build: adopt Go 1.20 as bootstrap toolchain for Go 1.22 #54265

rsc · 2022-08-04T18:46:40Z

I propose that starting with the Go 1.22 dev cycle, we require Go 1.20 as the Go bootstrap version (instead of Go 1.17),
and in general that once a year we bump the bootstrap version forward to last year's Go version.

#44505 was about updating the Go bootstrap version from Go 1.4 to Go 1.16 in Go 1.18; we were delayed and ended up updating to Go 1.17 for Go 1.20 instead. Now we have automation in place that makes it easy to update the bootstrap toolchain. To keep ourselves up-to-date and reduce the amount of technical debt we carry forward, I suggest that we establish a pattern where once a year we bump the bootstrap version forward to the previous year's Go release.

With the current release schedule, this would mean:

Go 1.22 (dev starts Aug 2023, release Feb 2024) bootstraps with Go 1.20 (released Feb 2023)
Go 1.24 (dev starts Aug 2024, release Feb 2025) bootstraps with Go 1.22 (released Feb 2024)
...

In the proposal text for #44505, I wrote about the benefits to packagers of keeping the bootstrap release fixed for longer periods of time, perhaps updating every four years. But now I am proposing that we update every one year. Why? A few reasons.

We have seen a few thorny issues, such as runtime: "sweep increased allocation count" on linux/arm64 during bootstrap #42543, caused by bugs in old toolchains being used for bootstrap; updating more frequently eliminates those kinds of bugs entirely, reducing load on the Go team.
It turned out to be a lot more work on our side to update the bootstrap toolchain than I realized when I proposed build: adopt Go 1.17 as bootstrap toolchain for Go 1.20 #44505. Clearly it needed to happen regardless, and we now have good automation in place to make the next one easy. Doing it every year will keep that process working much more smoothly than if we do every four years.
I am not sure that there is a significant burden on packagers if we have a predictable schedule: the work should be to update their bootstrap URLs once a year, perhaps after refactoring to make that an easy operation.

Thoughts? Any reasons the burden on packagers would be significantly higher than I am estimating?

ianlancetaylor · 2022-08-04T18:57:45Z

If we do this I think we should set up a builder that starts with the Go 1.4 sources and builds the current release, whatever it is, without relying on any binary build of Go.

mdempsky · 2022-08-04T19:51:01Z

Bumping the bootstrap version from Go 1.17 to Go 1.20 will mean the toolchain can start using generics. That's exciting, but also a little scary because generics are still a relatively recent feature. Go 1.20 will be only the 3rd release to support generics; and switching to unified IR is going to mean a largely new implementation of them. We also don't have gofrontend support for generics yet.

I'm in support of setting a tentative plan to bump Go 1.22's bootstrap toolchain to Go 1.20, so that downstream integrators can prepare for that. But I think that after the Go 1.21 release (so after a cycle's worth of Go 1.20 support), it would be good for the team to assess our confidence in depending on that release+generics for bootstrapping.

That concern aside, I think a regular yearly cadence for bumping bootstrap releases sounds appealing. It means whenever we bump the bootstrap toolchain, the new version will still be within the support cycle. So maybe it's viable to actually fix bootstrap toolchain issues, rather than awkwardly skirting around them like we've had to do with Go 1.4. (And if not, the workarounds only need to live for a year anyway.)

rsc · 2022-08-04T20:15:16Z

@ianlancetaylor I am not sure what that builder would be checking, exactly. Suppose it did:

Build Go 1.17 with Go 1.4.
Build Go 1.20 with Go 1.17.
Build the CL under test with Go 1.20.

Steps 1 and 2 will run the same code on every CL. Only step 3 will vary. And that step will match any builder that is using Go 1.20 directly for bootstrap.

randall77 · 2022-08-04T20:24:06Z

@rsc I think that would check that those steps work on the builders.
We would want to check that nothing changed on the builders that would break the bootstrap chain (os version, gcc version, etc.). I don't think we've ever had a problem on Linux, but OSX breaks old versions of Go which prevent that bootstrap chain from working. Running the full bootstrap chain ensures we have a way to purely reconstruct from source on at least one platform.
If it failed, of course, we'd have to issue a new point release of something. Not sure we want to sign up for that or not.

I agree it wouldn't need to run every CL. Periodically, or when we change builder configs would be fine.

ianlancetaylor · 2022-08-04T20:47:36Z

Right, I didn't mean to start from 1.4 on trybots or on every CL. Sorry for being unclear. I mean an automated test, on the builders, that we can bootstrap from source with nothing but a binary C compiler. It would be fine if we just ran that test before every release.

rsc · 2022-08-05T14:28:20Z

I'm fine with having a test that we occasionally run on some stable, backwards-compatible system like linux/amd64. I'm not sure it accomplishes much now that the build dashboard is pedantic about the specific version of Go being used for bootstrap. (In the past it was kind of random which Go bootstrap different builders had baked in. Now the dashboard is in charge of loading it onto each builder and the code is written so that they all use the specific bootstrap version.)

It is certainly not a goal to have the "start with Go 1.4" sequence work on every supported operating system. Keith pointed out that Go 1.4 binaries don't work on macOS anymore, for example (I told Apple we were fine with that back when the M1 chips came out and had trouble emulating the Go 1.4 x86 binaries correctly), and other ports didn't exist back then. But a script we run occasionally on linux/amd64 sounds fine.

aclements · 2022-08-30T18:51:00Z

Summarizing our discussion from today's compiler/runtime meeting:

Several of us felt that there isn't a lot of benefit from regularly updating the bootstrap, versus doing it when there's some feature we actually want to take advantage of in the toolchain. @martisch suggested keeping a bootstrap friction issue open where people log friction they run into that would be addressed by a newer bootstrap version, and we periodically evaluate that issue to see if an upgrade is warranted.
I just did a small exercise in cmd/dist (CLs not quite ready to mail) where I did some cleanup that the 1.17 bootstrap enabled, and realized 1.19 would enable further cleanup. So I made a build-tagged version that did the 1.19 cleanup so that would happen essentially automatically once we do upgrade again. I came out of that exercise with mixed feelings.
@cherrymui pointed out that upgrading the bootstrap regularly means we would always be using a release that's still in the official support window. The long "kind of sort of" supported status of 1.4 was a bit of a mess.

gopherbot · 2022-09-02T18:49:15Z

Change https://go.dev/cl/427958 mentions this issue: cmd/dist: simplify exec.Cmd helpers for Go 1.19

rsc · 2022-09-07T17:59:55Z

The main rationale in my view is to do this so we don't forget how to do it. Updating to Go 1.17 was a big ordeal, and if we do it yearly, it will not be.

Note also #49686 which is the kind of thing we avoid by updating quickly (here we haven't updated quickly enough, but same kind of thing).

We also need to get into the habit of filing issues for completing tree-wide updates at the next bump. For example when we introduced strings.Cut we updated all the non-bootstrap-compiled code, but we should also file an issue linked to the next bootstrap update to complete the conversion of the tree then. Similarly things like strings.Builder which is going on now.

rsc · 2022-09-07T19:02:07Z

This proposal has been added to the active column of the proposals project
and will now be reviewed at the weekly proposal review meetings.
— rsc for the proposal review group

mewmew · 2022-09-08T09:00:49Z

From #54265 (comment):

If we do this I think we should set up a builder that starts with the Go 1.4 sources and builds the current release, whatever it is, without relying on any binary build of Go.

From #54265 (comment):

I'm fine with having a test that we occasionally run on some stable, backwards-compatible system like linux/amd64. I'm not sure it accomplishes much now that the build dashboard is pedantic about the specific version of Go being used for bootstrap.

Being able to do a full source build of Go (e.g. starting from Go 1.4) without having to rely on a binary release would be required for Trusting Trust as @ken illuminated. Having support for only one major operating system/architecture target (e.g. linux/amd64) should be fine, since Go can be cross-compiled for other OS/ARCH targets.

rsc · 2022-09-08T18:49:00Z

See also https://dwheeler.com/trusting-trust/.

gopherbot · 2022-09-13T09:05:53Z

Change https://go.dev/cl/430336 mentions this issue: cmd/link/internal/ld, syscall: use libc based msync on darwin for Go ≥ 1.20

…≥ 1.20 Direct syscalls should no longer be used on darwin. Instead, directly call libc's msync when using Go ≥ 1.20 for bootstrap. For #54265 Change-Id: Ie3f1e6ccd1a06e7f0ddd88cdef5067393a69e8db Reviewed-on: https://go-review.googlesource.com/c/go/+/430336 Reviewed-by: Ian Lance Taylor <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Run-TryBot: Tobias Klauser <[email protected]> Reviewed-by: Cherry Mui <[email protected]> Auto-Submit: Tobias Klauser <[email protected]>

gopherbot · 2022-09-14T15:11:58Z

Change https://go.dev/cl/430496 mentions this issue: cmd, syscall: use syscall.Mmap on solaris for Go ≥ 1.20

CL 413374 added syscall.Mmap on solaris. Use it in cmd/compile and cmd/link if the bootstrap toolchain is Go ≥ 1.20. For #52875 For #54265 Change-Id: I9a0534bf97926eecf0c6f1f9218e855344ba158f Reviewed-on: https://go-review.googlesource.com/c/go/+/430496 Reviewed-by: Bryan Mills <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Cherry Mui <[email protected]> Auto-Submit: Tobias Klauser <[email protected]> Run-TryBot: Tobias Klauser <[email protected]>

When running on Go 1.19, we can further simplify some of the exec.Cmd helpers due to API improvements. There's not much point in doing this while the bootstrap is still 1.17, but this will queue up this simplification in an obvious way for when we next upgrade the bootstrap toolchain (#54265). Updates #44505. Change-Id: I2ebc3d5c584375ec862a1d48138ab134bd9b2366 Reviewed-on: https://go-review.googlesource.com/c/go/+/427958 Reviewed-by: Bryan Mills <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Run-TryBot: Austin Clements <[email protected]> Reviewed-by: Ian Lance Taylor <[email protected]>

rsc · 2022-09-28T20:04:42Z

Based on the discussion above, this proposal seems like a likely accept.
— rsc for the proposal review group

06kellyjac · 2022-10-03T13:45:06Z

Just to clarify is a c build -> go 1.4 -> 1.17 -> 1.20 -> 1.22 bootstrap process included in this proposal (at least for platforms that support it)

Or is this proposal just focused on bootstrapping 1.22 from a 1.20 binary?

gopherbot · 2023-07-23T09:28:12Z

Change https://go.dev/cl/512275 mentions this issue: make.bash,bat,rc: use Go 1.20.6 instead of Go 1.17.13

This was missed in the update of the bootstrap toolchain and should help people who don't set GOROOT_BOOTSTRAP and instead assume these scripts will find the right one. For #54265. Change-Id: I37a0d0976006d13b73df00013780be5abf202e91 Reviewed-on: https://go-review.googlesource.com/c/go/+/512275 Run-TryBot: Russ Cox <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Cherry Mui <[email protected]> Auto-Submit: Russ Cox <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]>

gopherbot · 2023-07-24T22:00:49Z

Change https://go.dev/cl/512720 mentions this issue: cmd/dist: fix broken link in README

While here, also update the go15bootstrap link to use the shorter go.dev domain and https:// prefix for consistency. For #54265. Change-Id: I881eeda235589511a93bf47186f91f6c47c12932 Reviewed-on: https://go-review.googlesource.com/c/go/+/512720 Run-TryBot: Dmitri Shuralyov <[email protected]> Auto-Submit: Dmitri Shuralyov <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Cherry Mui <[email protected]>

mvdan · 2023-08-24T10:19:19Z

I see that this issue remains open for the 1.24 milestone, even though as far as I can tell, the work for 1.22 happened a month ago. Is the plan to keep this a "rolling" open issue to repurpose every two Go versions?

heschi · 2023-08-24T17:28:41Z

Yeah, but on further consideration, I don't want to. We'll track this in our internal release plan. Moved back and closing.

gopherbot · 2024-02-11T13:08:54Z

Change https://go.dev/cl/562619 mentions this issue: _content/doc/install: document minumum bootstrap versions

So long and thanks for all the fish. See golang/go#54265

[ commit c184b82e4b323135f3e26dd2c263469a21bfa9ed ] So long and thanks for all the fish. See golang/go#54265

Fixes golang/go#65654 Updates golang/go#54265 Updates golang/go#44505 Change-Id: Ia1c9b50a2f66b67db43e8dcd21b1002b66cf30fa Reviewed-on: https://go-review.googlesource.com/c/website/+/562619 Auto-Submit: Robert Findley <[email protected]> Reviewed-by: Robert Findley <[email protected]> Reviewed-by: Austin Clements <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]>

gopherbot · 2024-08-30T17:32:13Z

Change https://go.dev/cl/609915 mentions this issue: cmd/dist: do not rewrite "any" -> "interface{}"

Since go1.22, generic can now be used when building bootstrap toolchain. Updates #54265 Updates #64751 Change-Id: I93209fc23c92114d37ef36787ea2b520de3ed89d Reviewed-on: https://go-review.googlesource.com/c/go/+/609915 LUCI-TryBot-Result: Go LUCI <[email protected]> Auto-Submit: Cuong Manh Le <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Reviewed-by: Ian Lance Taylor <[email protected]>

gopherbot · 2024-09-04T14:12:58Z

Change https://go.dev/cl/610675 mentions this issue: all: use the previous major Go release to bootstrap the build

To avoid having to maintain GO_BOOTSTRAP_VERSION in the playground Dockerfile, always use the latest "published" minor of the previous Go release as the bootstrap version, which per golang/go#54265 should always be a sufficiently recent bootstrap version. Here "published" means that the toolchain must exist, since it will be downloaded for bootstrap. To enable this, add a `-toolchain` flag to the latestgo command, which selects versions from the set of published toolchains, rather than from Gerrit tags. Fixes golang/go#69238 Change-Id: Ib4d4d7f2c0d5c4fbdccfec5d8bb83c040e0c5384 Reviewed-on: https://go-review.googlesource.com/c/playground/+/610675 LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]>

golang-1.24 (1.24.2-2) unstable; urgency=medium . * Team upload * Backport patch to fix SIGSEGV in vgetrandom on Linux 6.11+ (Closes: #1103345) . golang-1.24 (1.24.2-1) unstable; urgency=medium . * Team upload * New upstream version 1.24.2 + CVE-2025-22871: net/http: request smuggling through invalid chunked data . golang-1.24 (1.24.1-1) unstable; urgency=medium . * Team upload * New upstream version 1.24.1 + CVE-2025-22870: net/http, x/net/proxy, x/net/http/httpproxy: proxy bypass using IPv6 zone IDs * Install lib directory to golang-X.Y-src package. This includes lib/wasm directory which is moved from misc/wasm in Go 1.24. (Closes: #1096251) . golang-1.24 (1.24.0-2) unstable; urgency=medium . * Team upload * Add golang-1.24-go to Build-Depends . golang-1.24 (1.24.0-1) unstable; urgency=medium . * Team upload * New upstream version 1.24.0 . golang-1.24 (1.24~rc3-2) unstable; urgency=medium . * Team upload * Add binutils-gold to Build-Depends on arm64 (Closes: #1095697) * And binutils-gold to Depends for golang-X.Y-go on arm64 . golang-1.24 (1.24~rc3-1) unstable; urgency=medium . * Team upload * New upstream version 1.24~rc3 + CVE-2025-22866: crypto/elliptic: timing sidechannel for P-256 on ppc64le + CVE-2025-22867: cmd/go: arbitrary code execution during build on darwin . golang-1.24 (1.24~rc2-1) unstable; urgency=medium . * Team upload * New upstream version 1.24~rc2 * Revert "Backport patch to fix tests using expired certificates" . golang-1.24 (1.24~rc1-1) unstable; urgency=medium . * Team upload * New upstream version 1.24~rc1 * Bump minimal bootstrap Go version to 1.22 * Backport patch to fix tests using expired certificates . golang-1.23 (1.23.4-1) unstable; urgency=medium . * Team upload * New upstream version 1.23.4 . golang-1.23 (1.23.3-2) unstable; urgency=medium . * Team upload * Running regression autopkgtest with root . golang-1.23 (1.23.3-1) unstable; urgency=medium . * Team upload * New upstream version 1.23.3 * Switch to versioned golang-1.XX-go packages for building. Break circular loop with golang-defaults metapackage (Closes: #1081647) . golang-1.23 (1.23.2-1) unstable; urgency=medium . * Team upload * New upstream version 1.23.2 . golang-1.23 (1.23.1-3) unstable; urgency=medium . * Team upload * Increase timeout to 2h in autopkgtest . golang-1.23 (1.23.1-2) unstable; urgency=medium . * Team upload * Increase timeout to 1h in autopkgtest . golang-1.23 (1.23.1-1) unstable; urgency=medium . * Team upload * New upstream version 1.23.1 + CVE-2024-34155: go/parser: stack exhaustion in all Parse* functions + CVE-2024-34156: encoding/gob: stack exhaustion in Decoder.Decode + CVE-2024-34158: go/build/constraint: stack exhaustion in Parse . golang-1.23 (1.23.0-1) unstable; urgency=medium . * Team upload * New upstream version 1.23.0 . golang-1.23 (1.23~rc2-2) unstable; urgency=medium . * Team upload * Increase test timeout in autopkgtest . golang-1.23 (1.23~rc2-1) unstable; urgency=medium . * Team upload * New upstream version 1.23~rc2 . golang-1.23 (1.23~rc1-1) unstable; urgency=medium . * Team upload. . [ Dr. Tobias Quathamer ] * Remove myself from Uploaders . [ Shengjing Zhu ] * New upstream version 1.23~rc1 * Replace pkg-config with pkgconf . golang-1.22 (1.22.4-1) unstable; urgency=medium . * Team upload * New upstream version 1.22.4 + CVE-2024-24789: archive/zip: mishandling of corrupt central directory record + CVE-2024-24790: net/netip: unexpected behavior from Is methods for IPv4-mapped IPv6 addresses . golang-1.22 (1.22.3-1) unstable; urgency=medium . * Team upload * New upstream version 1.22.3 + CVE-2024-24788: net: malformed DNS message can cause infinite loop . golang-1.22 (1.22.2-2) unstable; urgency=medium . * Team upload * Skip flaky TestCrashDumpsAllThreads on s390x (LP: #2061742) https://github.com/golang/go/issues/64650 . golang-1.22 (1.22.2-1) unstable; urgency=medium . * Team upload * New upstream version 1.22.2 + CVE-2023-45288: http2: close connections when receiving too many headers * Revert "Backport patch to fix external link on riscv64" (applied in 1.22.2) . golang-1.22 (1.22.1-1) unstable; urgency=medium . * Team upload * New upstream version 1.22.1 + CVE-2024-24783: crypto/x509: Verify panics on certificates with an unknown public key algorithm + CVE-2023-45290: net/http: memory exhaustion in Request.ParseMultipartForm + CVE-2023-45289: net/http, net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect + CVE-2024-24785: html/template: errors returned from MarshalJSON methods may break template escaping + CVE-2024-24784: net/mail: comments in display names are incorrectly handled * Update upstream signing key * Backport patch to fix external link on riscv64 (Closes: #1065368) . golang-1.22 (1.22.0-2) unstable; urgency=medium . * Team upload * Skip flaky TestCrashDumpsAllThreads on mips64le . golang-1.22 (1.22.0-1) unstable; urgency=medium . * Team upload * New upstream version 1.22.0 . golang-1.22 (1.22~rc2-1) unstable; urgency=medium . * Team upload * New upstream version 1.22~rc2 * Bump bootstrap Go to 1.20. See https://github.com/golang/go/issues/54265 gccgo only implements Go 1.18 and can't bootstrap Go 1.22 now. * Revert "Skip TestUser{Cache,Config}Dir when HOME is not writable" This reverts commit 5e8f93837a5d73a391fbbc278a34e5a89f84ca9b. Fixed by upstream https://github.com/golang/go/issues/64990 . golang-1.22 (1.22~rc1-2) unstable; urgency=medium . * Skip TestUser{Cache,Config}Dir when HOME is not writable . golang-1.22 (1.22~rc1-1) unstable; urgency=medium . * Team upload * New upstream version 1.22rc1 * Build loong64 binaries (Closes: #1055087) * Avoid downloading a newer toolchain when bootstrap . golang-1.21 (1.21.5-1) unstable; urgency=medium . * Team upload * New upstream version 1.21.5 + CVE-2023-39326: net/http: limit chunked data overhead + CVE-2023-45285: cmd/go: go get may unexpectedly fallback to insecure git + CVE-2023-45283: path/filepath: retain trailing \ when cleaning paths like \\?