<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: Supun Hewagamage</title>
    <description>The latest articles on DEV Community by Supun Hewagamage (@supunhewagamage).</description>
    <link>https://dev.to/supunhewagamage</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3975168%2F259ce2b7-1b03-4ac2-b1a9-d6ad1a1c3aa8.png</url>
      <title>DEV Community: Supun Hewagamage</title>
      <link>https://dev.to/supunhewagamage</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/supunhewagamage"/>
    <language>en</language>
    <item>
      <title>I built a developer layer on top of Git — and just released v1.0</title>
      <dc:creator>Supun Hewagamage</dc:creator>
      <pubDate>Sun, 14 Jun 2026 01:25:30 +0000</pubDate>
      <link>https://dev.to/supunhewagamage/im-building-got-a-smarter-companion-for-git-and-no-its-not-a-replacement-37k1</link>
      <guid>https://dev.to/supunhewagamage/im-building-got-a-smarter-companion-for-git-and-no-its-not-a-replacement-37k1</guid>
      <description>&lt;p&gt;Every time I onboarded someone onto a codebase, I'd watch them hit the same wall. They'd stare at &lt;code&gt;git log&lt;/code&gt;, scroll through Slack threads trying to figure out &lt;em&gt;why&lt;/em&gt; a decision was made, and ask "which files are related to the auth feature?" — questions that Git simply doesn't answer.&lt;/p&gt;

&lt;p&gt;Git is brilliant at tracking &lt;em&gt;what&lt;/em&gt; changed. But it doesn't know &lt;em&gt;why&lt;/em&gt;. It doesn't know that these 12 files belong to the OAuth feature, or that the team decided to use JWT over sessions back in March, or that the new developer should read the auth module before touching the API layer.&lt;/p&gt;

&lt;p&gt;So I built &lt;a href="https://github.com/supunhg/got" rel="noopener noreferrer"&gt;GOT&lt;/a&gt;.&lt;/p&gt;

&lt;h2&gt;
  
  
  What is GOT?
&lt;/h2&gt;

&lt;p&gt;GOT sits on top of Git as a thin layer. It doesn't replace Git. It doesn't fork Git. It doesn't even modify Git internals. All it does is add capabilities that Git leaves on the table:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Workspaces&lt;/strong&gt; — group related files, branches, decisions, and PRs into logical contexts&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Decisions&lt;/strong&gt; — structured architecture decision records (ADRs) linked to commits and code&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Notes&lt;/strong&gt; — quick context that stays attached to the work, not buried in Slack&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Onboarding&lt;/strong&gt; — guided sessions so new devs don't have to "just read the code"&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;GitHub integration&lt;/strong&gt; — manage PRs and issues without leaving the terminal&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Snapshots&lt;/strong&gt; — automatic recovery points before destructive operations&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Safe commands&lt;/strong&gt; — &lt;code&gt;got safe reset&lt;/code&gt;, &lt;code&gt;got safe push&lt;/code&gt;, &lt;code&gt;got safe rebase&lt;/code&gt; with a safety net&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Everything lives in a &lt;code&gt;.got/&lt;/code&gt; directory. Add it to &lt;code&gt;.gitignore&lt;/code&gt; and your repo stays clean. Your teammates can keep using plain Git and nothing breaks.&lt;/p&gt;

&lt;h2&gt;
  
  
  The philosophy
&lt;/h2&gt;

&lt;p&gt;Five principles guided every design decision:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;
&lt;strong&gt;Git is the source of truth.&lt;/strong&gt; GOT never modifies Git in ways you didn't ask for.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Metadata is isolated.&lt;/strong&gt; Everything in &lt;code&gt;.got/&lt;/code&gt;. Remove it and Git doesn't notice.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Offline-first.&lt;/strong&gt; No network calls except the ones you initiate.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Plugin-first.&lt;/strong&gt; Core features use the same event bus and plugin API available to extensions.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Recoverable.&lt;/strong&gt; Destructive operations create automatic snapshots first.&lt;/li&gt;
&lt;/ol&gt;

&lt;h2&gt;
  
  
  What it actually looks like
&lt;/h2&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;&lt;span class="c"&gt;# Initialize in any Git repo&lt;/span&gt;
&lt;span class="nb"&gt;cd &lt;/span&gt;your-project
got init

&lt;span class="c"&gt;# Create a workspace to track a feature&lt;/span&gt;
got workspace create oauth &lt;span class="nt"&gt;--description&lt;/span&gt; &lt;span class="s2"&gt;"OAuth 2.0 implementation"&lt;/span&gt;
got workspace add-file oauth src/auth/oauth.go
got workspace add-branch oauth feat/oauth2

&lt;span class="c"&gt;# Record an architectural decision&lt;/span&gt;
got decision create &lt;span class="s2"&gt;"Use JWT tokens for auth"&lt;/span&gt; &lt;span class="nt"&gt;--status&lt;/span&gt; accepted
got decision &lt;span class="nb"&gt;link&lt;/span&gt; &amp;lt;&lt;span class="nb"&gt;id&lt;/span&gt;&lt;span class="o"&gt;&amp;gt;&lt;/span&gt; &lt;span class="nt"&gt;--auto&lt;/span&gt;   &lt;span class="c"&gt;# links to your current commit&lt;/span&gt;

&lt;span class="c"&gt;# See everything about a feature in one place&lt;/span&gt;
got workspace show oauth

&lt;span class="c"&gt;# Safe operations — automatic snapshot before destructive git ops&lt;/span&gt;
got safe reset &lt;span class="nt"&gt;--mode&lt;/span&gt; hard HEAD~3
got safe push origin main
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The &lt;code&gt;got workspace show&lt;/code&gt; command is probably my favorite. It pulls together files, branches, decisions, PRs, and recent commits — all in one view. No more context-switching between &lt;code&gt;git log&lt;/code&gt;, &lt;code&gt;gh pr list&lt;/code&gt;, and scattered notes.&lt;/p&gt;

&lt;h2&gt;
  
  
  The technical bits
&lt;/h2&gt;

&lt;p&gt;GOT is written in Go. A few things I'm proud of:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Pure Go SQLite&lt;/strong&gt; via &lt;code&gt;modernc.org/sqlite&lt;/code&gt; — no CGo, so cross-compilation just works. Binary runs on macOS, Linux, and Windows.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Interface-based Git adapter&lt;/strong&gt; — all Git operations go through a &lt;code&gt;GitAdapter&lt;/code&gt; interface that shells out to &lt;code&gt;git&lt;/code&gt; via &lt;code&gt;os/exec&lt;/code&gt;. Mockable in tests, swappable to libgit2 later.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Event-driven architecture&lt;/strong&gt; — an in-memory pub/sub bus connects all modules. When a commit happens, the workspace engine, plugins, and integration layer all react automatically.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Plugin system&lt;/strong&gt; — external binaries that communicate via JSON over stdin/stdout. A failing plugin never crashes GOT. 21 event types they can subscribe to.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;130+ tests&lt;/strong&gt; with the race detector, running on every push via GitHub Actions.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Building it was the hard part (and the fun part)
&lt;/h2&gt;

&lt;p&gt;This project started as a spec — a 24-section design document that mapped out every feature, every data model, every CLI flag before a single line of code was written. Some people think that's overkill for a side project. But having that spec meant I never had to stop and wonder "how should this work?" The answer was already written down.&lt;/p&gt;

&lt;p&gt;The hardest part wasn't the code. It was deciding what &lt;em&gt;not&lt;/em&gt; to build. The spec had ideas for TUI dashboards, AI-powered commit suggestions, full-text search across decisions, and GitLab/Bitbucket integrations. All of those are future work. v1.0 ships what's solid and tested.&lt;/p&gt;

&lt;p&gt;The most satisfying part? The test suite. There's something deeply comforting about running &lt;code&gt;go test -race ./...&lt;/code&gt; on 130+ tests and seeing them all pass. Especially when you're building tooling that people will trust with their Git repositories.&lt;/p&gt;

&lt;h2&gt;
  
  
  What's next
&lt;/h2&gt;

&lt;p&gt;The roadmap for v1.1 includes an interactive TUI dashboard built with Bubbletea and a full E2E test suite using testscript. Beyond that, I'm thinking about full-text search across decisions (SQLite FTS5), workspace templates, and maybe an AI layer for drafting decision records.&lt;/p&gt;

&lt;p&gt;But honestly? I'm just excited to see if this is useful to other people. That's the real test.&lt;/p&gt;

&lt;h2&gt;
  
  
  Try it
&lt;/h2&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;go &lt;span class="nb"&gt;install &lt;/span&gt;github.com/supunhg/got/cmd/got@latest
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Or clone and build from source:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;git clone https://github.com/supunhg/got.git
&lt;span class="nb"&gt;cd &lt;/span&gt;got
make build
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Then in any Git repo:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;got init
got status
got workspace create my-feature
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The repo is at &lt;a href="https://github.com/supunhg/got" rel="noopener noreferrer"&gt;github.com/supunhg/got&lt;/a&gt;. Issues, PRs, and stars are all welcome. If you build a plugin, I'd love to hear about it.&lt;/p&gt;




&lt;p&gt;&lt;em&gt;GOT is MIT licensed. It works offline. It doesn't phone home. And it won't touch your Git repo unless you ask it to.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>git</category>
      <category>productivity</category>
      <category>showdev</category>
      <category>tooling</category>
    </item>
    <item>
      <title>Filo-Go v0.5.1 Released</title>
      <dc:creator>Supun Hewagamage</dc:creator>
      <pubDate>Fri, 12 Jun 2026 04:03:17 +0000</pubDate>
      <link>https://dev.to/supunhewagamage/filo-go-v051-released-3c4p</link>
      <guid>https://dev.to/supunhewagamage/filo-go-v051-released-3c4p</guid>
      <description>&lt;h2&gt;
  
  
  🚀 Filo-Go v0.5.1
&lt;/h2&gt;

&lt;p&gt;Today I'm happy to announce the first stable release:&lt;/p&gt;

&lt;p&gt;The goal of Filo-Go is to provide a unified forensic analysis platform that can replace workflows involving multiple tools such as Binwalk, &lt;code&gt;file&lt;/code&gt;, ExifTool, and &lt;code&gt;strings&lt;/code&gt;.&lt;/p&gt;

&lt;h3&gt;
  
  
  Highlights
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;REST API server&lt;/li&gt;
&lt;li&gt;Docker support&lt;/li&gt;
&lt;li&gt;Interactive HTML reports&lt;/li&gt;
&lt;li&gt;Streaming analysis pipeline&lt;/li&gt;
&lt;li&gt;Analysis result caching&lt;/li&gt;
&lt;li&gt;Plugin system&lt;/li&gt;
&lt;li&gt;MCP integration&lt;/li&gt;
&lt;li&gt;YARA support&lt;/li&gt;
&lt;li&gt;Firmware analysis capabilities&lt;/li&gt;
&lt;li&gt;Security hardening improvements&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  Quality Improvements
&lt;/h3&gt;

&lt;p&gt;This release also focuses heavily on engineering quality:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;79.6% test coverage&lt;/li&gt;
&lt;li&gt;Zero lint issues&lt;/li&gt;
&lt;li&gt;GitHub Actions CI/CD&lt;/li&gt;
&lt;li&gt;Apache 2.0 licensing&lt;/li&gt;
&lt;li&gt;Improved documentation and benchmarking&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  Real Performance Benchmarks
&lt;/h3&gt;

&lt;p&gt;One lesson learned during development is that benchmark claims must be measurable and reproducible.&lt;/p&gt;

&lt;p&gt;Earlier benchmark experiments produced unrealistic numbers, so I rebuilt the benchmarking process and published reproducible results based on actual workloads.&lt;/p&gt;

&lt;p&gt;Current measured results against Binwalk:&lt;/p&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Operation&lt;/th&gt;
&lt;th&gt;Speedup&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;PNG Analysis&lt;/td&gt;
&lt;td&gt;193.86×&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;ZIP Analysis&lt;/td&gt;
&lt;td&gt;216.78×&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Random 10MB Blob Scan&lt;/td&gt;
&lt;td&gt;13.94×&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;p&gt;Benchmark scripts and raw results are included in the repository for verification.&lt;/p&gt;

&lt;h3&gt;
  
  
  Known Limitations
&lt;/h3&gt;

&lt;p&gt;Not every operation is faster.&lt;/p&gt;

&lt;p&gt;For example:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;code&gt;filo strings&lt;/code&gt; is still slower than GNU strings on large inputs.&lt;/li&gt;
&lt;li&gt;
&lt;code&gt;filo hash&lt;/code&gt; is slightly slower than dedicated hash utilities.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;I'm intentionally documenting these tradeoffs because performance claims without context are not useful.&lt;/p&gt;

&lt;h3&gt;
  
  
  What's Next?
&lt;/h3&gt;

