Go Style Guide
Apply this checklist when writing or reviewing Go code.
Trigger Reference
- •Use
references/trigger-matrix.mdas the canonical trigger and co-activation matrix. - •Resolve skill activation from changed files with
python3 scripts/resolve_style_guides.py <changed-path>...when automation is available. - •Validate trigger matrix consistency with
python3 scripts/validate_trigger_matrix_sync.py.
Package design and architecture
Quality Gate Reference
- •Use
references/quality-gate-command-matrix.mdfor CI check-only vs local autofix command mapping.
- •Keep packages cohesive and small; avoid cyclic dependencies.
- •Depend on interfaces at boundaries and concrete types internally.
- •Keep handlers/controllers thin; isolate domain logic in dedicated services.
- •Keep
cmd/orchestration separate from reusable package logic.
Naming and structure
- •Use concise names that match Go conventions and package context.
- •Prefer small functions with clear contracts.
- •Replace magic numbers with named constants that include units (
requestTimeoutSeconds). - •Avoid global mutable state unless synchronized and justified.
Types and data modeling
- •Model external payloads with explicit structs and tags.
- •Avoid
map[string]anyfor core domain flows when a struct is known. - •Use constructors/validators to keep structs in valid states.
- •Prefer explicit zero-value semantics; document when zero is invalid.
Error handling and concurrency
- •Return errors instead of panicking for expected failures.
- •Wrap errors with context (
fmt.Errorf("...: %w", err)) and inspect witherrors.Is/As. - •Avoid swallowing errors; handle or return intentionally.
- •Pass
context.Contextas the first parameter for request-scoped operations. - •Design goroutine lifecycles explicitly; avoid leaks and orphaned workers.
Configuration and environment
- •Parse configuration at startup into typed structs.
- •Fail startup when required environment variables are missing.
- •Do not assign fallback defaults for required environment variables.
- •Keep secrets out of source and logs.
Security and compliance
- •Validate all external inputs and enforce allow-lists where possible.
- •Use parameterized SQL and safe encoding for outputs.
- •Set explicit HTTP timeouts on clients and servers.
- •Avoid leaking sensitive values in error messages or logs.
Performance and scalability
- •Measure with benchmarks/profiles before optimizing.
- •Avoid unnecessary allocations in hot paths.
- •Stream large data instead of loading fully into memory.
- •Bound retries and worker pools with named limits.
Testing and verification
- •Write table-driven tests for core logic and edge cases.
- •Add integration tests for DB/network boundaries.
- •Run race detection for concurrent code.
- •Add regression tests for every fixed bug.
Observability and operations
- •Emit structured logs with request/correlation IDs.
- •Track latency, error rates, and saturation metrics.
- •Preserve wrapped error chains for faster incident diagnosis.
- •Ensure health/readiness checks reflect real dependencies.
CI required quality gates (check-only)
- •Run
gofmt -l .and require empty output. - •Run
go vet ./.... - •Run
staticcheck ./...when available. - •Run
go test ./... -race.
Optional autofix commands (local)
- •Run
gofmt -w .(orgo fmt ./...) to apply formatting.