Redowan Delowar

As someone who, while growing up, had measles, rubella, and many other horrible illnesses now preventable by vaccination, I simply cannot fathom why people want to revert to that time. I spent a lot of time in bed or at the hospital as a child. Yes, I survived, but not by much.

Why go back there?

Finished Dan Brown’s latest thriller, The Secret of Secrets.

Oh man, 700 pages of a roller coaster ride. This one ties with Inferno as my favorite book by the author.

I also read it a few months after my visit to Prague, which made putting things into context much easier.

Auth, crypto, and security in general. People secretly hate them and only tolerate them because they have to. So the lesser the friction, the better.

Any sufficiently advanced AI agent is indistinguishable from a rootkit.

I’ve always wondered why most enterprise code sucks compared to OSS code, despite having far more focused resources.

Now I know why!

These how I slop posts are getting tiresome. Quit pretending there's any skill involved in slop munging.

'We' as in "we are venom"

"AI will fix this"

Turn Dependabot Off I recommend turning Dependabot off and replacing it with a pair of scheduled GitHub Actions, one running govulncheck, and the other running CI against the latest version of your dependencies.

Dependabot security alerts have terrible signal-to-noise ratio, especially for Go vulns. That hurts security!

Just turn it off and set up a pair of scheduled GitHub Actions, one running govulncheck and the other running CI with the latest version of your deps.

Less work, less risk, better results!

I stopped reading feedbacks long ago. Most anon sites bring up the worst in people.

On reddit and hn, all you have is a handle. So some people feel like they can do whatever.

+1

I wish that those surveys so often cited by InfoSec pundits that ask

Do you fully trust AI output?
Do you always verify AI output?

also asked

Do you fully trust your colleagues' output?
Do you always verify your colleagues' output?

Just to have comparative numbers, you know.

There's no way to stop the influx of generated prs. Filtering them out has become a burden.

It's happening in repos too. Push back & you get flagged as a luddite.

The only thing between slop & a healthy system is human judgment. But somehow with agentic degeneracy, we seem to have lost it.

No. Too busy migrating TS junk to Go. It took us LLMs to realize than JS/TS in the backend/infra was a huge mistake.

Working with Kotlin pretty extensively for the last two weeks. I find the the concurrency abstraction of Kotlin to be better than Go in some aspects.

There are more to learn in terms of syntax but orchestrating coroutines is much less error prone in Kotlin. Also null safety is much appreciated.

Your Go tests probably don't need a mocking library Practical patterns for mocking in Go without external libraries. Learn to mock functions, methods, interfaces, HTTP calls, and time using only the standard library

"Your Go tests probably don't need a mocking library" by @rednafi.com

I learned a ton from this post. Some of these patterns I intuitively used before and didn't know the name for such a pattern. Thanks for the write up Redowan Delowar.

rednafi.com/go/mocking-l...

#golang

Fallthrough creates code that's hard to reason about. I am sure there are valid reasons to use it but those are exceedingly small.

The thing that brought me to #go was its firm stance on not trying to do everything.

Over the 8 yrs of using the language, it’s been great to see that it hasn’t tried to mimic other ecosystems and lose its identity.

It’s not perfect, but it’s damn close to being perfect for the things I do.

One reason I wasn't sold on Cursor was that it asked me to change my editor.

I use vanilla VS Code, & sure, Cursor is a VSC fork, but it had so many subtle bugs & incompatibilities that I almost didn’t want to try it.

Claude Code runs in the terminal, so I can keep using whatever editor I like.

Now, people are signing "100% human generated, including the emdashes" under their AI generated drivels.

Meanwhile my brain: how is "dune" relevant here?

With Go 1.26, you can easily log to multiple targets (like stdout, a file, or a remote server) using just the standard library.

All thanks to slog.MultiHandler, which sends log records to any number of handlers you configure.

As a non native English speaker, I find this ridiculous:

This is another neat one. The reason I listed the use cases is - many write tests with LLMs & never even look at them.

So these tools bring a universe of third party libs to mock trivial things. Then on the next iteration, other LLM agents pick up the bad habit & all hell break loose.

Wrote a bit about eschewing 3p mocking libs & making a mess out of your Go tests. Reddit picked it up and so far the commets have been civil 😅

rednafi.com/go/mocking-l...

Scaling PostgreSQL to power 800 million ChatGPT users By Bohan Zhang, Member of the Technical Staff

This blog post is a cautionary tale of the disaster that is trying to scale PostgreSQL beyond its limits.

I firmly expect to have someone cite it to me as an example of how PostgreSQL scales extremely well.

Many of these tips-and-tricks accounts have been bot grifters long before the emergence of LLMs.

Making lots of new friends thanks to this starter pack. If you're a dev writer / video maker / devrel, I'd love to follow you! Hit me with a reply👋

Redowan's Reflections Personal site of Redowan Delowar - a roving amateur fumbling through software, systems, and sundry.

Neat. Found a few folks I wasn't already following.

Hi, I'm Redowan and typically I write about Go, platform engineering, dist sys, and company dynamics at rednafi.com 👋

The more I have AI agents write all my code, the more I feel that us devs will be alright (and possibly more in-demand for important stuff)

Hard for me to imagine anyone building *reliable* software without an understanding of how to do this (either via experience or study)