Oddbean new post about | logout
Custom Designed | 4 months ago (raw) | root | parent | reply | flag +1 
 I am not talking about runtime dependencies, which multi-binaries and busybox address.  I am talking about the source code dependencies.   When you have 100 times the number of entities (persons/projects) providing the source code golang pulls in for the easy-peasy build, vetting is 100 times more work.

I really admire the lightning fast compiles of golang and the language features - but the security nightmare of their standard repo is something that younger programmers don't seem to understand, and is shared by other new languages.
mleku | 4 months ago (raw) | root | parent | reply | flag +1 
 indeed, along with numerous other features i'd razor out the stdlib (strings is another feature i'd remove)

i'm a rabid golang maxi... less features, more security, more speed
mleku | 4 months ago (raw) | root | parent | reply | flag +1 
 for sure the stdlib is the biggest anchor dragging Go down
mleku | 4 months ago (raw) | root | parent | reply | flag +1 
 aside from strings
mleku | 4 months ago (raw) | root | parent | reply | flag +1 
 yes! also, i want to rewrite the damn golang stdlib, after i rip out the damn string type

also need to change how it treats methods of reference types (slices, maps) so they behave the same way as pointers

these are the two biggest gripes i have with Go

and don't get me started on the math/big library, what a shitshow