What’s your favorite library in #Go#Golang for web authentication? Or any other recommendation to implement it (like std lib or just a JWT one etc).
Ideally it supports classic credentials, 2FA and passkeys. Bonus for OAuth providers that you can extend (if it does not support Mastodon out of the box for example).
2010 - my first encounter with Spring. Did that professionally until 2019.
2019-2023 - Discovered Go and it became my daily driver.
2022-2023 - Picked up Java again, via Quarkus. Enjoyed it a lot, but still kept pushing for Go.
2024 - Reunited with Spring Boo. Had to admit that Go is a dead-end for the things im working on.
Go is fantastic, but not great for the good old monolithic line-of-business apps on our agenda.
Great blog post about Optimizing SQLite for servers by Sylvain. It’s mostly focused on #golang, but my #Django commit for IMMEDIATE transactions is also mentioned!
If #xz were a Go or Rust dependency, you wouldn’t have a single copy of xz library on your system, but many, #xzbackdoor hidden in every executable that uses it. Distros would have to rebuild all packages using that lib (not just the lib itself), which could take days or weeks, and users would have to update them all, downloading tens or hundreds of megabytes.
If you install binaries directly from vendors/devs, it’s even worse – you wouldn’t even know which ones are affected and you’d (1/3)
I was going to make a nasty April’s Fool about Google dumping the Go language, but then I read about it pulling the plug on its Podcasts app, and was like, f*ck, they might actually do it. So, no jokes today ;)
A cybersecurity researcher finds that 20% of software packages recommended by GPT-4 are fake, so he builds one that 15,000 code bases already depend on, to prevent some hacker from writing a malware version.
Disaster averted in this case, but there aren't enough fingers to plug all the AI-generated holes 😬
I am so glad that Java didn’t fully commit to that route (despite the whole reactive jumbo-jumbo), and is now slowly getting the green threads it should have introduced a decade ago.
I’m making my own #ActivityPub server in #Golang. Today, a big achievement: received a Follow, sent an Accept this Follow which was accepted. That might not sound like much, but behind the scenes there were so parts needed to get this to work: WebFinger, verifying http messages, parsing Activity Streams objects, processing the request, generating and signing the http response.