\c:\ . golang-1.21 (1.21.4-1) unstable; urgency=medium . * Team upload * New upstream version 1.21.4 + CVE-2023-45283: path/filepath: recognize \??\ as a Root Local Device path prefix. + CVE-2023-45284: path/filepath: recognize device names with trailing spaces and superscripts. . golang-1.21 (1.21.3-1) unstable; urgency=medium . * Team upload * New upstream version 1.21.3 + CVE-2023-44487/CVE-2023-39325: net/http: rapid stream resets can cause excessive work . golang-1.21 (1.21.2-1) unstable; urgency=medium . * Team upload * New upstream version 1.21.2 + CVE-2023-39323: cmd/go: line directives allows arbitrary execution during build . golang-1.21 (1.21.1-1) unstable; urgency=medium . * Team upload * New upstream version 1.21.1 + CVE-2023-39320: cmd/go: go.mod toolchain directive allows arbitrary execution + CVE-2023-39318: html/template: improper handling of HTML-like comments within script contexts + CVE-2023-39319: html/template: improper handling of special tags within script contexts + CVE-2023-39321/CVE-2023-39322: crypto/tls: panic when processing post-handshake message on QUIC connections . golang-1.21 (1.21.0-1) unstable; urgency=medium . * Team upload * New upstream version 1.21.0 . golang-1.21 (1.21~rc4-1) unstable; urgency=medium . * Team upload * New upstream version 1.21~rc4 . golang-1.21 (1.21~rc3-2) unstable; urgency=medium . * Team upload * Add Breaks+Replaces golang-1.21-go (<< 1.21~rc3) on golang-1.21-src src/internal/platform/zosarch.go move from golang-1.21-go to golang-1.21-src (Closes: #1041412) . golang-1.21 (1.21~rc3-1) unstable; urgency=medium . * Team upload * New upstream version 1.21~rc3 . golang-1.21 (1.21~rc2-2) unstable; urgency=medium . * Team upload * Add autopkgtest . golang-1.21 (1.21~rc2-1) unstable; urgency=medium . * Team upload * New upstream version 1.21~rc2 . golang-1.21 (1.21~rc1-1) unstable; urgency=medium . * Team upload * New upstream version 1.21rc1 * Install go.env in GOROOT * Drop patches + 0001-Disable-test-for-UserHomeDir.patch. Now the test doesn't fail if HOME dir doesn't exist See https://github.com/golang/go/commit/bb4ea80b + 0002-Fix-Lintian-warnings-about-wrong-interpreter-path.patch. We don't run these scripts, just leave them as is. + 0003-cmd-dist-increase-default-timeout-scale-for-arm.patch. Upstream has removed arch-specific timeout scale heuristics. See https://github.com/golang/go/issues/57117 We can move the setting to dh-golang. + 0004-skip-userns-test-in-schroot-as-well.patch. Now the tests doesn't hardcode chroot types. See https://github.com/golang/go/commit/09267142 . golang-1.20 (1.20.5-1) unstable; urgency=medium . * Team upload * New upstream version 1.20.5 + CVE-2023-29402: cmd/go: cgo code injection + CVE-2023-29403: runtime: unexpected behavior of setuid/setgid binaries + CVE-2023-29404/CVE-2023-29405: cmd/go: improper sanitization of LDFLAGS . golang-1.20 (1.20.4-1) unstable; urgency=medium . * Team upload * New upstream version 1.20.4 + CVE-2023-24539: html/template: improper sanitization of CSS values + CVE-2023-24540: html/template: improper handling of JavaScript whitespace + CVE-2023-29400: html/template: improper handling of empty HTML attributes . golang-1.20 (1.20.3-1) unstable; urgency=medium . * Team upload * New upstream version 1.20.3 + CVE-2023-24537: go/parser: infinite loop in parsing + CVE-2023-24538: html/template: backticks not treated as string delimiters + CVE-2023-24534: net/http, net/textproto: denial of service from excessive memory allocation + CVE-2023-24536: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption . golang-1.20 (1.20.2-1) unstable; urgency=medium . * Team upload * New upstream version 1.20.2 + CVE-2023-24532: crypto/elliptic: incorrect P-256 ScalarMult and ScalarBaseMult results . golang-1.20 (1.20.1-1) unstable; urgency=medium . * Team upload * New upstream version 1.20.1 + CVE-2022-41722: path/filepath: path traversal in filepath.Clean on Windows + CVE-2022-41725: net/http, mime/multipart: denial of service from excessive resource consumption + CVE-2022-41724: crypto/tls: large handshake records may cause panics + CVE-2022-41723: net/http: avoid quadratic complexity in HPACK decoding . golang-1.20 (1.20-1) unstable; urgency=medium . * Team upload * New upstream release 1.20 * Remove patches applied upstream: - d/patches/0005-Revert-internal-fsys-follow-root-symlink-in-fsys.Wal.patch - d/patches/0006-time-revert-strict-parsing-of-RFC-3339.patch . golang-1.20 (1.20~rc3-2) unstable; urgency=medium . * Team upload * Revert strict parsing of RFC 3339. See https://github.com/golang/go/issues/54580 . golang-1.20 (1.20~rc3-1) unstable; urgency=medium . [ William 'jawn-smith' Wilson ] * New upstream version 1.20 rc3 . [ Shengjing Zhu ] * Drop 0005-syscall-skip-TestUseCgroupFD-if-cgroupfs-not-mounted.patch, merged in new version. . golang-1.20 (1.20~rc2-2) unstable; urgency=medium . * Team upload * Add NO_PNG_PKG_MANGLE to prevent mangling testdata. This is Ubuntu specific behaviour so they can sync the package without vendor patch. * Revert "internal/fsys: follow root symlink in fsys.Walk" Fix https://github.com/golang/go/issues/57754 . golang-1.20 (1.20~rc2-1) unstable; urgency=medium . * Team upload * New upstream version 1.20~rc2 * Bump bootstrap Go to 1.17. See https://github.com/golang/go/issues/44505 * Drop i386 bootstrap workaround with Go < 1.16 * Add patch to skip TestUseCgroupFD for schroot * Update Standards-Version to 4.6.2 (no changes) * $GOROOT/pkg no longer stores pre-compiled package archives for the standard library * Make all scripts in src directory executable. To silence lintian. * Refresh lintian overrides . golang-1.19 (1.19.4-1) unstable; urgency=medium . * New upstream version 1.19.4 + CVE-2022-41720: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows + CVE-2022-41717: net/http: limit canonical header cache by bytes, not entries . golang-1.19 (1.19.3-1) unstable; urgency=medium . * New upstream version 1.19.3 + CVE-2022-41716: syscall, os/exec: unsanitized NUL in environment variables On Windows, syscall.StartProcess and os/exec.Cmd did not properly check for invalid environment variable values. A malicious environment variable value could exploit this behavior to set a value for a different environment variable. . golang-1.19 (1.19.2-1) unstable; urgency=medium . * New upstream version 1.19.2 + CVE-2022-2879: archive/tar: unbounded memory consumption when reading headers + CVE-2022-2880: net/http/httputil: ReverseProxy should not forward unparseable query parameters + CVE-2022-41715: regexp/syntax: limit memory used by parsing regexps . golang-1.19 (1.19.1-1) unstable; urgency=medium . * New upstream version 1.19.1 . golang-1.19 (1.19-1) unstable; urgency=medium . * New upstream version 1.19 * Update d/docs to reflect upstream removal of AUTHORS and CONTRIBUTORS . golang-1.19 (1.19~rc2-1) unstable; urgency=medium . * New upstream version 1.19 rc2 . golang-1.19 (1.19~rc1-1) unstable; urgency=medium . * Team upload. * Update upstream signing key. Download from https://dl.google.com/dl/linux/linux_signing_key.pub * New upstream version 1.19~rc1 + Fix boostrap with gccgo (Closes: #1014238) * Update Standards-Version to 4.6.1 (no changes) . golang-1.19 (1.19~beta1-2) unstable; urgency=medium . * Team upload. * Source-only upload for migration to testing . golang-1.19 (1.19~beta1-1) unstable; urgency=medium . * New upstream version 1.19 beta1 . golang-1.18 (1.18.3-1) unstable; urgency=medium . * New upstream version 1.18.3 . golang-1.18 (1.18.2-2) unstable; urgency=medium . * d/p/0007-cmd-link-use-TOC-relative-trampolines-on-PPC64-when-.patch: Remove patch. It's causing the build on ppc64el to FTBFS during link time. . golang-1.18 (1.18.2-1) unstable; urgency=medium . * New upstream version 1.18.2 * d/p/0007-cmd-link-use-TOC-relative-trampolines-on-PPC64-when-.patch: Use TOC-relative trampolines on ppc64el when needed. Fix link error when building PIE binaries. (Closes: #1010942) . golang-1.18 (1.18.1-1) unstable; urgency=medium . * New upstream version 1.18.1 + CVE-2022-24675: encoding/pem: fix stack overflow in Decode + CVE-2022-28327: crypto/elliptic: tolerate all oversized scalars in generic P-256 + CVE-2022-27536: crypto/x509: non-compliant certificates can cause a panic in Verify on macOS in Go 1.18 . golang-1.18 (1.18-1) unstable; urgency=medium . * New upstream version 1.18 . golang-1.18 (1.18~rc1-1) unstable; urgency=medium . * Team upload. * New upstream version 1.18~rc1 . golang-1.18 (1.18~beta2-1) unstable; urgency=medium . * New upstream version 1.18 beta2 . golang-1.18 (1.18~beta1-2) unstable; urgency=medium . * Source-only upload for migration to testing . golang-1.18 (1.18~beta1-1) unstable; urgency=medium . * New upstream version 1.18 beta1 . golang-1.17 (1.17.5-1) unstable; urgency=medium . * Team upload. * New upstream version 1.17.5 + CVE-2021-44716: net/http: limit growth of header canonicalization cache + CVE-2021-44717: syscall: don’t close fd 0 on ForkExec error . golang-1.17 (1.17.4-1) unstable; urgency=medium . * Team upload. * New upstream version 1.17.4 . golang-1.17 (1.17.3-1) unstable; urgency=medium . * Team upload. * New upstream version 1.17.3 + CVE-2021-41771: debug/macho: invalid dynamic symbol table command can cause panic + CVE-2021-41772: archive/zip: Reader.Open panics on empty string . golang-1.17 (1.17.2-1) unstable; urgency=medium . * Team upload. . [ Anthony Fok ] * Fix Lintian warning: tab-in-license-text debian/copyright (starting at line 366) . [ Shengjing Zhu ] * Ensure GOROOT_BOOTSTRAP is valid * Set GOPATH in d/rules. Seems the go command needs GOPATH env * New upstream version 1.17.2 + CVE-2021-38297: When invoking functions from WASM modules, built using GOARCH=wasm GOOS=js, passing very large arguments can cause portions of the module to be overwritten with data from the arguments . golang-1.17 (1.17.1-1) unstable; urgency=high . * New upstream version 1.17.1 + CVE-2021-39293: security fix to the archive/zip package The fix for CVE-2021-33196 can be bypassed by crafted inputs. As a result, the NewReader and OpenReader functions in archive/zip can still cause a panic or an unrecoverable fatal error when reading an archive that claims to contain a large number of files, regardless of its actual size. Thanks to the OSS-Fuzz project for discovering this issue and to Emmanuel Odeke for reporting it. + bug fixes to the archive/zip, go/internal/gccgoimporter, html/template, net/http, and runtime/pprof packages * Re-add "Multi-Arch: foreign" hint * Rename Maintainer from "Go Compiler Team" to "Debian Go Compiler Team" * Bump Standards-Version to 4.6.0 (no change) . golang-1.17 (1.17-3) unstable; urgency=medium . * Team upload. * Add missing generated buildcfg file (Closes: #993450) . golang-1.17 (1.17-2) unstable; urgency=medium . * Team upload. * Fix extracting go version for gccgo . golang-1.17 (1.17-1) unstable; urgency=medium . * Team upload. * New upstream version 1.17 * Refresh patches, dropping 0003-cmd-go-cmd-cgo-pass-mfp32-and-mhard-soft-float-to-MI.patch which was merged upstream. * Do not include the now-deleted favicon.ico in golang-1.17-doc. * Add one more arch-independent-package-contains-binary-or-object lintian suppression. . golang-1.16 (1.16.7-1) unstable; urgency=medium . * Team upload. * New upstream version 1.16.7 + CVE-2021-36221: net/http: panic due to racy read of persistConn after handler panic . golang-1.16 (1.16.6-1) unstable; urgency=medium . * Team upload. * New upstream version 1.16.6 + CVE-2021-34558: crypto/tls: clients can panic when provided a certificate of the wrong type for the negotiated parameters . golang-1.16 (1.16.5-1) unstable; urgency=medium . * Team upload. * New upstream version 1.16.5 + CVE-2021-33195: net: Lookup functions may return invalid host names + CVE-2021-33196: archive/zip: malformed archive may cause panic or memory exhaustion (Closes: #989492) + CVE-2021-33197: net/http/httputil: ReverseProxy forwards Connection headers if first one is empty + CVE-2021-33198: math/big: (*Rat).SetString with "1.770p02041010010011001001" crashes with "makeslice: len out of range" . golang-1.16 (1.16.4-1) unstable; urgency=medium . * Team upload. * New upstream version 1.16.4 Fix CVE-2021-31525 net/http: ReadRequest can stack overflow due to recursion with very large headers . golang-1.16 (1.16.3-4) unstable; urgency=medium . * Team upload. * Remove bootstrap dir after build. Otherwise tests fail . golang-1.16 (1.16.3-3) unstable; urgency=medium . * Team upload. * Drop mtime hack in postinst and d/rules https://github.com/golang/go/issues/3506#issuecomment-341310161 > Essentially everything involved in this report has been rewritten. > The go command no longer cares about mtimes. * No need to remove src dir in golang-$(GOVER)-go package. It's not installed by golang-X.Y-go.dirs now * Update description and recommended way to use specified version (Closes: #985542) * Rebuild with go1.16. To build with GO386=softfloat, https://github.com/golang/go/issues/44500 * Add Multi-Arch hint * Only build in -arch target again. Move generated source files to golang-1.16-go package * Not force gencontrol in dh_clean. Not needed after the new branch is created. And we need to add some Breaks/Replaces to d/control which should not be in next version * Remove