Supply chain integrity with GoReleaser using Go mod proxy

Since the infamous SolarWinds attack, supply chain integrity is something a lot of people are discussing and working on. In this post we’ll see how we can verify a binary built with Go is indeed what it says it is. Building from Go mod proxy Using go install The easiest way...

Configuration (and configuration files) is not and cannot be generic

Some of my views on using YAML for human-written configuration files

Go keeps surprising me with its careful design and specification

Common Anti-Patterns in Go Web Applications

At one point in my career, I was no longer excited about the software I was building. My favorite part of the job were low-level details and complex algorithms. After switching to user-facing applications, they were mostly gone. It seemed programming was about moving data from on...

The Ultimate Channel Abstraction

Author(s): Changkun Ou Permalink: https://golang.design/research/ultimate-channel Recently, I have been rethinking the programming patterns regarding graphics applications, and already wrote a 3D graphics package in Go, called polyred. While I was designing the rendering pipelin...

Anonymous ("transparent") structures are a good thing in programming languages

Learning that you can use unions in C for grouping things into namespaces

Multi-platform Docker images with GoReleaser, Podman and GitHub Actions

A few months ago, I published a post on Multi-platform Docker images with GoReleaser and GitHub Actions. Today’s post has the same idea, but using Podman instead of Docker. The main advantage of Podman is that you can run in rootless mode (e.g. inside a container) and that...

How Go maps store their values (and keys)