Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
proposal: cmd/go: add a flag to stop embedding versioning information into the binaries #37693
Proposal #37475 suggests adding a version of git checkout from which the binary is built to the binary itself.
This stability is already slightly compromised, as versions of dependencies are embedded in the final binary. However, it works pretty well in practice: when a dependency changes, it usually brings new code, because nobody is updating dependencies constantly, only to get a new feature or a bugfix.
OTOH, when a checkout version changes, often it does not bring new code, especially for monorepo. As an anecdotic data point, the project I'm working in regularly sees binaries staying stable over hundreds of revisions of source code. #37475 would increase the number of produced Docker images 100x and force upgrades of all components needlessly (unless a scheme equivalent to removing version information from binaries is employed).
This proposal suggests adding a flag that will disable embedding version information completely (including the version of Go).
This will solve the dependencies-induced checksum stability compromise as well.
I'd like to ask to make sure #37475 and this proposal are considered together, to avoid releasing a version of Go where the workflow described in that proposal is broken.
As for the build process I mentioned in #37475 (comment), we are using
A single flag we could use that was something like
@ianlancetaylor, I would prefer to keep this as a separate issue. Given that we already do embed some version information, we can consider whether to add a flag to omit that information separately from whether we expand that information.
(#37475 is about expanding the existing version information, and this issue is about redacting it.)