Podcasts about golang

Security releases

Conference videos

Meetups and Conferences

What gives some people the courage to say yes without hesitation and dive headfirst into opportunities without overthinking—and to turn brave experiments and into daring adventures?That seemingly fearless spirit is exactly how our guest today built her amazing life. At just 19, using her own savings from various buy-and-sell side hustles in college, she founded Access Travel, now a luxury travel company crafting personalized experiences for clients in over 100 destinations worldwide in the last 14 years. An IE University Madrid graduate with a Master's in Customer Experience & Innovation, she was also named one of Cosmopolitan Philippines' 2024 Women of Influence.She's delivered a TED Talk on courage, authored a children's book called Meet the World, and hosts the Life in Progress podcast. Her online community loves her for keeping it real—sharing both her wins and her struggles—and she's even frozen her eggs to free herself from the pressure of a ticking biological clock. Angely proves you can design your own path without waiting for anyone's permission. Here, she shares how to unleash your inner go-getter and find the audacity to “Go Lang Nang Go!”For any collaboration, brand partnership, and campaign run inquiries, e-mail us at info@thepodnetwork.com.

What gives some people the courage to say yes without hesitation and dive headfirst into opportunities without overthinking—and to turn brave experiments and into daring adventures?That seemingly fearless spirit is exactly how our guest today built her amazing life. At just 19, using her own savings from various buy-and-sell side hustles in college, she founded Access Travel, now a luxury travel company crafting personalized experiences for clients in over 100 destinations worldwide in the last 14 years. An IE University Madrid graduate with a Master's in Customer Experience & Innovation, she was also named one of Cosmopolitan Philippines' 2024 Women of Influence.She's delivered a TED Talk on courage, authored a children's book called Meet the World, and hosts the Life in Progress podcast. Her online community loves her for keeping it real—sharing both her wins and her struggles—and she's even frozen her eggs to free herself from the pressure of a ticking biological clock. Angely proves you can design your own path without waiting for anyone's permission. Here, she shares how to unleash your inner go-getter and find the audacity to “Go Lang Nang Go!”For any collaboration, brand partnership, and campaign run inquiries, e-mail us at info@thepodnetwork.com.

The message is everywhere: LLMs are here to make us 10x more productive and change software development forever. Venture capitalists are pouring billions into the vision, and big tech companies are pushing hard for us to adopt the tools. But as a software engineer who's seen the demos and lived the reality, something feels profoundly wrong.This week, I'm taking a step back to reflect on the current state of our industry. We'll explore the inconvenient truth that often gets lost in the hype: that relying on AI can sometimes make us slower, introduce more technical debt, and even erode the fundamental skills that make us valuable.But maybe the real problem isn't the technology itself. Maybe it's that we're looking for a quick fix for a deeper issue. Join me as we discuss what really drives developer productivity, the crucial importance of domain knowledge, and whether anyone is even considering the quality of life for the people building our systems.Because while the "going from 0 to 1" demo is impressive, our jobs are about maintaining complex systems from 1 to 1000. And maybe, just maybe, an agentic flow that doesn't care about our codebase isn't the real solution we need.p.s. And yes, I used LLM to improve my description draft ;)

Thanks Gabriel Augendre for guest co-hosting this episode!Visit cupogo.dev for all the links.

Go 1.25.1 and Go 1.24.7 are released

Segurança em Go não é só "rodar um scanner e rezar". Neste episódio, nós destrinchamos como escrever Go com cabeça de atacante: governança de dependências (e os perigos do type‑squatting), revisão de go.mod, uso criterioso da Standard Library e por que não usar latest em imagens. Também conectamos tecnologia com processo: repositórios privados, políticas de aprovação e pipeline que barra regressão antes do deploy.A conversa nasce de casos reais: do typo em (GHCR vs GHRC) que captura credenciais até a confusão com pacotes falsos tipo BoltDB look‑alike. Discutimos supply chain ponta a ponta, cache do Go Proxy, licenças (quando fugir de GPL) e boas práticas para autenticação.E claro, vamos além do código: SBOM no build, assinatura e verificação de imagens, OPA/Admission Control para políticas em Kubernetes, capabilities mínimas e validação de entradas com timeouts bem definidos. É papo prático, com nosso humor de sempre, para deixar segurança como padrão — não como tarefa de último minuto.Links Importantes: - Marcelo Pires - https://www.linkedin.com/in/marcpires/ - Matheus Faria - https://www.linkedin.com/in/matheusfm/ - João Brito - https://www.linkedin.com/in/juniorjbn - Assista ao FilmeTEArapia - https://youtu.be/M4QFmW_HZh0?si=HIXBDWZJ8yPbpflM - Post sobre ghrc.io - https://www.linkedin.com/posts/juniorjbn_someone-is-typosquatting-ghrcio-not-github-activity-7364387040618045441-UB88/ - Typosquat - https://devops.com/typosquat-supply-chain-attack-targets-go-developers/ - https://go.dev/doc/tutorial/govulncheck - vuln.go.dev - https://github.com/anchore/syft - https://github.com/anchore/grype - https://github.com/google/capslock - https://github.com/aquasecurity/trivy - LFD121 - https://training.linuxfoundation.org/training/developing-secure-software-lfd121/ - https://deps.dev/ - https://devops.com/typosquat-supply-chain-attack-targets-go-developers/Participe de nosso programa de acesso antecipado e tenha um ambiente mais seguro em instantes! https://getup.io/zerocve

Let's talk with a friend of the pod, John Arundel. We talk about state of thing a little regarding Go's maturity, a bit of AI, I personally am a bit fatigue of the noise and "agent". The podcast is returning slowly. , John has written a new Go book that's beginner-friendly, but goes deeper than you'd expect, he produce excellent learning and training resources.Links:The Deeper Love of GoJohn's newsletter

This episode is sponsored by Boldly Go! Need fractional Gophering work? Visit boldlygo.tech.For everything Cup o' Go, incl. swag, Patreon, past episodes, and more, please visit our website.GopherCon 2026 location pollGopherCon IndiaGOMAXPROCSCourse: "Introducing Command Line Applications in Go"SQLite benchmarks ★ Support this podcast on Patreon ★

Go 1.25 is released

Visit https://cupogo.dev/ for all things Cup o' Go![security] Go 1.24.6 and Go 1.23.12 are releasedMicrosoft build of Go Telemetry – Helping Us Build Better ToolsGo Assembly Mutation TestingGitLab catches MongoDB Go module supply chain attackBreak:John's streaming again on TwitchGeorge Adams interviewMicrosoft devblogs  ★ Support this podcast on Patreon ★

Jon's gone fishing, Shay's gone camping, so the community took the time to optimize all the things :)https://cupogo.dev/ for all the links and details! This show is supported by you, and there are many ways to support the show (directly and indirectly). Thanks for listening!Meetup roundupJamie Tanna - Hands on dependency workshop @ FatsomaFyne Conf 2025 exclusive CFPGo South AfricaGopherCon UKGopherConGopherCon IndiaGolab (Florence, Italy)GoWest, as previously mentioned on the showGophercon AfricaProposal moved to Active: http3Datadog's blogpost: How Go 1.24's Swiss Tables saved us hundreds of gigabytesTurso's blogpost: We rewrote large parts of our API in Go using AI: we are now ready to handle one billion databasesDaniel Harp's ^ throw operatorAhmet Alp Balkan's blogpost: Kubernetes List API performance and reliability ★ Support this podcast on Patreon ★

Go 1.24.5 and Go 1.23.11 are releasedGo 1.25 Release Candidate 2 is released

vscode-go v0.48.0 released with golangci-lint v2 supportgolangci-lint v2 showcase and interview with Ldez, episode 104LookPath bug: incorrect expansion of "" and "." in some PATH configurations

ngrok Go SDK v2 released

Go 1.25rc1 releasedOpinion: Go should be more opinionated by Elton MinettoBlog: HTTP QUERY and Go by Kevin McDonaldInterview with Redowan DelowarBlog post: You probably don't need a DI frameworkBlogFx dependency injection framework for GoBlog: How I program with agents ★ Support this podcast on Patreon ★

Don't forget to visit cupogo dot dev, where you can find links to all the things!

Go 1.24.4 and 1.23.10 releasedCommit 4d1c255: net/http: strip sensitive proxy headers from redirect requests

Go is used by multiple programmers and software engineers. Lots of path can lead to want to try Go, and this week I talk with Yann whom eventually found Go and talks about his experiences writing internal tools at his company.Links:HuploadYBFeed

This episode was sponsored by Elastic! Elastic is the company behind Elasticsearch, they help teams find, analyze, and act on their data in real-time through their Search, Observability, and Security solutions. Thanks Elastic! This episode was recorded at Elastic's offices in San Francisco during a meetup.Find info about the show, past episodes including transcripts, our swag store, Patreon link, and more at https://cupogo.dev/.

Go gets auditedBlog: Go Cryptography Security Audit by Roland Shoemaker and Filippo ValsordaDeeper dive into FIPS in Episode 89 with Alex Scheel✋ Proposal declined: x/exp/xiter: new package with iterator adapters⛺ Gophercamp video: Your code deserves better: give it a linter by Gabriel Augendre

Go Meetup in San Francisco - Sponsored by Elastic & Cup o' GoIan Lance Taylor leaves the Go teamBlog: wget to Wipeout: Malicious Go Modules Fetch Destructive PayloadBlog: Security: The Habits That Matter Most by Christoph Berger⚡ Interview with Kevin Hoffman of SparkLogsSparkLogs.comSparkLogs on DiscordKevin on LinkedInKevin by email ★ Support this podcast on Patreon ★

Thanks for listening. Check out all the links to all the things at https://cupogo.dev/.GCC 15.1 Released With Support For COBOLos: Root permits access to parent directoryGOOS=noneThe "most ergonomic" config libraryGo Meetup in San Francisco - Sponsored by Elastic & Cup o' GoLinkedIn s**tpostingLightning round"you are an expert go developer"Build your own ResponseWriter: safer HTTP in Go ★ Support this podcast on Patreon ★

Conferences and meetups

April is a senior developer advocate and DevOps practice lead for GitHub, specializing in application transformation and DevOps ways of working. Her focus is working on Microsoft Azure to take customers on a journey from legacy technology to serverless and containers, where code comes first, while enabling them to take full advantage of DevOps. April was previously a cloud consultant and solution architect for various partners in the UK and brings her years of experience in helping customers plan their journey. She also serves as a Hashicorp Ambassador, dedicating much of her time to working with infrastructure as code (IaC). She enjoys making Azure and its features more accessible. Her technical expertise includes PowerShell, Golang, and occasionally TypeScript and C#. In her free time, April enjoys outdoor activities such as hiking, skiing, and scuba diving. Additionally, she is a triathlete who competes in Ironman and Half Ironman events.   Topics of Discussion: [1:57] April's career journey — from U.S. data center outages and 72-hour shifts to discovering cloud and automation after relocating to the U.K. [3:53] How an early Azure migration in 2013 ignited her passion for infrastructure as code and DevOps. [5:33] GitHub's evolution into a full end-to-end enterprise platform, with a major focus on security, scalability, and developer productivity. [6:51] Code Spaces: VS Code in the cloud with 60 hours free per user — solving compute and environment parity issues across teams. [10:00] GitHub's internal use of Code Spaces: every GitHub employee (aka “Hubber”) uses it to work on the github.com codebase. [12:29] Code Spaces' advantages in lab and hackathon settings, including speed, security, and reliability. [13:55] Breakdown of GitHub Copilot's flavors: chat, inline suggestions, edits, pull request reviews, and agentic AI. [17:12] Real-world uses of Copilot Edits: generating documentation, writing tests, and making cohesive multi-file changes. [20:00] GitHub's goal of enabling the “10x developer,” not just in speed but in quality, consistency, and creativity. [25:00] How AI tooling is changing how we think about architecture, code reuse, and shrinking monoliths into modular libraries. [30:00] Prompting strategies: how different cultures and languages impact the way developers interact with AI tools. [32:47] GitHub Workspaces: start from requirements, generate a plan, and get a head start on writing and converting code. [35:00] April's belief that AI-driven development is already here, and edits are one of the best ways to experience that transformation now.   Mentioned in this Episode: Clear Measure Way Architect Forum Software Engineer Forum Programming with Palermo — New Video Podcast! Email us at programming@palermo.net. Clear Measure, Inc. (Sponsor) .NET DevOps for Azure: A Developer's Guide to DevOps Architecture the Right Way, by Jeffrey Palermo .Net Aspire and Data API builder with the Community April on GitHub April on LinkedIn April on X Universe 2024: GitHub Embraces Developer Choice with Multi-Model Copilot, New App Tool GitHub Spark, and AI-Native Developer Experience CoPilot Workspace GitHub Spark   Want to Learn More? Visit AzureDevOps.Show for show notes and additional episodes.

