| |
| 🔗 Stories, Tutorials & Articles |
| |
|
| |
| Supply chain security for Go: Compromised dependencies |
| |
| |
The rise in supply chain attacks on software has made it crucial for open-source developers using Go to monitor and assess the risks of their dependencies. Go provides built-in protections to help trust the integrity of packages, including the ability to detect and prevent malicious versions or withdrawals of dependencies. |
|
| |
|
| |
|
| |
| Database abstractions for Golang |
| |
| |
Assembled, a company that has been using Golang as its exclusive backend language since 2018, has developed three abstractions to address the challenges of database access in Golang. These abstractions include an interface for sharing code between single- and multi-row getters, a helper method to handle errors and close rows when scanning from the database, and an interface for sharing code between transactions and non-transactions. These abstractions improve query performance, ensure proper handling of database connections, and facilitate code reuse in different contexts. |
|
| |
|
| |
|
| |
| python 🤝 `defer` |
| |
| |
Python has a library called sorcery that allows the implementation of per-scope finalizers similar to Go's defer statement. This library utilizes AST rewriting and live compilation techniques to achieve the desired behavior without the need for decorators or excessive indentation. |
|
| |
|
| |
|
| |
| How Big Should a Programming Language Be? |
| |
| |
| Programming languages have a tendency to grow in size over time, making them more difficult to use reliably. This growth is driven by the desire to add new features and solve specific problems, but it comes at the cost of increased complexity and cognitive load for users. |
|
| |
|
| |
|
| |
| Rust Module System Encourages Poor Practices (Comparing to Go) |
| |
| |
| Rust's design of crates and modules, with the ability to have cyclic dependencies and organize modules as a tree within a crate, promotes the growth of large crates rather than encouraging the use of numerous reasonably-sized crates. In contrast, Go's design of packages and files, with acyclic dependencies and a flat directory structure, naturally discourages the creation of large packages and makes it easy to manage multiple packages. This difference in design choices affects code organization and compilation speed, ultimately leading to better-designed systems in Go compared to Rust. |
|
| |
|
| |
|
| |
| From 26 Minutes to 20 Seconds: Using pprof to optimize large GraphQL Operations in Go ✅ |
| |
| |
The open-source GraphQL engine, graphql-go-tools, used by WunderGraph, experienced a significant performance difference when a customer routed a mutation through their gateway built on top of graphql-go-tools. While the mutation took around 1 minute when executed directly against their GraphQL servers, routing it through the gateway resulted in approximately 70 minutes. Investigation revealed that the performance issue was caused by handling a large bulk operation with 70,000 input items, and a workaround was found by moving the data to the variables JSON. By implementing optimizations for JSON encoding and input value injection, the execution time of the operation was drastically reduced from 26 minutes to 150 milliseconds, impressing the customer with a 98.71% improvement. Additionally, using the gateway proved faster than executing the mutation directly against the GraphQL server due to the optimized parser and normalization engine of graphql-go-tools. |
|
| |
|
| |
|
| |
| Time is not a synchronization primitive |
| |
| |
Using time as a synchronization mechanism in programming can lead to flaky and unreliable code, causing tests, scripts, and applications to break randomly. Instead, it is recommended to use proper synchronization mechanisms like channels to ensure the desired state. To discourage the use of time.Sleep in tests, a tool called nosleep is introduced as a Go linter that fails the code if it detects the presence of time.Sleep. However, if there is a genuine need to use time as a synchronization method, a magic command "//nosleep:bypass" can be added with a valid reason to override the linter's check. |
|
| |
|
| |
|
| |
| Using a Golang package in Python using Gopy |
| |
| |
To statically validate PromQL queries in a Python-based CLI tool, the author faced a challenge of finding a suitable Python package. Instead, they decided to use VictoriaMetrics's MetricsQL parser, an open-source TSDB similar to Prometheus. To incorporate Go code into the Python project, they utilized Gopy, a popular library that compiles Go code into a Python module, simplifying the process for Python developers unfamiliar with Go and C. |
|
| |
|
|
| |
|
| |
| AutoML pipeline for tabular data on VertexAI in Go |
| |
| |
Automated Machine Learning (AutoML) has revolutionized the machine learning model development process by automating various stages of the pipeline, eliminating manual labor, and making it faster and more accessible. With AutoML, developers and data scientists can accelerate model development, democratize machine learning, and focus on higher-level tasks and domain-specific challenges. |
|
| |
|
| |
|
| |
| Announcing GoReleaser v1.19 — the big release |
| |
| |
GoReleaser's latest release includes almost 200 commits, introducing features like Nixpkgs support, Winget manifest generation, and pull request integration with Homebrew, Krew, and Scoop. It also includes security improvements, deprecations, template enhancements, and bug fixes, making it a comprehensive update for Go developers. |
|
| |
|
| |
|
| |
| Code Review: Should the Go project stop importing PRs? |
| |
| |
|
| |
|
| |
|
| |
| The Tragic Death of Inheritance ✅ |
| |
| |
After years of advocating for inheritance in programming, the author eventually realized the benefits of composition over inheritance, particularly in terms of code duplication and readability. They explain the differences between the two paradigms and provide examples to support their argument. |
|
| |
|
| |
