Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
[flagged]
badcoder2 on Jan 29, 2018 | hide | past | favorite


I don't get it. Can someone explain to me what's so notable about this that it made it to the front page?


It may be because it's the vault codebase, a tool for secrets management, encryption as a service, and privileged access management.

One would hope that such a codebase is well understood and implemented.


Same here. Yeah, it points to rather poor handling of error condition in this case, and it is an example of deeper problem of terrible error handling in Go, but overall - I don't see what the point is. There's plenty of worse code all over the place, in many programs, written in many languages, and this is hardly a notable offender.


To me it's merely amusing. Sometimes things get to the front page on the virtue of just being a little different and amusing.


to be sure in software one should know all possible inputs and outputs and why these happen. mentioned comment argues that this is not so for security service software. which is actually fun.


renewAuth() calls RenewTokenAsSelf() which calls ParseSecret() which calls DecodeJSONFromReader()

DecodeJSONFromReader has a couple of comments stating that the interface is a pointer along with "While decoding JSON values...", so is the reader an asynchronous object and renewal and renewal.Auth are modified after the error case is checked?

(I know nothing about Go, basically)


Still better than no comment.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: