Govulncheck is a command-line tool that helps Go users find known vulnerabilities in their project dependencies. The tool can analyze both codebases and binaries, and it reduces noise by prioritizing vulnerabilities in functions that your code is actually calling.
I’ve been using this to execute Go “scripts” in CI pipelines where Bash just doesn’t cut it. It’s an interpreter for Go. It can be used to treat Go code like a “script,” rather than a compiled application. It is also able to be imported into a Go program and used to load up Go code dynamically at run time (think...
Go 1.21 RC released today. Some really interesting new additions. I'm pretty excited to see the map and slice package additions that contain a lot of generic methods. Will be nice not to have to maintain my own going forward.
Always interesting to hear different points of view on this subject. Personally I think mocks make sense to capture complex sets of interactions or otherwise difficult to reach error conditions, so I don't think it's a do or do-not kind of thing.