update to version of golang.org/x/crypto currently in Debian unstable

[mwhudson]

This pulls in a new dependency, golang.org/x/sys, which I have also pinned to
the version currently in Debian unstable.

[mwhudson]

OK so this isn't going to work, this version of x/crypto requires 1.7+ (context in std lib). The tests passed on artful and zesty though so that's encouraging for the Debian update.

[pedronis]

notice that we are pulling in more x/crypto than we really need, not sure the bits we need really need context (we would need to split up the dep pulling though)

[mwhudson]

I wonder if setting DH_EXCLUDES to "vendor" would help?

[zyga]

Why did this pass in xenial then (which still has 1.6.x)?

[mvo5]

I'm slightly worried about excluding the vendor tests, it seems like a nice property that we unit test things at this level.

[mwhudson]

That's fair.

Is there a timeline/plan for getting off Go 1.6?

[zyga]

I don't know if we can get off go 1.6 in xenial without full blown backport of 1.8.x - or am I missing something?

[pedronis]

@mwhudson see #3765 for the approach I mentioned a while ago in a comment, seems to work fine and would have us use the same version (of what we actually use)

[mwhudson]

Ah I see, that makes sense. Closing this for now.