Agentic workflows and AI firewalls, so pretty much cancelling ourselves out
This show is supported by you. Stick around till the ad break to hear more about that. This is CapaGo for 06/14/2025. Keep up to date with important happenings in the Go community in about fifteen minutes per week. I'm Shay Nehmad.
Shay Nehmad:Due to scheduling issues, I'm doing this episode alone. I think it's the time I'm doing the episode alone, so please forgive me if it's kinda weird. I'll keep it short. No proposals today, just a few projects and some lighting round things to keep the good stuff like, you know, proposals and the interesting discussions for the episode with, Jonathan, which should come out towards the end of this week. Kicking it off this week, a lecture by Ezo Sala from aura.dev, which I saw, on YouTube.
Shay Nehmad:The link is in the show notes. How they built a rock solid agentic orchestration with Go. So if you're into like all the AI features, it it agentic workflows, automating your entire life end to end and all that stuff, Orad. Dev built their own system to orchestrate all these agents. It's a very high level overview, just like quick fifteen minute lecture, but it was interesting.
Shay Nehmad:It's all in Go. But like always, the Go part is very simple. Just showed a few structs and the main part was the data engineering behind it. Basically, as I was saying, let's assume you're past all the agent problems, like prompt engineering, unstable results and whatever, but you have a few agents and you wanna like herd them to actually perform a task together. They have one agent talking to system x, one agent talking to system y.
Shay Nehmad:So let's say you have these agents and you got past the prompt engineering and the unstable results and whatever, there are quite a lot of distributed systems problems. If you have one system talk one agent talking to system a and another agent talking to system b. What Aura developed and as always like demoing through the lecture is that they had to develop like a babysitter, for all these agents. They built something called a plan engine and, you know, it was went through a few iteration. The main, like, insight of the lecture is that they landed on using a concept that already exists called an immutable append on the log, which is exactly what Kafka uses under the hood to, like, store messages.
Shay Nehmad:If you read the book, Designing Data Intensive Applications, you know already what the solution means. And if you don't if you didn't yet, I recommend it. I also have notes about it written down somewhere in my blog. Why did they choose an append only log? So it's good for atomic operations and if one of the agents like goes haywire, they can sorta reboot it and it can read everything that happened in the plan so far and like rebuild the state from scratch.
Shay Nehmad:There are cons to this approach, of course, which Ezreal goes to, and there's like a live demo. It's kind of funny because all this, like, incredible agentic tech, but the way to show the demo was to take the lapel mic and put it on the laptop while displaying the video. But I think it's an interesting take on, like, a dev toolkit for resilient AI workloads. If you're struggling with that thing as well, this lecture might be a good fit for you. And again, link in the show notes.
Shay Nehmad:However, if all these AI agentic systems, whatever are destroying your website, there's a new project that's really, really trending on GitHub with the best tagline I've seen in a while, Anubis. The tagline being, weigh the soul of incoming HTTP requests using proof of work to stop AI crawlers. It's a really early stage thing. You know, you open the website and it's like, this is all placeholder text. It will be fixed.
Shay Nehmad:Give me time. I am one person and my project has unexpectedly gone viral. So sorry, Techaro. I'm gonna send a few more people your way. But it's a go project where it's a Web AI firewall that tries to, like, block bots, AI bots, you know.
Shay Nehmad:And if you host your own web infrastructure, you've probably seen an uptick in the, like, as described in their readme, the endless storm of requested flood from AI companies. It's pretty lightweight. And according to the readme, it's a bit of a nuclear response. Like, it'll block good bots as well. Your your definition of good bots may vary, but for example, the Internet archive, always consider a good bot because it prevents like link rot and old blog posts and old content that I, don't have access to anymore is still there on the Internet archive, which is great.
Shay Nehmad:I've just used it this week, but it might like block that as well. And, yeah, it's been going pretty viral with, I don't know, 8,000 stars. I I think half of these are because of the name and the tagline. Just weighing the soul of incoming HTTP requests to stop AI crawlers is such a thing that's easy to connect to. When you open a website, it's gonna like show you the like loader that checks if you're a bot or not, which is nice.
Shay Nehmad:Under the hood, it uses multi threaded proof of work to make sure that users' browsers are, like, not, an AI browser. I haven't looked into the code to see how it works, but it seems like a cool project. Mostly go under the hood. There's some JavaScript here as well, of course. So if you're pro AI, lecture.
Shay Nehmad:If you're anti AI, tool. Kind of hard to do all these segues without John, but I'll keep on trying. There was a post on Reddit. It's about sixteen days old now, but a pretty cool project that seems super useful. Go dump.
Shay Nehmad:So I've been using a SPEW to, like, pretty things that I need while testing or developing a thing. Very useful for, like, CLI tools, mostly for debugging. It's just nice to be able to dump a struct into the, you know, standard output and see what it does or send the error in case of logging. However, the default printing in fmt dot println or printf leaves a bit to be desired. I used to reach for a go spew, which implements a deep three d printer for, you know, just to aid in debugging.
Shay Nehmad:Obviously, it's really best to, you know, just have a debugger and debug it, and you shouldn't default to log printing as your debugging, method of choice. Like using a debugger is a skill and it's worth knowing, but sometimes it's just not practical. Right? You're running on a server, the thing only happens on the server and you can't, attach a debug, you know, there because of production or any other reason. Sometimes it's also just nice to print something to dump the state.
Shay Nehmad:So I used to, use GoSPUE and honestly, I'll probably still reach to it just out of force of habit. However, this new, library seems super nice. Like, it prints things really well with, you know, colors. It deals with all the types, slices, arrays, maps, like nested types look really well. It just looks really, really, really good.
Shay Nehmad:Like, it's the perfect output that I would, like to see. Also includes, like, field inspection and reference tracking that doesn't go into cycles and escapes control characters. Like, it deals with everything, including time. So next time you need to print something for debugging, I would consider GoDump from Go four g. I've tried it.
Shay Nehmad:It's pretty and I've tried it and it's pretty good. One other GitHub project I wanna shout out, is very low level tool, that asserts that your Go tool is in line and, like, bounce check eliminated. It's called g c assert. If you're, like, super crazy about a performance of a specific thing and you wanna make sure that, you know, that the compiler does something, it's sort of hard to validate that. On the other hand, you might only wanna do it like, you might only wanna look at the end performance and not at specific compiler decisions because, like, why would you care?
Shay Nehmad:But if you wanna make sure that something happens, you can use GCA cert with a directive like GCA cert inline. It's like a comment you put in your code and it will cause GCA cert to fail if the line is not inlined or like bounced checked. So it's sort of an assertion that the Go compiler does what you need it to do. You can use it as an external binary, which to me makes more sense. But you can also use it as a library.
Shay Nehmad:So you can like import the GCS cert and run GCS cert on something. So if you want to run it as a unit test or an end to end test as well, you could do that. Other directives this package offers is our BCE and no escape, which are slightly more complicated and I think won't carry very well over audio. But the readme includes examples. This is very useful for low level performance optimizations or assertions, and it's from Jordan Lewis, the director of engineering at Cockroach Labs, so CockroachDB.
Shay Nehmad:So it stands to reason that, you know, Cockroach team are using this tool to, like, implement and improve the performance of, CockroachDB. It seems like the sort of tool that comes out of a postmortem. But if anyone from the cockroach team is listening and wants to shine some light, we would love to have you on the show for sure. That does it for the projects I want to cover this week. Forgive me, doing the show alone is very hard.
Shay Nehmad:Let's move to the ad break, and after that, we have a short lighting round. This show is supported by you. If you wanna help support the show, please sign up on Patreon as a Cup of Gopher or a Cup of Gopher mini, which is cheaper. The show is a hobby. John and I do it for fun and to learn about Go and to, like, stay on top of things in our actual careers as software engineers.
Shay Nehmad:It's an expensive hobby, mostly for because of our time and editing fees and hosting fees. Trust me, you do not wanna listen to this show unedited. So to help like offset these costs, we really appreciate our Patreon community for, just chipping in. This show is useful for you and you have some free funds. We would appreciate you chipping in.
Shay Nehmad:If you wanna find that link to Patreon or anything else, including our swag store, which went down as the entire Internet went down this week, but I I checked it and it's back up. You can find everything at cupago.dev. That is cupago.dev. If you wanna talk to us, you can join the Go for Slack, hashtag cup - o dash go, or email us news@cupago.dev. That is news@cupago.dev.
Shay Nehmad:Other than directly financially supporting the show, I wanna give a new light on another way you can support us. So if you are a content writer or the sort of person who doesn't, leave reviews very often, I would strongly recommend for you, if you wanna help us promote the show, of course, to leave a review on Spotify or Apple Podcasts or wherever you blog. Why is that important? It's important because AI crawlers, which we've, spent a few minutes discussing in the beginning of the show, tend to scrape these sources to recommend, you know, people like all these recommendation engines, but also specifically if you go into ChatGPT right now and you write, hey, any good sources for Go content? So it will help Cup of Go, you know, like stand out.
Shay Nehmad:And we're trying to do the show pretty reliably every week and bring pretty good stuff. So I hope this will work. Let's do a live experiment. I have a very loud keyboard, but let's see if it works. What's a good source for GoPodcasts?
Shay Nehmad:So I'm just asking four o right now. It's searching the web. Go Time is number one. Of course, they have a ton of, listenership, but I think they're done already. Go Podcast, by Dominique Sapir is the and Capago is With kind of a weird, quick fifteen minute weekly updates and Gil Op Go community news with interview features, newer but frequently updated.
Shay Nehmad:So, you know, if more people write about us and about the show, it'll get into more training data, which is like the new SEO. Right? So I don't know if that encourages you or discourages you, but we would sure appreciate it. Getting more people into the show is always super nice. That does it for our ad break.
Shay Nehmad:Thanks a lot for listening. This week's episode's kinda rough. It's just me. But let's do a quick lightning round, close it out, and then wait for Jonathan to be back next week. Lightning round.
Shay Nehmad:Just one funny item for the lightning round on Blue Sky, Andreas Eckert found the following function, is lit or single. I am neither, so I thought it was funny. It's a function that in the h t p s t d lib that reports whether a segment is non dollar literal or a single wildcard. And it's also unused, which is really weird. And one side quest I'm taking from this post is to try and delete this function and see what will happen because it's unexported and unused.
Shay Nehmad:Seems like we can just delete it and I'm probably missing something. But I'll I'll open that issue as a follow-up and try to delete this unused function just to, you know, do some contrib. Let's see how it works. And I'll keep you all posted about that. Thanks a lot for listening this week.
Shay Nehmad:Program exited. Goodbye. Program exited. Goodbye.
Creators and Guests
