Best of GolangFebruary 2026

  1. 1
    Article
    Avatar of golangGo·14w

    Using go fix to modernize Go code

    Go 1.26 introduces a completely rewritten `go fix` command that automatically modernizes Go codebases by identifying opportunities to use newer language features and library functions. The tool includes dozens of analyzers (like replacing `interface{}` with `any`, using `min`/`max` functions, and adopting `strings.Cut`) and can be run across entire projects with `go fix ./...`. Built on the Go analysis framework, it supports synergistic fixes where applying one modernization creates opportunities for others. The post also previews a self-service paradigm allowing developers to define custom modernizers for their own APIs through annotation-driven inlining and dynamically loaded analyzers.

  2. 2
    Article
    Avatar of bitfieldconsultingBitfield Consulting·14w

    Go the right way: the Zen of Go coding — Bitfield Consulting

    Ten principles for writing high-quality Go code: structure code as reusable packages, write comprehensive tests, prioritize readability, design safe-by-default APIs, wrap errors properly, avoid mutable global state, use structured concurrency sparingly, decouple from environment specifics, handle errors gracefully, and log only actionable information. Emphasizes making code work first, then refactoring for quality while keeping maintenance in mind.

  3. 3
    Article
    Avatar of einenlumEinenlum - Coding amongst alpacas and pinball machines·16w

    Git Shitstorm: How to Make Any Developer Lose Their Mind

    A developer created a prank tool called Git Shitstorm that silently corrupts Git history by randomly inserting code changes from the repository. The tool works by aliasing the git command and acting like Russian roulette—90% of the time it does nothing, but 10% of the time it selects random files, authors, and code snippets to inject into commits. Implemented in Go for speed, it adds minimal latency (under 100ms) making it nearly undetectable. The author emphasizes this is for educational and entertainment purposes only, warning against using it maliciously on coworkers' repositories.

  4. 4
    Article
    Avatar of trendyoltechTrendyol Tech·13w

    Debugging a Go Memory Leak: From OOM to Stable with pprof

    A real-world walkthrough of diagnosing and fixing a Go memory leak that caused OOM crashes in a Kafka consumer service. Covers Go memory fundamentals (stack vs. heap, GC tricolor algorithm, TCMalloc-based arenas), then details two concrete fixes: using Uber's automaxprocs to correctly set GOMAXPROCS in Kubernetes containers, and using pprof heap profiling to identify two root causes — repeated time.LoadLocation disk reads fixed with sync.Once, and a memory leak in the Confluent Kafka Go library resolved by switching to the Segmentio kafka-go package, reducing memory from hundreds of MB to a stable 25 MB.

  5. 5
    Article
    Avatar of golangGo·12w

    Allocating on the Stack

    Go 1.25 and 1.26 introduce compiler optimizations that move slice allocations from the heap to the stack, reducing garbage collector pressure and improving performance. In Go 1.25, variable-sized make calls with small enough sizes are automatically backed by a 32-byte stack buffer. In Go 1.26, append-allocated slices also get a small speculative stack-allocated backing store, avoiding the startup-phase heap allocations (sizes 1, 2, 4, etc.). Additionally, for escaping slices, Go 1.26 automatically inserts a runtime.move2heap call so intermediate allocations stay on the stack and only one final heap allocation of the correct size is made. These changes reduce heap allocations and GC overhead without requiring code changes.

  6. 6
    Article
    Avatar of socketdevSocket·12w

    Malicious Go “crypto” Module Steals Passwords and Deploys Re...

    Socket's Threat Research Team discovered a malicious Go module, github.com/xinfeisoft/crypto, impersonating the legitimate golang.org/x/crypto package. The backdoor was inserted into ssh/terminal/terminal.go's ReadPassword function, which captures passwords, exfiltrates them to attacker-controlled infrastructure, and executes a remote shell stager. The stager adds an SSH key for persistence, weakens iptables firewall rules, and downloads two disguised payloads — one of which is confirmed as the Rekoobe Linux backdoor linked to APT31. The module used GitHub Raw as a rotating C2 pointer to avoid republishing. The Go module proxy now blocks the package with a 403 SECURITY ERROR after Socket's report. Defenders are advised to treat go.mod changes as security-sensitive, use dependency scanning in CI, and watch for curl|sh execution, authorized_keys modifications, and iptables policy changes.

