-
Notifications
You must be signed in to change notification settings - Fork 17.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
x/crypto: freeze and deprecate a few more packages #65250
Comments
This proposal has been added to the active column of the proposals project |
Have all remaining concerns about this proposal been addressed? Mark as Deprecated:
Mark as Frozen:
|
Based on the discussion above, this proposal seems like a likely accept. Mark as Deprecated:
Mark as Frozen:
|
No change in consensus, so accepted. 🎉 Mark as Deprecated:
Mark as Frozen:
|
( @FiloSottile Please edit the proposal to add links to the documentation of each package like |
Over the years we did some significant cleanups of x/crypto packages (#30141, #31044, #36646, #44226).
I propose we do one last round, marking as Deprecated
golang.org/x/crypto/salsa20/salsa: should have been an internal package, exposes low-level components of Salsa20, it has 662 importers, but that number is deceptive: all the ones I sampled are golang.org/x/crypto forks, or a shadowsocks implementation that should have used salsa20.XORKeyStream instead
golang.org/x/crypto/ssh/test: should also have been internal, or really a
_test.go
file, it exposes some test keys, zero importersand marking as Frozen
golang.org/x/crypto/curve25519 and golang.org/x/crypto/ed25519: wrappers for crypto/ecdh and crypto/ed25519 respectively
golang.org/x/crypto/nacl/auth and golang.org/x/crypto/nacl/sign: mostly unused NaCl APIs (21 and 73 importers), they are essentially wrappers around crypto/hmac and crypto/ed25519 respectively
golang.org/x/crypto/otr: implements a deprecated version of OTR, basically unused (15 importers)
golang.org/x/crypto/xts: implements a mode that should be only used for disk encryption and under duress, increasingly replaced by filesystem-level encryption, basically unused (10 importers)
This leaves a pretty healthy list of non-Deprecated non-Frozen packages, which would be suitable for moving into the stdlib (ignoring x509roots for a moment since it's a special snowflake).
/cc @golang/security
Packages summary
The text was updated successfully, but these errors were encountered: