Fleet version: fleet desktop v1.48.1 but seemingly all recent builds
💥 Actual behavior
Our build version has +dirty appended to it for fleet desktop builds from github. Orbit builds do not have this. SLSA attestations are still good, so customers can verify the build's provenance but this generates concern as most customers aren't going to think to check provenance. The reporting customer asked if this had been built on a dev workstation or something
🛠️ To fix
Figure out what is causing the build process to mark our build "dirty" when building Fleet Desktop and clean it up so that the version does not have +dirty appended or vcs.modified=true
🧑💻 Steps to reproduce
- Run
go version -m [your fleet desktop binary]
- See that mod
github.com/fleetdm/fleet/v4 has +dirty appended at the end. Also build vcs.modified=true is set.
Example below from our shipped v1.48.1 binary. Dependency versions filtered to remove some cruft
--> go version -m /opt/orbit/bin/desktop/macos/stable/Fleet\ Desktop.app/Contents/MacOS/fleet-desktop | grep -v 'dep\t'
/opt/orbit/bin/desktop/macos/stable/Fleet Desktop.app/Contents/MacOS/fleet-desktop: go1.25.1
path github.com/fleetdm/fleet/v4/orbit/cmd/desktop
mod github.com/fleetdm/fleet/v4 v4.0.0-20250924153139-863ce8b321b1+dirty
build -buildmode=exe
build -compiler=gc
build -ldflags=-X=main.version=1.48.1
build CGO_ENABLED=1
build CGO_CFLAGS=
build CGO_CPPFLAGS=
build CGO_CXXFLAGS=
build CGO_LDFLAGS=
build GOARCH=amd64
build GOOS=darwin
build GOAMD64=v1
build vcs=git
build vcs.revision=863ce8b321b199d1b766123d1228bb05cfe91b41
build vcs.time=2025-09-24T15:31:39Z
build vcs.modified=true
🕯️ More info (optional)
Seems likely our build process is modifying some files during the build/test process probably inadvertently. Interestingly the orbit build is fine.
Fleet version: fleet desktop v1.48.1 but seemingly all recent builds
💥 Actual behavior
Our build version has +dirty appended to it for fleet desktop builds from github. Orbit builds do not have this. SLSA attestations are still good, so customers can verify the build's provenance but this generates concern as most customers aren't going to think to check provenance. The reporting customer asked if this had been built on a dev workstation or something
🛠️ To fix
Figure out what is causing the build process to mark our build "dirty" when building Fleet Desktop and clean it up so that the version does not have +dirty appended or vcs.modified=true
🧑💻 Steps to reproduce
go version -m [your fleet desktop binary]github.com/fleetdm/fleet/v4has+dirtyappended at the end. Alsobuild vcs.modified=trueis set.Example below from our shipped v1.48.1 binary. Dependency versions filtered to remove some cruft
🕯️ More info (optional)
Seems likely our build process is modifying some files during the build/test process probably inadvertently. Interestingly the orbit build is fine.