GOCACHE before dh_install. So it is executed when build with nocheck as well . golang-1.16 (1.16.3-2) unstable; urgency=medium . * Team upload. * Also build package in indep target (Closes: #987126) As the -src package moved to arch all, * Build with empty GO386 env on i386 for now. It's no possible to build go1.16 with go1.15 with either GO386=softfloat or GO386=387. We can rebuild go1.16 with go1.16 and GO386=softfloat later. . golang-1.16 (1.16.3-1) unstable; urgency=medium . * Team upload. * New upstream version 1.16.3 Fix CVE-2021-27918 CVE-2021-27919 * Move golang-X.Y-src to arch all. The package doesn't contain arch specific source now. * Update golang-X.Y-doc package description. Most contents are removed by upstream in 1.16, which is moved to x/website repository. And the godoc binary is also shipped in golang-golang-x-tools now. So no longer recommend users to read doc with godoc. These html files can also be read in plain browsers. * Replace dpkg-parsechangelog with dpkg pkg-info.mk * Try to enable tests on armel and ppc64. No comments say why it doesn't work * Remove nocheck detection as debhelper respects it since compat 13 * Remove override_dh_missing as fail-missing is default in compat 13 . golang-1.16 (1.16-1) unstable; urgency=medium . * New upstream version 1.16 * debian/control{.in,}: Change Section from devel to golang * Add myself to Uploaders . golang-1.16 (1.16~rc1-1) unstable; urgency=medium . * Team upload. * New upstream major version. - Drop 0004-cmd-dist-fix-build-failure-of-misc-cgo-test-on-arm64.patch which was replaced by https://go-review.googlesource.com/c/go/+/262357/ and cherry-picked as b3f7f60 for go1.16 upstream - Refresh remaining patches * Update Standards-Version to 4.5.1, no changes needed . golang-1.15 (1.15.8-1) unstable; urgency=medium . * Team upload. * New upstream version 1.15.8 * Skip userns tests in schroot. When schroot is using overlayfs, it fails to detect it as chroot. . golang-1.15 (1.15.7-1) unstable; urgency=medium . * Team upload. * New upstream version 1.15.7 + crypto/elliptic: incorrect operations on the P-224 curve CVE-2021-3114 . golang-1.15 (1.15.6-1) unstable; urgency=medium . * Team upload. . [ Balint Reczey ] * cmd/dist: increase default timeout scale for arm (LP: #1893640) . [ Shengjing Zhu ] * New upstream version 1.15.6 * Drop CGO_LDFLAGS patch, fixed in go1.15.6 . golang-1.15 (1.15.5-2) unstable; urgency=medium . * Team upload. * Backport patch to fix usability regression in go1.15.5 cmd/go: allow flags in CGO_LDFLAGS environment variable not in security allowlist https://github.com/golang/go/issues/42567 . golang-1.15 (1.15.5-1) unstable; urgency=medium . * New upstream version 1.15.5. . golang-1.15 (1.15.4-1) unstable; urgency=medium . * New upstream version 1.15.4. . golang-1.15 (1.15.2-1) unstable; urgency=medium . * New upstream version 1.15.2. . golang-1.15 (1.15-2) unstable; urgency=medium . * Team upload. * Backport fix for arm64 cgo test https://go-review.googlesource.com/c/go/+/237858 . golang-1.15 (1.15-1) unstable; urgency=medium . * New upstream version 1.15 . golang-1.15 (1.15~rc2-1) unstable; urgency=medium . * New upstream version 1.15~rc2 - encoding/binary: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs. CVE-2020-16845 . golang-1.15 (1.15~rc1-1) unstable; urgency=medium . [ Shengjing Zhu ] * Backport patches to fix the FPU ABI problems for mips32 https://go-review.googlesource.com/c/go/+/237058/ . [ Dr. Tobias Quathamer ] * New upstream version 1.15~rc1 - Refresh patches - net/http: Expect 100-continue panics in httputil.ReverseProxy. See https://github.com/golang/go/issues/34902, fixes CVE-2020-15586 . golang-1.15 (1.15~beta1-2) unstable; urgency=medium . * Source-only upload. . golang-1.15 (1.15~beta1-1) unstable; urgency=medium . * New upstream major version. - Drop patch to fix FTBFS on $HOME managed with git, has been applied upstream. - Refresh remaining patches . golang-1.14 (1.14.4-1) unstable; urgency=medium . * New upstream version 1.14.4 - Refresh patches . golang-1.14 (1.14.3-2) unstable; urgency=medium . * Increase the test timeout that made some builds succeed there on slow hardware (such as emulated riscv64). Thanks to Gianfranco Costamagna (Closes: #960759) . golang-1.14 (1.14.3-1) unstable; urgency=medium . * New upstream version 1.14.3 * Use debhelper v13 . golang-1.14 (1.14.2-1) unstable; urgency=medium . * New upstream version 1.14.2 . golang-1.14 (1.14.1-1) unstable; urgency=medium . * New upstream version 1.14.1 - Add new patch to fix FTBFS on $HOME managed with git. Thanks to Guillem Jover <[email protected]> (Closes: #953276) . golang-1.14 (1.14-2) unstable; urgency=medium . * Fix FTBFS if built twice in a row. Some paths of autogenerated files have been changed upstream, so that the removal of those files after the build did no longer succeed. Thanks to Guillem Jover (Closes: #953277) * Update Standards-Version to 4.5.0, no changes needed . golang-1.14 (1.14-1) unstable; urgency=medium . * New upstream version 1.14 . golang-1.14 (1.14~rc1-1) unstable; urgency=medium . * New upstream version 1.14~rc1 - Fixes CVE-2020-7919 * Add Breaks: dh-golang (<< 1.43~) to golang-go. Thanks to Pirate Praveen <[email protected]> * Update upstream's signing key * Add support for riscv64. Thanks to Aurelien Jarno <[email protected]> (Closes: #950517) . golang-1.14 (1.14~beta1-2) unstable; urgency=medium . * Source-only upload. * Add two more lintian overrides for testdata . golang-1.14 (1.14~beta1-1) unstable; urgency=medium . * New upstream major version. . golang-1.13 (1.13.5-1) unstable; urgency=medium . * New upstream version 1.13.5 . golang-1.13 (1.13.4-1) unstable; urgency=medium . * New upstream version 1.13.4 - Refresh patches . golang-1.13 (1.13.3-1) unstable; urgency=medium . * New upstream version 1.13.3 - Refresh patch - crypto/dsa: invalid public key causes panic in dsa.Verify. Fixes CVE-2019-17596. Closes: #942628 * Update Standards-Version to 4.4.1, no changes needed . golang-1.13 (1.13.1-1) unstable; urgency=medium . * New upstream version 1.13.1 - net/textproto: don't normalize headers with spaces before the colon. Fixes CVE-2019-16276. See https://github.com/golang/go/issues/34541 and Debian bug #941173 . golang-1.13 (1.13-1) unstable; urgency=medium . * New upstream version 1.13 - Refresh patch * Set pristine-tar for gbp to False . golang-1.13 (1.13~rc2-1) unstable; urgency=medium . * New upstream version 1.13~rc2 - Remove patch for CVE-2019-9512 and CVE-2019-9514, has been applied upstream . golang-1.13 (1.13~rc1-2) unstable; urgency=medium . * Exclude testdata from dh_makeshlibs. Otherwise, the build fails at least on