  7. 7
    Article
    Avatar of freecodecampfreeCodeCamp·14w

    Build a Production-Ready Pipeline with Docker, CI/CD & Hostinger

    A comprehensive 4-hour video course teaches how to containerize a full-stack React, Go, and MongoDB application using Docker and Docker Compose. The tutorial covers creating separate development and production environments, pushing images to DockerHub, deploying to Hostinger both manually and through terminal, and setting up automated CI/CD deployment using GitHub Actions. The course progresses from local development through containerization to production deployment with automated pipelines.

  8. 8
    Article
    Avatar of frontendmastersFrontend Masters·13w

    How I Setup Production-Grade Deployment for My (Somewhat) Vibe-Coded App – Frontend Masters Blog

    The CEO of Frontend Masters shares how he built and deployed Goalzi, a social goal-setting app written in Go, using a production-grade AWS stack. The app was built with Go's standard library and AI assistance (Cursor) for the finishing touches. The deployment pipeline uses AWS App Runner, ECR, SSM Parameter Store for secrets, SES for email, Supabase for Postgres, and Route 53 for DNS. A single `make deploy` command runs tests, applies SQL migrations via a one-off Docker container, builds a multi-stage Docker image tagged with the git SHA, and pushes to ECR. Key practices covered include proper IAM scoping, secrets management via SSM, environment-consistent migrations, syncing production data locally, and configuring SES with DKIM/SPF/DMARC for reliable email delivery.

  9. 9
    Video
    Avatar of TechWithTimTech With Tim·14w

    Go Programming - Full Course

    A comprehensive beginner-to-intermediate Go programming course covering language fundamentals including data types, variables, binary numbering systems, static typing, compilation, and basic syntax. The course explains Go's design philosophy (performance with simplicity), its use cases (backend services, CLI tools, cloud services), and core concepts like signed/unsigned integers, type casting, and implicit vs explicit variable declaration. Includes practical setup instructions and hands-on examples.

  10. 10
    Video
    Avatar of t3dotggTheo - t3․gg·13w

    The Future of TypeScript

    TypeScript 6 is now in beta and serves as a bridge to TypeScript 7, which rewrites the compiler in Go for dramatically faster type checking (10x+ performance gains). TypeScript 6 focuses on cleaning up legacy baggage, aligning with the Go-based compiler, and improving defaults: strict mode is now on by default, module defaults to ESNext, ES5 target is deprecated, AMD/UMD/SystemJS module resolution is deprecated, and baseURL is replaced with better path handling. TypeScript 7 (the Go rewrite) is already available as a native preview with full LSP support including code completion, go-to-definition, and find-all-references. The TypeScript team's philosophy has shifted from adding features to improving error clarity, performance, and agent-friendliness. The Go choice over Rust is justified by shared-memory multi-threading support and garbage collection being irrelevant for compiler workloads.

  11. 11
    Article
    Avatar of phoronixPhoronix·13w

    Intel Formally Ends Four Of Their Go Language Open-Source Projects

    Intel has formally discontinued four of its Go language open-source projects, archiving them as part of a broader wave of Intel open-source project sunsets. This follows a recent trend of Intel winding down various open-source initiatives.

  12. 12
    Article
    Avatar of hnHacker News·13w

    micasa — your house, in a terminal

    micasa is an open-source terminal UI application for tracking everything related to home ownership — maintenance schedules, projects, appliances, vendors, quotes, incidents, and documents. All data is stored in a single local SQLite file with no cloud, no account, and no subscription required. Built with Go, it features vim-style modal keyboard navigation inspired by VisiData, and is available for Linux, macOS, and Windows on amd64 and arm64.

  13. 13
    Article
    Avatar of jetbrainsJetBrains·15w

    [New Livestream] Go 1.26 Release Party

    JetBrains is hosting a livestream celebrating Go 1.26's release. Anton Zhiyanov will demonstrate the new features through live coding and practical examples, followed by Alex Rios showing how GoLand supports the latest release. The event combines technical insights, hands-on demonstrations, and community discussion about what's new in Go 1.26 and its real-world impact.

  14. 14
    Article
    Avatar of newstackThe New Stack·15w

    Memory-Safe Jule language emerges as C/C++ alternative

    Jule is an emerging open source systems programming language designed as a memory-safe alternative to C/C++. It combines Go's simplicity with C-level performance, offering first-class C/C++ interoperability and compile-time safety features. The language uses an immutable-by-default model, compiles to C++ as an intermediate representation, and performs runtime checks for boundary violations while adding static compile-time analysis. Though still in beta since 2022, Jule addresses growing government and industry demands for memory-safe languages in critical infrastructure. Analysts note it lacks standardization and tooling for enterprise adoption but praise its technical approach to balancing safety, performance, and simplicity.

  15. 15
    Article
    Avatar of collectionsCollections·15w

    Go 1.26 Released: Enhanced Performance and New Features

    Go 1.26 introduces the Green Tea garbage collector (10-40% GC overhead reduction), 30% faster cgo calls, and self-referencing generic types. The release adds experimental SIMD support, stack allocation improvements for slices, and new cryptography packages (crypto/hpke, crypto/mlkem). Security enhancements include a runtime/secret package for secure memory handling and randomized heap base addresses for WebAssembly. Additional features include a rewritten 'go fix' command with modernization analyzers and experimental goroutine leak profiling.

  16. 16
    Article
    Avatar of collectionsCollections·13w

    TypeScript 6 Released: Transition for Upcoming Go Compiler Rewrite

    TypeScript 6 has entered beta as a transitional release preparing the ecosystem for TypeScript 7's full compiler rewrite in Go. Key changes include strict mode enabled by default, ES modules (esnext) as the default module resolution, and an updated compilation target of es2025. Several legacy features are deprecated: ES5 targets, AMD/UMD module systems, baseUrl configuration, and out-file bundling. Developers are advised to upgrade now to resolve deprecation warnings and ensure a smoother migration path to the upcoming Go-based compiler.

  17. 17
    Article
    Avatar of ardlbsArdan Labs·15w

    Query Database Using Plain English

    Build a natural language database query system in Go using LLMs. The tutorial demonstrates a two-step architecture: first prompting an LLM to generate SQL from plain English questions, then querying the database and having the LLM format results into natural language answers. Uses Kronk model server (OpenAI-compatible) with the Ministral model, DuckDB for data storage, and includes complete working code with prompt engineering examples for converting user questions into SQL queries and formatting database results.

  18. 18
    Article
    Avatar of helixmlHelixML·13w

    How We Forked Zed to Run a Fleet of Headless Coding Agents

    Helix forked the Zed code editor to run fleets of headless coding agents inside Docker containers, controlled via a WebSocket protocol connecting a central Go API to each Zed instance and an LLM via the Agent Control Protocol (ACP). The post details three bugs encountered: multi-message accumulation (overwrite vs. append semantics), a completion hang caused by session-level event rejection logic, and garbled text from byte vs. UTF-16 offset mismatches in patch-based streaming. It also covers a streaming performance optimization that reduced wire traffic from O(N) full-payload sends to O(delta) patches, achieving roughly a 5000x reduction per update for long responses, plus throttling on both the Go and Rust sides to reduce redundant events.

  19. 19
    Article
    Avatar of filippoFilippo Valsorda·13w

    Turn Dependabot Off

    Dependabot generates excessive noise by opening PRs for vulnerabilities that don't actually affect your code, causing alert fatigue and discouraging proper security triage. Using a real case study—a filippo.io/edwards25519 security fix that triggered thousands of irrelevant PRs—the author argues for replacing Dependabot with two scheduled GitHub Actions: one running govulncheck (which uses static analysis to filter alerts to only reachable vulnerable symbols), and one running CI against the latest dependency versions. This approach eliminates false positives, reduces supply chain risk by not auto-merging updates, and ensures security alerts are actionable rather than routine noise.

See all Golang archives