DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports Events Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Partner Zones AWS Cloud
by AWS Developer Relations
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Partner Zones
AWS Cloud
by AWS Developer Relations
Building Scalable Real-Time Apps with AstraDB and Vaadin
Register Now

Trending

  • Building a Robust Data Engineering Pipeline in the Streaming Media Industry: An Insider’s Perspective
  • Microservices With Apache Camel and Quarkus (Part 2)
  • Building the World's Most Resilient To-Do List Application With Node.js, K8s, and Distributed SQL
  • A Data-Driven Approach to Application Modernization

Trending

  • Building a Robust Data Engineering Pipeline in the Streaming Media Industry: An Insider’s Perspective
  • Microservices With Apache Camel and Quarkus (Part 2)
  • Building the World's Most Resilient To-Do List Application With Node.js, K8s, and Distributed SQL
  • A Data-Driven Approach to Application Modernization

Best Practices for Choosing a Go Module

With a near-endless list of Go Modules, for new Go developers it can be difficult to pick a winner for your specific use case.

Arvind Vedula user avatar by
Arvind Vedula
·
Jun. 26, 20 · Tutorial
Like (2)
Save
Tweet
Share
4.36K Views

Join the DZone community and get the full member experience.

Join For Free
playing cards

With a near-endless list of Go Modules, it can be overwhelming trying to decide which is best for your Go build. For new Go developers, it can be difficult to pick a winner for your specific use case.

This phenomenon is nothing new. It's one of the reasons why open-source is so important for developers. Oftentimes, when a module is published by a developer, it was likely developed to solve a specific problem that they are facing. If another developer were to use their module to solve the same problem, there may be some performance criteria needed within that module that the current version does not meet. Luckily, there are often many versions to choose from that can solve different use cases.

The more use cases there are for a module, the more complex it becomes when trying to find the one that is best for your specific use case. Even after you feel that you've found the correct module for your build, how can you be sure? Let's discuss some of the parameters you should consider before deciding on a Go Module and show you how to increase the odds of picking the right module for you!

Choosing a Go Module: What's Important

There are a plethora of great options available when choosing your Go Module and dwindling that list can be a simple task when considering three fundamental parameters:

  • Module Popularity — How widely used a module is
  • Module References — The attribution of the module
  • Module Compliance — The level of security within that module and its dependencies

Each of these factors is heavily important when choosing a Go Module, as each will have a direct effect on the success of your build. For each parameter, we'll show an example of a module within GoCenter, a free repository for versioned Go Modules.

Module Popularity

When choosing your Go Module, the desired module must be adopted and used by others. A module that has been used by many other developers has a higher likelihood of solving the intended issue; there is also a likelihood that developers are still using the module, ensuring that it's consistently being updated. There are 2 effective ways to check a module's popularity.

One of the most useful ways for developers to measure the popularity of a module is by looking at the amount of Github stars that it has received. Another alternative for checking a module's popularity is by checking the number of times that it's been downloaded by others. These are both tested and proven methods for choosing a module for any programming language. Since Go is a relatively new programming language, the number of downloads may not always reflect the popularity of the module especially if the module is new. 

If this is the case, It's recommended that you look at the number of contributors as well. A popular module with a high number of Github stars, downloads (if applicable), and contributors means that you'll have a higher chance that the module is the right fit for your build. Here, you see an example of a popular Go module, . It has 5,790 stars and 452,277 downloads, meaning that thousands of developers have used this module and can verify that it's safe, reliable and has a version that has solved their specific use case. It also has 222 contributors, assuring that many people have used and developed other versions of the module to fit their use case:

go center graph

Module References

Checking a module's references is another effective way to be sure that you're choosing the right module for your build. It provides insight into the dependents of that module, which can be used to discover which other modules are using the module that you're interested in consuming. By referencing the modules that use your desired module, you may notice that large-scale corporations use that module, meaning that it is more likely to be secure and usable.

For example, below we have the dependent information of the AWS module. Taking a glance, there is no negative information found on this module. The "Used By" tab shows which modules are using the module you want to consume. Below, we see that this module is being used by an enterprise, almost ensuring that the module is secure.

Github list

Module Compliance

As the consumption of publicly shared code/modules increases, developers and organizations need a way to check if the module in question is safe enough to consume. When we reference safety, it's all about the security of the modules and the vulnerabilities that are present. The example below is of a module with two security vulnerabilities, meaning that this module can be risky to consume:

number of vulnerabilities

The best compliance practices include choosing modules without vulnerabilities. While this is a no-brainer, sometimes finding a module without vulnerabilities can be impossible. If you're using a module that has a vulnerability or two, check how frequently the module is being updated.

If the same security issue persists for the last 4-5 versions, the author of the module may not be making any updates or any attempts at mitigating the issue. This ultimately means that you'll need to look for another module to use, or you'll need to build the one that works best for you! I never recommend using a vulnerable module.

Now Take Your Pick!

When choosing a Go module, it can be difficult to pick a winner. Many parameters ultimately affect the decision-making process and oftentimes, it can depend solely on a matter of preference. Be sure to consistently check the popularity, references, and the compliance of the modules that you're considering before consuming them.  Now, arm yourself with the knowledge you've received and started consuming Go modules today!

dev trends

Published at DZone with permission of Arvind Vedula. See the original article here.

Opinions expressed by DZone contributors are their own.

Trending

  • Building a Robust Data Engineering Pipeline in the Streaming Media Industry: An Insider’s Perspective
  • Microservices With Apache Camel and Quarkus (Part 2)
  • Building the World's Most Resilient To-Do List Application With Node.js, K8s, and Distributed SQL
  • A Data-Driven Approach to Application Modernization

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com

Let's be friends: