Go's Boring Security Tooling (And Why That's Perfect)
"What security tools do you use?"
I expected: Snyk. Semgrep. Custom vulnerability scanners. Expensive SaaS subscriptions.
The answer: go test -race.
That's it. That's the security tool.
Developer Tools¶
Pre-commit Hooks That Don't Make You Wait
Your first commit after cloning a repo takes 30 seconds. Why? Pre-commit is compiling Go from source.
Binary releases fix this. Ship hooks backed by pre-built binaries.
Pre-commit Hooks as Security Gates: Enforcement Before Commit
The Terraform config was already committed. Three pull requests deep before anyone noticed. Now it's in git history. Audit logs show violations. The team is explaining how vendor lock-in crept in.
Pre-commit hooks stop this before it starts.