Nate Finch
@natefinch.bsky.social
Gopher at GitHub working on Copilot. Author of Mage. Dungeon Master and Magic player. Used to be NateTheFinch on the Bird Site that shall not be named.
In case you were looking for something to wear on a night around town.
started getting instagram ads for mira's toddler-sized gas masks while putting together this article. also, at the same time, saw videos of that preschool getting tear gassed. no we will not be adding a section on the best gas mask for toddlers www.theverge.com/policy/86857...
Best gas masks
“How did these people go out and get gas masks?” AG Bondi asked.
www.theverge.com
January 29, 2026 at 2:42 PM
In case you were looking for something to wear on a night around town.
Reposted by Nate Finch
my grandmother, an Auschwitz survivor, was Anne Frank’s neighbor in Amsterdam, and Oma thinks this comparison is perfectly apt
The Minnesota governor is getting widespread criticism for comparing children dealing with immigration enforcement to Holocaust victim Anne Frank.
Tim Walz condemned for comparing Minnesota children to Anne Frank
The Minnesota governor is getting widespread criticism for comparing children dealing with immigration enforcement to Holocaust victim Anne Frank.
bit.ly
January 28, 2026 at 2:37 AM
my grandmother, an Auschwitz survivor, was Anne Frank’s neighbor in Amsterdam, and Oma thinks this comparison is perfectly apt
Reposted by Nate Finch
In the world of professional cryptographers, the question is a settled matter: as of early 2026, Signal is the best encrypted messaging app for all but the most utterly pathological of edge cases.
January 27, 2026 at 5:07 AM
In the world of professional cryptographers, the question is a settled matter: as of early 2026, Signal is the best encrypted messaging app for all but the most utterly pathological of edge cases.
All of these ICE and CBP mf'ers deserve to be in jail. Congress needs to end qualified immunity. Being a state or federal officer does not *lower* the bar for your actions, it *raises* it. You are supposed to be trained. You are supposed to defend our rights, not violate them.
January 28, 2026 at 12:03 AM
All of these ICE and CBP mf'ers deserve to be in jail. Congress needs to end qualified immunity. Being a state or federal officer does not *lower* the bar for your actions, it *raises* it. You are supposed to be trained. You are supposed to defend our rights, not violate them.
One of the most important powers of a senior engineer is the ability to say "No", and have people actually listen.
Do not hesitate to use this power to protect your team and your project.
Many people will ask "how" to accomplish something, but few will ask *if* this is a thing that should be done.
Do not hesitate to use this power to protect your team and your project.
Many people will ask "how" to accomplish something, but few will ask *if* this is a thing that should be done.
January 27, 2026 at 9:33 PM
One of the most important powers of a senior engineer is the ability to say "No", and have people actually listen.
Do not hesitate to use this power to protect your team and your project.
Many people will ask "how" to accomplish something, but few will ask *if* this is a thing that should be done.
Do not hesitate to use this power to protect your team and your project.
Many people will ask "how" to accomplish something, but few will ask *if* this is a thing that should be done.
#golang hot tip - if an interface is 95% Getters, you should probably instead use plain old struct fields, and use logic at creation time to populate the fields differently for different types.
Separating logic and data will make your code easier to maintain and understand.
Separating logic and data will make your code easier to maintain and understand.
January 22, 2026 at 5:42 PM
#golang hot tip - if an interface is 95% Getters, you should probably instead use plain old struct fields, and use logic at creation time to populate the fields differently for different types.
Separating logic and data will make your code easier to maintain and understand.
Separating logic and data will make your code easier to maintain and understand.
Today's task: Trying to convince product that we don't need special logic to mark a particular category of requests as free... when those requests only amount to 0.2% of the average user's costs anyway.
This is like buying a $10 meal and worrying about whether they charge you 2 cents for the straw.
This is like buying a $10 meal and worrying about whether they charge you 2 cents for the straw.
January 9, 2026 at 8:30 PM
Today's task: Trying to convince product that we don't need special logic to mark a particular category of requests as free... when those requests only amount to 0.2% of the average user's costs anyway.
This is like buying a $10 meal and worrying about whether they charge you 2 cents for the straw.
This is like buying a $10 meal and worrying about whether they charge you 2 cents for the straw.
The most important thing you can do when building an HTTP API is to define a json error response body and unique response codes.
HTTP status codes are *not* sufficient.
Clients need more detail to provide a good UX for users.
There are a million things that can cause a 400 Bad Request, for example.
HTTP status codes are *not* sufficient.
Clients need more detail to provide a good UX for users.
There are a million things that can cause a 400 Bad Request, for example.
November 10, 2025 at 5:39 PM
The most important thing you can do when building an HTTP API is to define a json error response body and unique response codes.
HTTP status codes are *not* sufficient.
Clients need more detail to provide a good UX for users.
There are a million things that can cause a 400 Bad Request, for example.
HTTP status codes are *not* sufficient.
Clients need more detail to provide a good UX for users.
There are a million things that can cause a 400 Bad Request, for example.
This is not the post apocalyptic RPG I was promised.
It's not in this article but the government asserts that the sandwich was thrown at "point blank range", which implies subway sandwiches have defined effective weapon ranges of varying lethality, and I would like to see the government's chart of these ranges.
Trial Begins for Man Accused of Lobbing a Sandwich at a Federal Agent www.nytimes.com/2025/11/03/u...
November 4, 2025 at 1:35 AM
This is not the post apocalyptic RPG I was promised.
This week at work, we learned about how overloading the CPU can cause your process to get killed for using too much memory.
It's unintuitive at first, but in the context of an API server, it makes sense once you think through it. Here's what was happening:
It's unintuitive at first, but in the context of an API server, it makes sense once you think through it. Here's what was happening:
October 31, 2025 at 1:44 PM
This week at work, we learned about how overloading the CPU can cause your process to get killed for using too much memory.
It's unintuitive at first, but in the context of an API server, it makes sense once you think through it. Here's what was happening:
It's unintuitive at first, but in the context of an API server, it makes sense once you think through it. Here's what was happening:
Perhaps a 🌶️ take:
Do not rely on docker / codespaces / env variables / setup scripts to make your dev environment function.
Doing a git pull should *never* break the dev experience.
Make fixes for the dev environment in-code, so that updating the code is all you need to do to continue working.
Do not rely on docker / codespaces / env variables / setup scripts to make your dev environment function.
Doing a git pull should *never* break the dev experience.
Make fixes for the dev environment in-code, so that updating the code is all you need to do to continue working.
October 24, 2025 at 5:04 PM
Perhaps a 🌶️ take:
Do not rely on docker / codespaces / env variables / setup scripts to make your dev environment function.
Doing a git pull should *never* break the dev experience.
Make fixes for the dev environment in-code, so that updating the code is all you need to do to continue working.
Do not rely on docker / codespaces / env variables / setup scripts to make your dev environment function.
Doing a git pull should *never* break the dev experience.
Make fixes for the dev environment in-code, so that updating the code is all you need to do to continue working.
Unpopular opinion on HTTP APIs - just use POST for everything and never put variables in your routes.
Spent like an hour yesterday debugging weird behavior.
Turns out, I was hitting the wrong route accidentally, because our routes overlapped in non-obvious ways.
Spent like an hour yesterday debugging weird behavior.
Turns out, I was hitting the wrong route accidentally, because our routes overlapped in non-obvious ways.
September 4, 2025 at 4:24 PM
Unpopular opinion on HTTP APIs - just use POST for everything and never put variables in your routes.
Spent like an hour yesterday debugging weird behavior.
Turns out, I was hitting the wrong route accidentally, because our routes overlapped in non-obvious ways.
Spent like an hour yesterday debugging weird behavior.
Turns out, I was hitting the wrong route accidentally, because our routes overlapped in non-obvious ways.
When designing the errors that you return to 3rd parties (whether from an API or SDK) please default to not returning sensitive data in your error messages. I've spent SO MUCH TIME handling bugs where we log customer data or return sensitive provider info from our API because of this.
August 8, 2025 at 2:59 PM
When designing the errors that you return to 3rd parties (whether from an API or SDK) please default to not returning sensitive data in your error messages. I've spent SO MUCH TIME handling bugs where we log customer data or return sensitive provider info from our API because of this.
Unpopular opinion, but the "options" pattern in Go is just bad.
The biggest problem is that it greatly hinders discoverability.
I type foo.NewBar( and my IDE shows the signature includes ...foo.BarOptions. What are the options? Dunno. I have to look through all functions in the package. #golang
The biggest problem is that it greatly hinders discoverability.
I type foo.NewBar( and my IDE shows the signature includes ...foo.BarOptions. What are the options? Dunno. I have to look through all functions in the package. #golang
July 31, 2025 at 1:51 PM
Unpopular opinion, but the "options" pattern in Go is just bad.
The biggest problem is that it greatly hinders discoverability.
I type foo.NewBar( and my IDE shows the signature includes ...foo.BarOptions. What are the options? Dunno. I have to look through all functions in the package. #golang
The biggest problem is that it greatly hinders discoverability.
I type foo.NewBar( and my IDE shows the signature includes ...foo.BarOptions. What are the options? Dunno. I have to look through all functions in the package. #golang
Saw a post on reddit about dependency injection in Go and... please don't use libraries for that stuff. DI in Go should be just "create a value in main.go, pass it to a struct that takes an interface for it. If other structs need a copy, pass it along."
That's it. That's dependency injection in go.
That's it. That's dependency injection in go.
July 30, 2025 at 1:48 PM
Saw a post on reddit about dependency injection in Go and... please don't use libraries for that stuff. DI in Go should be just "create a value in main.go, pass it to a struct that takes an interface for it. If other structs need a copy, pass it along."
That's it. That's dependency injection in go.
That's it. That's dependency injection in go.
This is 100% correct. AI isn't going to tell you that your assumptions are wrong, that product management changed their mind about that last week, that we tried that before and it doesn't work... etc.
But it is definitely like a pretty smart linter that you don't need to configure ahead of time.
But it is definitely like a pretty smart linter that you don't need to configure ahead of time.
so I like to think about AI reviews as "lint++" -- you wouldn't just commit code because tests and lint passed.
sure, it does more things than static analysis, but it still isn't going to result in someone else grokking the code at 2am.
sure, it does more things than static analysis, but it still isn't going to result in someone else grokking the code at 2am.
July 30, 2025 at 1:43 PM
This is 100% correct. AI isn't going to tell you that your assumptions are wrong, that product management changed their mind about that last week, that we tried that before and it doesn't work... etc.
But it is definitely like a pretty smart linter that you don't need to configure ahead of time.
But it is definitely like a pretty smart linter that you don't need to configure ahead of time.
Got issued new debit cards from Capital One. Noticed they were Discover branded. I thought - they're debit cards, no way they won't be accepted at places that "don't take discover" right?
Wrong!
Good job, Capital One. You've forced me to find a new bank.
Wrong!
Good job, Capital One. You've forced me to find a new bank.
July 24, 2025 at 6:57 PM
Got issued new debit cards from Capital One. Noticed they were Discover branded. I thought - they're debit cards, no way they won't be accepted at places that "don't take discover" right?
Wrong!
Good job, Capital One. You've forced me to find a new bank.
Wrong!
Good job, Capital One. You've forced me to find a new bank.
Reposted by Nate Finch
Oftentimes, the simple solution is the best one. If your traffic is fairly predictable, you don't need auto scaling, you just need a chron job that scales up during your busy times. It'll be way easier to implement, debug, and maintain.
May 2, 2025 at 3:46 PM
Oftentimes, the simple solution is the best one. If your traffic is fairly predictable, you don't need auto scaling, you just need a chron job that scales up during your busy times. It'll be way easier to implement, debug, and maintain.
Please just use ints.
If a number (like an ID or a length) should always be positive .... you should use a (signed) int.
Why? Because it prevents bugs. If you calculate a length to be -2 bytes, that's clearly a bug. If you are converting that to a uint32, it becomes 4294967294.
If a number (like an ID or a length) should always be positive .... you should use a (signed) int.
Why? Because it prevents bugs. If you calculate a length to be -2 bytes, that's clearly a bug. If you are converting that to a uint32, it becomes 4294967294.
February 11, 2025 at 4:20 PM
Please just use ints.
If a number (like an ID or a length) should always be positive .... you should use a (signed) int.
Why? Because it prevents bugs. If you calculate a length to be -2 bytes, that's clearly a bug. If you are converting that to a uint32, it becomes 4294967294.
If a number (like an ID or a length) should always be positive .... you should use a (signed) int.
Why? Because it prevents bugs. If you calculate a length to be -2 bytes, that's clearly a bug. If you are converting that to a uint32, it becomes 4294967294.
Was watching Ready Player One with the kids and I noticed one of the bombs they throw in the game was one of these and wow, core memory unlocked there. I haven't seen or thought of these in like 40 years. Evidently they're called Madballs. I'm sure I had some when I was like 8.
January 25, 2025 at 3:19 PM
Was watching Ready Player One with the kids and I noticed one of the bombs they throw in the game was one of these and wow, core memory unlocked there. I haven't seen or thought of these in like 40 years. Evidently they're called Madballs. I'm sure I had some when I was like 8.
Reposted by Nate Finch
Somebody yelled at me for posting about Ganymede instead of /the state of things/ last night.
I know we’re (almost) all on the same page here, but a Bluesky without cute cats, science facts, and dumb jokes would be bad for everyone.
I know we’re (almost) all on the same page here, but a Bluesky without cute cats, science facts, and dumb jokes would be bad for everyone.
January 24, 2025 at 5:51 PM
Somebody yelled at me for posting about Ganymede instead of /the state of things/ last night.
I know we’re (almost) all on the same page here, but a Bluesky without cute cats, science facts, and dumb jokes would be bad for everyone.
I know we’re (almost) all on the same page here, but a Bluesky without cute cats, science facts, and dumb jokes would be bad for everyone.
Anyone have tips on how to teach people to perform thorough code reviews? I am a very thorough reviewer, but I'm not sure how to teach someone else how to look for problems in a PR.
Not specific to #golang but also that is the language I am using :)
Not specific to #golang but also that is the language I am using :)
January 7, 2025 at 4:06 PM
Anyone have tips on how to teach people to perform thorough code reviews? I am a very thorough reviewer, but I'm not sure how to teach someone else how to look for problems in a PR.
Not specific to #golang but also that is the language I am using :)
Not specific to #golang but also that is the language I am using :)
This is what I've been working on recently. Full GitHub Copilot for $0 forever.
A new free tier of GitHub Copilot in Visual Studio Code.
✅ 2,000 code completions per month
💬 50 chat messages per month
💫 Models like Claude 3.5 Sonnet or GPT-4o
♥️ More fun for you
Check it out today!
Oh yeah, and we passed 150M developers on GitHub 💅 github.blog/news-insight...
✅ 2,000 code completions per month
💬 50 chat messages per month
💫 Models like Claude 3.5 Sonnet or GPT-4o
♥️ More fun for you
Check it out today!
Oh yeah, and we passed 150M developers on GitHub 💅 github.blog/news-insight...
Announcing 150M developers and a new free tier for GitHub Copilot in VS Code
Come and join 150M developers on GitHub that can now code with Copilot for free in VS Code.
github.blog
December 18, 2024 at 6:45 PM
This is what I've been working on recently. Full GitHub Copilot for $0 forever.