Nostr Web Client

yeah, and as such have a very difficult time changing the repository or eliminating dependencies

thus we have perl, python, gcc, clang, and a whole bunch of other things in there because the tree of dependencies is more complex than a 1000 year old ficus' root system

this is also why Go itself pioneers the concept of multi-binaries, an idea which started with busybox

every architectural and engineering decision has consequences and you should not ignore the outliers that your chosen one gives you

and it's a hard problem to fix because of the highly decentralised open source development ecosystem, that's why we still have perl even though you can do all that stuff with C or python

5dcd8ebc... 1y ago

I am not talking about runtime dependencies, which multi-binaries and busybox address. I am talking about the source code dependencies. When you have 100 times the number of entities (persons/projects) providing the source code golang pulls in for the easy-peasy build, vetting is 100 times more work.

I really admire the lightning fast compiles of golang and the language features - but the security nightmare of their standard repo is something that younger programmers don't seem to understand, and is shared by other new languages.

Reply to this note

Please Login to reply.

Discussion

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

indeed, along with numerous other features i'd razor out the stdlib (strings is another feature i'd remove)

i'm a rabid golang maxi... less features, more security, more speed

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

for sure the stdlib is the biggest anchor dragging Go down

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

aside from strings

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

yes! also, i want to rewrite the damn golang stdlib, after i rip out the damn string type

also need to change how it treats methods of reference types (slices, maps) so they behave the same way as pointers

these are the two biggest gripes i have with Go

and don't get me started on the math/big library, what a shitshow