StableLib is shutting down. Read more »

StableLib Blog

StableLib is shutting down

Unfortunately, we have to shut down StableLib.

Since releasing the first version a few months ago, we failed to acquire any paid customers. Being a tiny bootstrapped business, we cannot continue to dedicate enough resources and marketing efforts it needs without any sight of revenue.

During our incredible, but short, journey we have helped improve a few open source packages, so while we’re sad that our plan didn’t work, we’re glad that our work wasn’t pointless.

StableLib packages will be available at the same address for the time being, but will not receive any updates, so we encourage everyone who uses them to switch back to upstream packages. (14-Sep-2016: Packages are no longer available.)

Thank you for your support, and sorry that it didn’t work out!

— Dmitry Chestnykh (@dchest)

PS If you have any questions, please don’t hesitate to contact me personally: I’m also available for consulting gigs (e.g. would you like me to review your code and fix security mistakes, just like I did for packages in StableLib?)

Usyaka attacks Gopher

Securing Go web applications

There are lots of security-related things to keep in mind when writing a web application, as the Web is a place full of danger: cross-site scripting (XSS), cross-site request forgery (CSRF), clickjacking, brute forcing, spam and so on.

Go gets many things right by default: for example, templates from the standard library make it hard to accidentally introduce XSS vulnerabilities. But what about other attacks? Fortunately, there are a few open source Go packages that can help us.

Read More »

Making StableLib more affordable

When we launched StableLib, we figured it needs to be targeted at a specific narrow niche of businesses, which meant having a smaller customer base at a higher price point. We are confident that even at the previous price ($79/month per developer) StableLib was a great deal for such businesses: it would have saved them a lot of money by freeing their developers from doing our work.

However, as we received more feedback, we realized that we were wrong with such targeting. Go is a young language, and it’s being used a lot by startups and young small companies. Such companies are more sensitive to prices, and even if we could still save them a lot of time and money, they had different spending priorities. It would be sad if they couldn’t afford StableLib.

Starting today, StableLib is only $20 per month per developer (and it’s still free for open source and personal non-commercial projects) — about the same price as a small virtual machine on one of the cloud hosting providers. For twenty bucks you get the stable, secure base to build your next great web app (or whatever you’re building) in Go, without worrying about finding suitable packages, checking for their updates every day, merging changes, or fixing your programs in response to broken API compatibility.

To be profitable (which translates to hiring more developers and technical writers, including more packages, and contributing more to the open source community) at this price, we need more customers than originally planned, but we accept the challenge!

Sign up now

StableLib, an LTS distribution of Go packages, released!

After almost two years of planning, reviewing and writing code, figuring out and setting up the infrastructure, we’re happy to announce that StableLib is open to the public!

StableLib is a collection of vetted and reviewed high-quality open source packages for Go, professionally maintained by us. In other words, it’s a long-term support (LTS) distribution of Go packages.

Each package receives backward compatible updates, bug fixes and security issue fixes for three years, keeping compatibility with the current and future compilers (starting from Go 1.4).

We do the hard work of reviewing code, merging changes, investigating reported issues and communicating with upstreams, while your team develops software without worrying about compatibility changes in dependencies or third-party code quality. We also notify you about updates and send security alerts.

Read More »


StableLib is a stable distribution of curated open source Go packages with long-term support. Free your team from maintaining third-party code. Learn more