A proposal from JLLeitschuh argues that net.IP.IsPrivate (and its netip.Addr counterpart) keeps getting pressed into service as an SSRF check across the ecosystem, and wants the semantics extended and the docs sharpened so people stop reaching for the wrong tool. Given how often this pattern shows up in real codebases, the discussion is the one to follow. On the writing side, a three-month deep dive into building a PDF engine from scratch walks through what pprof, the allocator, and four optimisation passes actually teach you about Go. It is the kind of post that justifies its length. Elsewhere, a thread asks whether Go's HTTP/1.1 handling is exposed to the current wave of request-smuggling concerns, and a piece on graceful shutdown compares four approaches from naive to full traffic draining.
A proposal from JLLeitschuh argues that net.IP.IsPrivate (and its netip.Addr counterpart) keeps getting pressed into service as an SSRF check across the ecosystem, and wants the semantics extended and the docs sharpened so people stop reaching for the wrong tool. Given how often this pattern shows up in real codebases, the discussion is the one to follow.
On the writing side, a three-month deep dive into building a PDF engine from scratch walks through what pprof, the allocator, and four optimisation passes actually teach you about Go. It is the kind of post that justifies its length.
Elsewhere, a thread asks whether Go's HTTP/1.1 handling is exposed to the current wave of request-smuggling concerns, and a piece on graceful shutdown compares four approaches from naive to full traffic draining.
Proposal Details Summary net.IP.IsPrivate (and the matching method on netip.Addr ) is repeatedly misused across the Go ecosystem as the basis for SSRF
Hey r/golang, A while back I posted about GoPdfSuit a PDF engine I was building to push my Go skills beyond the CRUD work I normally do. The support from this sub kept me motivated, and the project is
I've often learned to write better code by working with constrained machines like microcontrollers and I credit my ability to write efficient programs in the first place to my experience working with
Hi there, I've started learning go and I'm actually interested in game dev, so my question is what games have you built with go. Need inspiration.
Upstream HTTP/1.1 is inherently insecure, and routinely exposes millions of websites to hostile takeover. Join the mission to kill HTTP/1.1 now
I built an autonomous SRE system where a local LLM diagnoses production incidents, proposes a fix,...
Comparing four graceful shutdown approaches in Go, from naive implementations to traffic draining. Continue reading on Stackademic »
Our API response times were sitting at 1–2 seconds p95. Continue reading on Medium »
Fast finite-field arithmetic for Bitcoin research Continue reading on Medium »
How raven-onnxruntime uses purego to call the ONNX Runtime C API from Go, avoiding CGO dependencies and simplifying cross-compilation and… Continue reading on Medium »
When your system faces memory issues (OOM Killer), is it CPU usage or memory allocation you should inspect first?
Is golang []interface{} cannot be function parameter? Helpful? Please use the Thanks button above! Or, thank me via Patreon: ...
How cc-skills-golang extends Claude Code with on-demand Go expertise.
Create an API with Go (Golang) ⚡ Want to build fast, scalable, and production-ready backend applications? Learn how to ...
Stop Hiring Full-Time Golang Developers (Do This Instead) golang staffingagency shorts.
An HTTP toolkit for security research.
JuiceFS is a distributed POSIX file system built on top of Redis and S3.
MinIO is a high-performance, S3 compatible object store, open sourced under GNU AGPLv3 license.
GOWA - WhatsApp REST API with support for UI, Multi Account, Webhooks, and MCP, and Chatwoot. Built with Golang for efficient memory use.
Add fort to Security section trigger CI re-run re-run CI: pkg.go.dev now indexed
🔥 Replaced the fixed Windows callback table in the golang runtime with a growable design. No limits, smaller binaries, and 6,000 lines of auto‑generated assembly gone. go.dev/cl/788700
The best Go stories from across the community, ranked and delivered weekday mornings. Free, no spam.