Visit https://cupogo.dev/ for store links, past episodes including transcripts, and more!Correction: Yoke _is_ a Helm replacementYour code deserves better: give it a linter! - talk in the Czech Repulic soonAccepted: waitgroup.Go Leak and Seek: A Go Runtime Mysterygo-yaml goes unmaintainedDiscussion in our Slack groupThe stdlib proposal by Shay: https://github.com/golang/go/issues/61023Lighting round:godoc.nvimNew Fyne releaseSan Francisco meetup: https://www.eventbrite.com/e/go-meetup-in-san-francisco-tickets-1307114758429 ★ Support this podcast on Patreon ★

Ian Smith is CEO & CTO at Quantum EVM.Ian is a seasoned technologist with 21+ years of experience spanning blockchain, cryptography, cloud microservices, and AI-driven solutions.Proficient in 20+ languages, including Golang, Python, and C++, he has led groundbreaking projects across industries. Ian has worked with major organizations like NASA, Oracle, VISA, and Boeing, contributing to secure, scalable systems in finance, IoT, and blockchain.With deep expertise in cryptography and post-quantum security, Ian has designed advanced blockchain architectures and smart contract platforms. His blend of technical depth and leadership makes him a key innovator in next-generation digital ecosystems.Social: https://x.com/IanSmith_HSAWebsite: https://quantumevm.com/

Ian Smith is CEO & CTO at Quantum EVMIan is a seasoned technologist with 21+ years of experience spanning blockchain, cryptography, cloud microservices, and AI-driven solutions.Proficient in 20+ languages, including Golang, Python, and C++, he has led groundbreaking projects across industries. Ian has worked with major organizations like NASA, Oracle, VISA, and Boeing, contributing to secure, scalable systems in finance, IoT, and blockchain.With deep expertise in cryptography and post-quantum security, Ian has designed advanced blockchain architectures and smart contract platforms. His blend of technical depth and leadership makes him a key innovator in next-generation digital ecosystems.Social:https://x.com/IanSmith_HSAWebsite:https://quantumevm.com/

Vulnerability in golang.org/x/netYou can't parse [X]HTML with regex.

Ian Smith is the CEO & CTO at Quantum EVM. He's a seasoned technologist with 21+ years of experience spanning blockchain, cryptography, cloud microservices, and AI-driven solutions.Proficient in 20+ languages, including Golang, Python, and C++, he has led groundbreaking projects across industries. Ian has worked with major organizations like NASA, Oracle, VISA, and Boeing, contributing to secure, scalable systems in finance, IoT, and blockchain.With deep expertise in cryptography and post-quantum security, Ian has designed advanced blockchain architectures and smart contract platforms. His blend of technical depth and leadership makes him a key innovator in next-generation digital ecosystems.In this conversation, we discuss:- The Quantum Threat to Cryptography- Quantum Computing Risks to Blockchain- Why existing cryptographic systems are vulnerable and how to prepare- Quantum-Safe Solutions- Practical steps to secure blockchain infrastructure and decentralized applications- The Future of Web3 Security- How post-quantum cryptography will transform the blockchain landscape- The Timeline and Race for Post-Quantum Cryptography (PQC)- What's next for Quantum EVM?- Quantum safe crypto addressesQuantum EVMWebsite: quantumevm.comX: @quantumevmTelegram: t.me/quantumevmIan SmithX: @IanSmith_HSALinkedIn: Ian Smith---------------------------------------------------------------------------------  This episode is brought to you by PrimeXBT.  PrimeXBT offers a robust trading system for both beginners and professional traders that demand highly reliable market data and performance. Traders of all experience levels can easily design and customize layouts and widgets to best fit their trading style. PrimeXBT is always offering innovative products and professional trading conditions to all customers.   PrimeXBT is running an exclusive promotion for listeners of the podcast. After making your first deposit, 50% of that first deposit will be credited to your account as a bonus that can be used as additional collateral to open positions.  Code: CRYPTONEWS50  This promotion is available for a month after activation. Click the link below:  PrimeXBT x CRYPTONEWS50

Updates on old news:

This episode was LIVE! Even if you usually listen to this show, if you want you can check out the video on YouTube :)Visit https://cupogo.dev/ for store links, past episodes including transcripts, and more!GopherCon IsraelAccepted proposal: Clone a HashWe Replaced Our React Frontend with Go and WebAssembly from DaggerExtensible Wasm Applications with Go by Cherry MuiSQL NULLs are Weird! by Raymond TukpeLighting round:Go programs freeze when they are launched via a Steam clientLovable's rewrite From Python to GoBunster: Compile shell scripts to static binariesNVM for Windowschi drops support for Go 1.14-1.19Go 1.24.0 released ★ Support this podcast on Patreon ★