&lt;p&gt;Future work includes:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Additional forensic modules&lt;/li&gt;
&lt;li&gt;Expanded firmware support&lt;/li&gt;
&lt;li&gt;More analysis formats&lt;/li&gt;
&lt;li&gt;Better reporting capabilities&lt;/li&gt;
&lt;li&gt;Continued performance optimization&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Building Filo-Go has been one of the most educational projects I've worked on as a cybersecurity student, touching everything from file formats and malware analysis to API design, testing, benchmarking, and systems programming.&lt;/p&gt;

&lt;p&gt;Repository: &lt;a href="https://github.com/supunhg/filo-go" rel="noopener noreferrer"&gt;filo-go&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Feedback, bug reports, and contributions are welcome.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>go</category>
      <category>opensource</category>
      <category>security</category>
      <category>tooling</category>
    </item>
    <item>
      <title>Building filo-go: Reimagining Digital Forensics in Go</title>
      <dc:creator>Supun Hewagamage</dc:creator>
      <pubDate>Tue, 09 Jun 2026 04:48:30 +0000</pubDate>
      <link>https://dev.to/supunhewagamage/building-filo-go-reimagining-digital-forensics-in-go-9oi</link>
      <guid>https://dev.to/supunhewagamage/building-filo-go-reimagining-digital-forensics-in-go-9oi</guid>
      <description>&lt;p&gt;As a cybersecurity student, I spend a lot of time working with tools like Binwalk, ExifTool, &lt;code&gt;file&lt;/code&gt;, &lt;code&gt;strings&lt;/code&gt;, and YARA.&lt;/p&gt;

&lt;p&gt;They're powerful, but the workflow is fragmented.&lt;/p&gt;

&lt;p&gt;Analyzing a suspicious file often means bouncing between multiple tools, different output formats, and various dependencies.&lt;/p&gt;

&lt;p&gt;So I started building &lt;strong&gt;Filo-Go&lt;/strong&gt;.&lt;/p&gt;

&lt;h2&gt;
  
  
  What is Filo-Go?
&lt;/h2&gt;

&lt;p&gt;Filo-Go (Forensic Intelligence &amp;amp; Learning Operator) is a Go-based digital forensics and file intelligence toolkit.&lt;/p&gt;

&lt;p&gt;The goal is simple:&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;Provide a single, fast, cross-platform binary for common forensic analysis tasks.&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;Current capabilities include:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;File identification and analysis&lt;/li&gt;
&lt;li&gt;Entropy visualization&lt;/li&gt;
&lt;li&gt;Metadata extraction&lt;/li&gt;
&lt;li&gt;String extraction&lt;/li&gt;
&lt;li&gt;Firmware analysis&lt;/li&gt;
&lt;li&gt;Executable analysis (PE, ELF, Mach-O)&lt;/li&gt;
&lt;li&gt;YARA scanning&lt;/li&gt;
&lt;li&gt;PCAP analysis&lt;/li&gt;
&lt;li&gt;SQLite inspection&lt;/li&gt;
&lt;li&gt;Plugin support&lt;/li&gt;
&lt;li&gt;MCP integration for AI-assisted workflows&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Why Go?
&lt;/h2&gt;

&lt;p&gt;I wanted something that is:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Fast&lt;/li&gt;
&lt;li&gt;Easy to distribute&lt;/li&gt;
&lt;li&gt;Cross-platform&lt;/li&gt;
&lt;li&gt;Dependency-light&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Go checked every box.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why Am I Building It?
&lt;/h2&gt;

&lt;p&gt;Partly because I need it.&lt;/p&gt;

&lt;p&gt;Partly because I want to better understand how forensic tools work internally.&lt;/p&gt;

&lt;p&gt;And partly because building systems like this is one of the best ways to learn software engineering, cybersecurity, reverse engineering, and digital forensics.&lt;/p&gt;

&lt;h2&gt;
  
  
  What's Next?
&lt;/h2&gt;

&lt;p&gt;I'll be sharing architecture decisions, implementation details, performance benchmarks, and lessons learned as the project evolves.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Repository&lt;/strong&gt;: &lt;a href="https://github.com/supunhg/filo-go" rel="noopener noreferrer"&gt;filo-go&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Feedback, ideas, and contributions are welcome.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>cybersecurity</category>
      <category>go</category>
      <category>opensource</category>
      <category>forensics</category>
    </item>
  </channel>
</rss>
