#go

The article explains how to drop privileges in Go programs after performing privileged operations like binding to low ports. It covers using syscalls to setuid/setgid, and handling supplemental groups and capabilities on Linux. The post also warns about common pitfalls such as thread-safety issues and the need to drop capabilities before forking.

A developer asks if it's worth building a new open-source test coverage aggregator in Go, citing frustrations with Sonarqube, Codecov's 50-user limit, and deprecated alternatives. They worry teams may not adopt a bare-bones tool limited to Python and JS.

NexusCortex is a sparse AI cortex built in Go, designed as an alternative to large language models like Opus 4.8. It uses a sparse architecture rather than dense neural networks, aiming for efficiency and performance in AI processing.

Pastaay is an open-source Go binary that performs chaos engineering across eight network protocols (HTTP, DNS, TCP, UDP, TLS, SSH, ICMP, WebSocket), allowing teams to intentionally inject failures and test system resilience with a single tool.

Go's net/http/httptrace package provides hooks to trace HTTP request lifecycle events, such as connection timing, DNS lookup, TLS handshake, and request/response duration, enabling detailed performance monitoring and debugging of HTTP clients.

Kefka is a Go-native shell sandbox that includes coreutils and Python running via WebAssembly. The article details the technical challenges and design decisions behind building this sandboxing tool.

Online Go Server is a free platform for playing the board game Go, offering both real-time and turn-based games against human or AI opponents across web and mobile interfaces.

Gochan is a Go library that provides reusable channel architectures—including oneshot, SPSC, SPMC, MPSC, MPMC, broadcast, and watch—inspired by Rust channels. It aims to reduce repetitive boilerplate when implementing common communication patterns across Go structs.

Go's error handling is often mishandled by teams who treat errors as mere values instead of building a coherent story. Good practices include wrapping errors with context, using sentinel errors carefully, and designing error types that aid debugging without tight coupling.

A minimal GPT implementation written in Go, optimized for educational understanding and trained on the works of Jules Verne.

A feature request has been opened for the Go programming language to add support for generic methods—functions with their own type parameters that are defined within non-generic types. Currently, Go only supports generic functions and generic types, and this proposal seeks to extend generics to methods on any type.

Posthorn is an open-source self-hosted email gateway that replaces a full mail server. It connects self-hosted apps to transactional email providers like Postmark, Mailgun, or Amazon SES, and accepts HTML form submissions with anti-spam features.

Hush is an open-source, self-hostable communication platform written in Go, designed as a Discord alternative using the OpenMLS protocol for secure messaging. It emphasizes privacy and user control over data through self-hosting.

The Little Go Book is a free, open-source guide to the Go programming language. It covers key topics like basic types, control structures, arrays, slices, maps, and concurrency, aimed at providing a concise introduction to Go.

A developer created a minimal rsync implementation in Go, avoiding memory-safety vulnerabilities like buffer overflows and use-after-free errors that affect the original C version. Go's strong typing, bounds checking, and garbage collection provide inherent security while maintaining performance.

Riscrithm is a Go-built tool that provides an intuitive RISC-V assembler and optimizer, designed to simplify assembly programming for the RISC-V architecture.

In a 2012 blog post, a Google engineer explains the philosophy behind the design of the Go programming language, arguing that reducing complexity in language features yields exponentially greater benefits for programmer productivity and code maintainability.

A developer built a minimal rsync in Go that avoids memory safety vulnerabilities common in the original C version. By using Go's type safety, garbage collection, and bounds checking, the implementation reduces security risks while maintaining performance.

WhatsKept is a Go-based tool that extracts WhatsApp chat history from an iOS backup, making it searchable and queryable by AI agents.

The author details how their Go-based rsync implementation avoids common vulnerabilities found in the original C version (like buffer overflows and symlink races) by leveraging Go's memory safety features. They highlight design choices such as avoiding unsafe code, using bounded types, and minimizing attack surface to achieve a safer file transfer tool without sacrificing compatibility.

Mvm is a high-performance virtual machine designed specifically for Go, aiming to provide faster execution and improved efficiency for Go programs.

A comprehensive guide covering key differences between Go and Rust, including memory management, error handling, concurrency models, and type systems. It provides practical migration advice for developers transitioning from Go to Rust, highlighting how to adapt to Rust's ownership model and borrowing rules while leveraging Rust's safety guarantees.

The author assesses 12 rsync vulnerabilities against his Go-based gokrazy/rsync. While both he and upstream missed some validation, Go's bounds-checking prevents memory corruption, and the minimal codebase avoids many attack surfaces. He concludes memory-safe languages and minimal implementations significantly reduce security risks.

The article presents a memory-safe implementation of rsync in Go, designed to avoid common vulnerabilities like buffer overflows and memory corruption that plague the original C version. By leveraging Go's type safety and garbage collection, the author created a minimal rsync clone that maintains core functionality while eliminating entire classes of security bugs.

The Go blog announced the availability of a new API for pkg.go.dev, allowing users to programmatically access package documentation, version history, and other metadata for Go modules hosted on the platform.

mvm is a fast virtual machine designed for Go, aiming to provide efficient execution for Go programs.

The Go blog announced the launch of the Pkg.go.dev API, which allows developers to programmatically query the Go package discovery site for package, module, and symbol information.

GobanFTP is a project that transforms the classic board game Go into an experience played through FTP directory listings, allowing moves to be made by navigating and creating files and folders in a file system interface.

The Go team announced a new public API for pkg.go.dev, allowing developers to programmatically access package documentation and version metadata. The API provides endpoints for fetching package details, version lists, and module information, enabling integration with external tools and workflows. This release aims to improve automation and tooling around Go module discovery.

Codeep.dev is a tool that allows users to deeply explore and analyze codebases, providing insights into code structure, dependencies, and implementation details. It helps developers navigate and understand complex code more effectively.