Welcome back to Exploit Brokers! In today's video, we dive deep into a critical 7‑Zip vulnerability that's being exploited by Russian cybercriminals to bypass Windows' security protections. If you've used 7‑Zip at all, you need to know how this flaw can let hackers sneak past the Mark-of-the-Web (MOTW) and deploy dangerous malware like Smoke Loader. We'll also explore a parallel threat in the Go ecosystem—malicious packages exploiting caching mechanisms to gain persistent remote access to your system. From double-zipped archives to supply chain attacks, we break down the tactics, the risks, and most importantly, what you can do to protect yourself and your organization. In this video you'll learn: How the 7‑Zip vulnerability works and why updating to the latest version is crucial. The role of Windows' MOTW and how hackers are bypassing this key security feature. Details on the deployment of Smoke Loader malware and its implications. How malicious Go packages and supply chain attacks can compromise your systems. Practical tips to safeguard your data and networks against these emerging threats. Stay informed, stay secure—hit that like button, subscribe, and ring the bell for more cybersecurity insights! Drop your questions or thoughts in the comments below—we love hearing from you! #Cybersecurity #7Zip #WindowsSecurity #Malware #SmokeLoader #GoLang #SupplyChainAttack #Cybercrime #InfoSec #Hacking #RussianHackers #APT #NationStateHackers #exploits #ZeroDays

Proposals✈️ Accepted: runtime/trace: flight recording

Go 1.24RC2 releasedGo 1.23.5 & 1.22.11 released

We're back for Backend Banter Season 2, and we bring a very special guest, José Valim, the creator of the Elixir Programming Language, one of the most popular and loved functional programming languages of today. (Fun fact: it's used in production at Discord). We cover the nitty-gritty of the language, ranging from simple topics such as the decision behind not making Elixir be statically typed, into the more complex cross-machine communication. We go over how Elixir's features compare with those of other languages, work habits of today's developers, José's own day-to-day development, and a lot more! Today's talk encompasses a great variety of themes, so grab your coffee and tune in! Learn back-end development - https://www.boot.dev Listen on your favorite podcast player: https://www.backendbanter.fm Livebook & Elixir Talk: https://www.youtube.com/watch?v=pas9WdWIBHs Elixir Programming Language: https://elixir-lang.org/ Livebook: https://livebook.dev/ Elixir In Action Book: https://www.manning.com/books/elixir-in-action-third-edition José's Socials: X/Twitter: https://x.com/josevalim LinkedIn: https://www.linkedin.com/in/josevalim GitHub: https://github.com/josevalim Timestamps: 00:00 - Intro 01:06 - Embarrassing Stories with Foreign Languages 02:58 - Who is José Valim? (and Elixir's Popularity) 06:51 - Does José Use Phoenix a Lot? 08:28 - Why Isn't Elixir Statically Typed? 16:51 - External Input vs. Internal Code Logic 28:16 - Quick Overview of BEAM languages 31:23 - Elixir's Equivalent to Golang's Goroutines & Channels 42:43 - Cross-Machine Communication in Standard Libraries 49:15 - Do You Need RabbitMQ When Writing Elixir? 54:53 - Built-In Features in the Standard Library 01:01:52 - Why People Are Too Used To Work The Hard Way 01:04:22 - José and DHH 01:08:01 - Favorite Elixir Features & Immutability 01:17:49 - Purity in Functional Programming 01:21:35 - Where to find José

Robert Seacord, the Standardization Lead at Woven by Toyota, the convenor of the C standards committee, and author of The CERT® C Coding Standard, Effective C, and Secure Coding in C and C++, speaks with SE Radio host Gavin Henry about What's New in the C Programming Language. They start with a review of the history of C and why it has a standard, and then they discuss what C23 brings and how programmers can take advantage of it. They consider the sectors in which C is most used and whether you should use C to start a brand new project in 2025. Seacord discusses 8 new things that C23 brings, use case examples, must haves, floating point numbers, how automotive systems use C, why C is used there, Rust vs C, compile time checks vs static analysis, all the various safety standards they can use, why you should use the right tool for the job and never trust user input no matter the language.  Brought to you by IEEE Computer Society and IEEE Software magazine.

Happy New Year, everyone!Visit cupogo.dev to buy Swag