It is exciting for me to see two new (security) features that will be added to Go. This will shift the language security to a new level:
-
Fuzzing as a first class citizen: after seeing the value of fuzzing and volume of hard-to-find bugs discovered (see go-fuzz), there is proposal to add fuzzing to go binary. This means you can
go fuzz
similar togo test
. -
Support for type parameters: Making Unsafe Behaviour Impossible is one the Defensive Programming principles that we cover in our workshops. However, implementation of the principle without phantom types is difficult and relies on third-party libraries. This proposal supersed the previous Design by Contact and can natively enforce safe behaviours (e.g. function call).
Go 1.18 will be released sometimes in early 2022.