Where you found this expect() function and how it will receive error, generated by baz? I read Rust documentation about error handling multiple times, but newer saw adequate error handling.
The best solution I know is error-chain library:
use errors::ChainErr;
try!(do_something().chain_err(|| "Something went wrong"));
Braintree.js cuts down PCI scope as much as tokenization. We've worked with banks and auditors to make sure that this doesn't add any headaches for our merchants.
What canadian merchant does stripe use? I was very close to using Stripe, but active merchant didn't provide what we needed through your API (pre-auth/settlement). I hope to use Stripe for other things down the road though.
We recommend that you don't store or log credit card data encrypted with Braintree.js.
As far as PCI compliance, Braintree.js minimizes your PCI scope as much as tokenization. As long as you serve your site over SSL and maintain adequate security around access to servers, administrative passwords, etc., when using Braintree.js, you'll fall under SAQ A (the lowest possible PCI scope for online merchants).
I've run Go in production for a web application, and I'll say that Go is not a great choice for this task. The built in HTTP server doesn't have a way to shut down gracefully, there's not a good zero-downtime restart story, and the standard library SQL package (and abstractions on top of it) has some nasty warts that only show up under concurrent load.
If you build a webapp in Go, be prepared to spend a lot of time monkeying around with problems that are solved issues on most other platforms.
That does look pretty gross, thanks for sharing. Any other ones stick out in your mind? I've been happy using Go against postgres, but haven't had a significant enough load to run into real problems yet.
There are a few bumps and warts. The server close issue was one that made wonder if they ever tested, but I eventually discovered you can close down a server:
