Lee

Errors vs. Exceptions in Go and C++ in 2020 — Subtitled “Why and how exceptions are still better for performance, even in Go”, this is a return to a study done in 2018 and the conclusions are consistent.

Raphael ‘kena’ Poss

But How, Exactly, Do Databases Use mmap? — A look through the BoltDB source code to understand how memory mapping can work in a database system. BoltDB, by the way, is a Go-powered key/value story inspired by LMDB.

Bruno Calza

🛠 Code & Tools

go-enry: A Faster File Programming Language Detector — When they say ‘faster’, they’re comparing to the Ruby-powered Linguist, as used by GitHub for its repo language detection.

go-enry

Goridge: A High-Performance PHP-to-Go IPC Bridge — Using native sockets in PHP and net/rpc in Go, this lets you call Go methods from PHP, if you so require.

Spiral Scout

Dragonboat 3.3: A High Performance Multi-Group Raft Library — Consensus algorithms (such as Raft) provide fault-tolerance by allowing a system to continue to operate as long as a majority of member servers are available. Here’s what’s new in 3.3.

lni

Video for Your Go App That Streams Beautifully, Everywhere

Mux sponsor

BFE: A Modern Layer 7 Load Balancer From Baidu — Baidu operates a popular Chinese search engine so they’re used to working at scale.

Baidu

wuzz: Interactive CLI Tool for HTTP Inspection — Think curl but with a text UI to show off request and response headers, manage params, etc.

Adam Tauber

💻 Jobs

Senior Software Engineer (Go) - 100% Remote, UK/EU Only — Solving complex technical challenges using the latest, cloud-native technologies to help Banks and FinTechs move money faster.

Form3

Find a Job Through Hired — Create a profile on Hired to connect with hiring managers at growing startups and Fortune 500 companies. It's free for job-seekers.

Hired

🥇 A Golden Oldie Revisited

termenv: Advanced ANSI Style and Color Support for Terminal Apps — Offers convenient methods to colorize and style output, without needing to deal with weird ANSI escape sequences and color conversions.

Christian Muehlhaeuser