cmd/go/internal/modget: Improve GOINSECURE docs.

Recommend use of GOINSECURE over -insecure flang and clarify that GOINSECURE
environment variable does not also imply GONOSUMDB.

src/cmd/go/internal/help/helpdoc.go

@@ -510,6 +510,8 @@ General-purpose environment variables:
 		Comma-separated list of glob patterns (in the syntax of Go's path.Match)
 		of module path prefixes that should always be fetched in an insecure
 		manner. Only applies to dependencies that are being fetched directly.
+		Unlike the -insecure flag on 'go get' this does not disable checksum
+		database validation; please use GOPRIVATE or GONOSUMDB to achieve that.
 	GOOS
 		The operating system for which to compile code.
 		Examples are linux, darwin, windows, netbsd.

src/cmd/go/internal/modget/get.go

@@ -114,7 +114,10 @@ require downgrading other dependencies, and 'go get' does
 this automatically as well.
 
 The -insecure flag permits fetching from repositories and resolving
-custom domains using insecure schemes such as HTTP. Use with caution.
+custom domains using insecure schemes such as HTTP. Use with caution. It is
+recommended to use the GOINSECURE environment variable instead as it allows
+for more fine-grained control when fetching dependencies in this manner. See
+'go help environment' for details.
 
 The second step is to download (if needed), build, and install
 the named packages.