Go Alternatives

Reviews and mentions

• Go 1.18 will embed source version information into binaries
  news.ycombinator.com | 2021-10-27

  It's true that most languages's build systems (nim, rust, autotools, makefiles, etc) are unsafe to execute if you do not trust them.

  Go does stand in contrast to this. `go get` and `go build` cannot execute arbitrary code, and if you use those two commands to build untrusted code, in theory your machine should still remain uncompromised. They release CVEs for any issues here (such as https://github.com/golang/go/issues/29231).

  Of course, if you run the code you compiled, that is unsafe, but just compiling it is supposed to be fine.

  news.ycombinator.com | 2021-10-27

  update: they missed implementing this and now go1.17 will be required to bootstrap go1.19+.

  https://github.com/golang/go/issues/44505#issuecomment-94259...

  news.ycombinator.com | 2021-10-27

  Versions after go1.4 up to 1.16 need to be built with 1.4. From 1.17 on, they need to be built with 1.16. See https://github.com/golang/go/issues/44505.

  reddit.com/r/golang | 2021-10-26

  Will this also fix https://github.com/golang/go/issues/29228? I hope it does.

• This Is Why You Should Learn Golang
  dev.to | 2021-10-27

  Golang is one of the youngest programming languages. Until this post is published, the current stable Golang version is 1.17.2. Besides that, it is considered a popular programming language amongst developers. It can be built and run on many platforms and environments (Sorry, Java), bundled with solid and supportive built-in packages, and many more.

• /u/HeMan_Batman's based/cringe list for 2021-10-26
  reddit.com/r/196 | 2021-10-25

  (This list is automatically posted once every 24 hours to ensure I never break the Rule ever again. Bot written using Go and run using AWS Lambda)

• Where do you learn about Go features?
  reddit.com/r/golang | 2021-10-25

  I subscribe to the review meeting minutes issue https://github.com/golang/go/issues/33502

  reddit.com/r/golang | 2021-10-25
• Now that x509.DecryptPEMBlock is deprecated, what do we use?
  reddit.com/r/golang | 2021-10-24

  You deprecate itself. They decided a while ago that this topic domain will no longer be in stdlib, though some support for pkcs8 exist in an xlib. https://github.com/golang/go/issues/8860

• Module Name Alias in go.mod
  reddit.com/r/golang | 2021-10-24

  There was this proposal which got rejected.

• Google had a plan called “Project NERA” to turn the web into a walled garden
  news.ycombinator.com | 2021-10-24

  Google's fingers are going deeper than just "web standards." Filippo Valsorda, the Go lead for security, was one of the authors of TLS 1.3.

  He has refused to allow for configuration of TLS 1.3 ciphers in Go: https://github.com/golang/go/issues/29349

  Thanks to this decision: if a particular cipher is found to be weak or vulnerable, people using Go won't be able to immediately disable it. Instead, they'll be forced to wait for a release or patch, and possibly have to backport it to the version they're running in production.

  Another scenario, as pointed out in that ticket: sometimes other vendors don't properly implement ciphers on their end, and there's an incompatibility. Prior to TLS 1.3, one could just disable that particular cipher, perhaps even just for a particular connecting client.

  His response was, paraphrasing: "TLS 1.3 is amazing and awesome and will not have the same problems prior TLS versions had. It needs to Just Work, if there's a security issue we'll issue a patch, and if you can't apply it in a timely fashion you're incompetent." He seems unaware that not everyone uses Google's "just roll it out to a few hundred nodes and keep an eye on them" approach to SRE, or that major organizations don't have time to wait for a patch - they need a quick switch flip until the patch is out and can pass their normal validation before moving to production.

• /u/HeMan_Batman's based/cringe list for 2021-10-24
  reddit.com/r/196 | 2021-10-23

  (This list is automatically posted once every 24 hours to ensure I never break the Rule ever again. Bot written using Go and run using AWS Lambda)

• Is there RSS for go.dev/blog?
  reddit.com/r/golang | 2021-10-22

  See also #47795

• Top 10 trending github repos of the week❤.
  dev.to | 2021-10-22

  Fully compatible with the Go language.

• Sync: ExampleWaitGroup includes an porn website url · Issue #48886 · Golang/go
  news.ycombinator.com | 2021-10-22