armel and armhf. * Apply changes from cme fix dpkg * Set Rules-Requires-Root: no . golang-1.13 (1.13~rc1-1) unstable; urgency=medium . * New upstream version 1.13~rc1 - Remove patch for CVE-2019-14809, has been applied upstream * Use dh_missing instead of deprecated dh_install --fail-missing * Do not run dh_dwz, there is no debugging information * Use debhelper-compat (= 12) . golang-1.13 (1.13~beta1-3) unstable; urgency=high . * Fix Denial of Service vulnerabilities in the HTTP/2 implementation. https://github.com/golang/go/issues/33631 CVE-2019-9512, CVE-2019-9514. Closes: #934955 * Fix multiple Parsing Issues in URL.Parse https://github.com/golang/go/issues/29098 CVE-2019-14809. Closes: #934954 . golang-1.13 (1.13~beta1-2) unstable; urgency=medium . * Set GOCACHE to fix a FTBFS. (See bug #933958) . golang-1.13 (1.13~beta1-1) unstable; urgency=medium . * New upstream major version. - Remove Reproducible-BUILD_PATH_PREFIX_MAP.patch. This patch is finally no longer needed with Go 1.13. Upstream has implemented a new flag "-trimpath" for the command "go build" which either strips the path or replaces it in the resulting binaries. References: https://github.com/golang/go/issues/16860 https://go-review.googlesource.com/c/go/+/173345/ https://go-review.googlesource.com/c/go/+/173344/ - Remove arm64-arm64asm-recognise-new-ssbb-pssbb-mnemonics-fr.patch. This patch has been cherry-picked from upstream and is now included. - Refresh remaining patches - Fix lintian warning: make scripts executable * Switch to debhelper-compat, but stay at v11 for now . golang-1.12 (1.12.7-1) unstable; urgency=medium . * New upstream version 1.12.7 - Refresh patches * Update Standards-Version to 4.4.0, no changes needed . golang-1.12 (1.12.5-1) unstable; urgency=medium . * New upstream version 1.12.5 . golang-1.12 (1.12.4-1) unstable; urgency=medium . [ Anthony Fok ] * Add /usr/lib/go-X.Y/{api,misc} symlinks. For example, programs such as https://github.com/vugu/vugu and documentation such as https://github.com/golang/go/wiki/WebAssembly expect to find wasm_exec.js at "$(go env GOROOT)/misc/wasm/wasm_exec.js". . [ Dr. Tobias Quathamer ] * New upstream version 1.12.4 * Add five lintian overrides for false positives . golang-1.12 (1.12.1-1) unstable; urgency=medium . * New upstream version 1.12.1 * Use upstream signing key for tarball verification . golang-1.12 (1.12-1) unstable; urgency=medium . * New upstream version 1.12 - Remove patch 0005-Fix-CVE-2019-6486, applied upstream . golang-1.12 (1.12~beta2-2) unstable; urgency=medium . * Refresh patch Reproducible BUILD_PATH_PREFIX_MAP. Thanks to Michael Stapelberg! * Add patch to fix CVE-2019-6486. (Closes: #920548) . golang-1.12 (1.12~beta2-1) unstable; urgency=medium . * New upstream version 1.12~beta2 - Remove two patches, applied upstream. Refresh remaining patch. . golang-1.12 (1.12~beta1-4) unstable; urgency=medium . * Switch watch file to version 4 * Update d/copyright . golang-1.12 (1.12~beta1-3) unstable; urgency=medium . [ Anthony Fok ] * Add patch "unix: fix Fstatat by using fillStat_t on linux/mips64x" This fixes the "Fstatat: returned stat does not match Stat/Lstat" errors detected by TestFstatat. See https://go-review.googlesource.com/c/sys/+/155747 . [ Dr. Tobias Quathamer ] * Add another lintian override . golang-1.12 (1.12~beta1-2) unstable; urgency=medium . [ Anthony Fok ] * Add patch "cmd/compile: fix MIPS SGTconst-with-shift rules" by Cherry Zhang. This fixes the root problem behind the "slice bounds out of range" build error seen in 1.11.4 on mips and mipsel architectures. See https://go-review.googlesource.com/c/go/+/155798 * Bump Standards-Version to 4.3.0 (no change) . [ Dr. Tobias Quathamer ] * Do not compress favicon.ico. Thanks to Dato Simó <[email protected]> (Closes: #917132) . golang-1.12 (1.12~beta1-1) unstable; urgency=medium . * New upstream major version. - Refresh patches - Add new patch to disable test for UserHomeDir * Switch team address to tracker.d.o * Add another lintian override for a false positive . golang-1.11 (1.11.4-1) unstable; urgency=medium . * New upstream version 1.11.4 * Make lintian override agnostic of golang version . golang-1.11 (1.11.3-1) unstable; urgency=medium . * New upstream version 1.11.3 - Refresh patches * Update gbp.conf to new style syntax * Suggest brz as alternative to bzr; it provides the same command-line API. * Add myself to Uploaders . golang-1.11 (1.11.2-2) unstable; urgency=medium . * d/patches/arm64-arm64asm-recognise-new-ssbb-pssbb-mnemonics-fr.patch: backport workaround for objdump's support of newer mnemonics on arm64. . golang-1.11 (1.11.2-1) unstable; urgency=medium . * Team upload. . [ Michael Hudson-Doyle ] * New upstream major version. * Update debhelper compat level to 11. * Remove GOCACHE files after running tests. * Stop dh_strip_nondeterminism from looking at testdata directories. . [ Dr. Tobias Quathamer ] * Build-Depend on debhelper v11 * Override two false positive Lintian errors (missing depends on sensible-utils) * Add Lintian overrides for testdata * Include /usr/share/dpkg/architecture.mk for DEB_HOST_ARCH * Refresh patch for new upstream version * Fix Lintian warnings about wrong interpreter path * Make two scripts executable which have been missed by upstream * Remove three unneeded lintian overrides * Use HTTPS URL for d/watch * Update to Standards-Version 4.2.1 - Use HTTPS for d/copyright * Update d/copyright . golang-1.10 (1.10.3-1) unstable; urgency=medium . * New upstream version 1.10.3 * Restore changelog entry for 1.10.1-3, and fix that for 1.10.2-1, oops. . golang-1.10 (1.10.2-1) unstable; urgency=medium . * New upstream version 1.10.2. - d/patches/0003-Backport_nopie_fix.patch: removed, now included upstream. - d/patches/0004-Backport_mips_octeon3_fp_fix.patch: removed, also included upstream. . golang-1.10 (1.10.1-3) unstable; urgency=high . * Team upload. . [ Michael Hudson-Doyle ] * Install the 'misc' and 'api' directories as part of the golang-1.10-src package as some tools (vgo, go tool trace) expect them to be there. (Closes: 894992¸ LP: #1743598) . [ Martín Ferrari ] * Backport fix for FP bug in mips/Octeon III. Closes: #892088. Raising severity. . golang-1.10 (1.10.1-2) unstable; urgency=medium . * Team upload. * Backport patch that fixes FTBFS in arm64. * debian/copyright: Update attribution. * debian/source: Update lintian-overrides. . golang-1.10 (1.10.1-1) unstable; urgency=medium . * New upstream version 1.10.1. * d/patches/0002-reproducible-BUILD_PATH_PREFIX_MAP.patch: update patch tags to reference upstream discussion of this topic. * d/control, d/control.in: Update Vcs-* to point to salsa. . golang-1.10 (1.10-1) unstable; urgency=medium . * New upstream version 1.10 . golang-1.10 (1.10~rc2-1) unstable; urgency=medium . * New upstream version, fixing CVE-2018-6574. * d/patches/0001-os-signal-skip-TestTerminalSignal-if-posix_openpt-fa.patch, d/patches/0003-cmd-vendor-github.com-google-pprof-cherry-pick-fix-t.patch, d/patches/0004-cmd-link-internal-loadelf-fix-logic-for-computing-EL.patch: removed, now included upstream. . golang-1.10 (1.10~rc1-2) unstable; urgency=medium . * d/patches/0004-cmd-link-internal-loadelf-fix-logic-for-computing-EL.patch: Backport from upstream to fix build issues on armhf (causes ftbfs on Ubuntu but not Debian for some reason, but could produce broken binaries on Debian too). . golang-1.10 (1.10~rc1-1) unstable; urgency=medium . * New upstream version 1.10~rc1. * d/patches/0004-cmd-dist-use-buildmode-pie-for-pie-testing.patch, d/patches/0006-misc-cgo-testcarchive-use-no-pie-where-needed.patch, d/patches/0003-Do-not-use-SP-as-index-reg.patch: removed, included upstream. * d/patches/0002-reproducible-BUILD_PATH_PREFIX_MAP.patch: refreshed. * d/patches/0001-os-signal-skip-TestTerminalSignal-if-posix_openpt-fa.patch: Add to fix test failure in chroot. * d/patches/0003-cmd-vendor-github.com-google-pprof-cherry-pick-fix-t.patch: Add to fix test failure when $HOME is not writable. * d/rules: Set GOCACHE to "off" during build to avoid shipping cache files. . golang-1.9 (1.9.2-4) unstable; urgency=medium . * Enable building on mips, mipsel and mips64. (Closes: 879764) . golang-1.9 (1.9.2-3) unstable; urgency=medium . * Remove workaround for now fixed debhelper bug #879762 * Backport three patches from upstream to fix ftbfs on ppc64el with new kernel. . golang-1.9 (1.9.2-2) unstable; urgency=medium . [ Martín Ferrari ] * Add debian/patches/0003-Do-not-use-SP-as-index-reg.patch (Closes: #877541) . golang-1.9 (1.9.2-1) unstable; urgency=medium . * New upstream version 1.9.2 * Work around debhelper bug #879762 . golang-1.9 (1.9.1-2) unstable; urgency=medium . * Update debian/copyright (Closes: #873740) . golang-1.9 (1.9.1-1) unstable; urgency=medium . * New upstream release. * Use my @debian.org address in Uploaders. . golang-1.9 (1.9-1) unstable; urgency=medium . [ Michael Hudson-Doyle ] * New upstream release. * Suppress some new lintian errors in golang-1.9-src. . [ Michael Stapelberg ] * Add debian/patches/0002-reproducible-BUILD_PATH_PREFIX_MAP.patch . golang-1.8 (1.8.3-1) unstable; urgency=medium . * New upstream release. (Closes: 863292, 863307) . golang-1.8 (1.8.1-1) unstable; urgency=medium . * New upstream release. . golang-1.8 (1.8-1) unstable; urgency=medium . * New upstream release. . golang-1.8 (1.8~rc3-1) unstable; urgency=medium . * New upstream release. . golang-1.8 (1.8~rc2-1) unstable; urgency=medium . * New upstream release. . golang-1.8 (1.8~rc1-1) unstable; urgency=medium . * New upstream release. . golang-1.8 (1.8~beta2-1) unstable; urgency=medium . * New upstream release. . golang-1.8 (1.8~beta1-1) unstable; urgency=medium . * New upstream release. * Remove d/patches/cl-29995--tzdata-2016g.patch, included upstream. . golang-1.7 (1.7.4-1) unstable; urgency=medium . * Update to 1.7.4 upstream release (Closes: #846545) - https://groups.google.com/d/topic/golang-announce/2lP5z9i9ySY/discussion - https://golang.org/issue/17965 (potential DoS vector in net/http) - https://github.com/golang/go/compare/go1.7.3...go1.7.4 . golang-1.7 (1.7.3-1) unstable; urgency=medium . * New upstream release. * Delete d/patches/cl-28850.patch, applied upstream. . golang-1.7 (1.7.1-3) unstable; urgency=medium . * Backport CL 29995 for tzdata 2016g changes (Closes: #839317) . golang-1.7 (1.7.1-2) unstable; urgency=medium . * Add upstream patch for s390x FTBFS . golang-1.7 (1.7.1-1) unstable; urgency=medium . * New upstream release. * Re-enable tests on s390x now that gcc-6 has been fixed in unstable. . golang-1.7 (1.7-3) unstable; urgency=medium . * Add "s390x" to Architectures . golang-1.7 (1.7-2) unstable; urgency=medium . * Disable tests on armel. . golang-1.7 (1.7-1) unstable; urgency=medium . * New upstream release. . golang-1.7 (1.7~rc4-1) unstable; urgency=medium . * New upstream release. . golang-1.7 (1.7~rc3-1) unstable; urgency=medium . [ Tianon Gravi ] * Remove outdated README files (README.source and README.Debian) . [ Michael Hudson-Doyle ] * New upstream release. * Suppress inaccurate source-is-missing lintian warnings. * Update Standards-Version to 3.9.8 (no changes required). . golang-1.7 (1.7~rc2-1) unstable; urgency=medium . * Update to 1.7rc2 upstream release. . golang-1.7 (1.7~rc1-1) unstable; urgency=medium . [ Paul Tagliamonte ] * Use a secure transport for the Vcs-Git and Vcs-Browser URL . [ Tianon Gravi ] * Update to 1.7rc1 upstream release (new packages, not used by default; see also src:golang-defaults) * Update Vcs-Git to reference a particular branch . golang-1.6 (1.6.2-2) unstable; urgency=medium . * Update "golang-any" in "Build-Depends" to fallback to "golang-go | gccgo" (will help with backporting) . golang-1.6 (1.6.2-1) unstable; urgency=medium . * Update to 1.6.2 upstream release (Closes: #825696) * Build-Depend on golang-any instead of golang-go (Closes: #824421) . golang-1.6 (1.6.1-1) unstable; urgency=medium . * Build golang version-specific packages (Closes: #818415) * Things that (conceptually at least) move to new golang version independent golang-defaults source package: - Man pages. - Suggesting golang-golang-x-tools. - Breaks/Replace-ing of old golang-go-$GOOS-$GOARCH packages. * Stop using alternatives to manage /usr/bin/go. * sed trickery in debian/rules to support easy changes to new golang versions. . golang (2:1.6.1-2) unstable; urgency=medium . * Don't strip testdata files, causes build failures on some platforms. . golang (2:1.6.1-1) unstable; urgency=medium . [ Michael Hudson-Doyle ] * Breaks/Replaces: older golang-golang-x-tools, not Conflicts, to ensure smooth upgrades. * Strip the binaries as it has worked for the last five years or so and upstream sees no reason to disable it. . [ Tianon Gravi ] * Update to 1.6.1 upstream release (Closes: #820369) - Fix CVE-2016-3959: infinite loop in several big integer routines . golang (2:1.6-1) unstable; urgency=medium . * Update to 1.6 upstream release (thanks Hilko!) - change "ar" arguments to quiet spurious warnings while using gccgo (Closes: #807138) - skip multicast listen test (Closes: #814849) - skip userns tests when chrooted (Closes: #807303) - use correct ELF header for armhf binaries (Closes: #734357) - Update debian/rules clean for new location of generated file. . [ Michael Hudson-Doyle ] * Respect "nocheck" in DEB_BUILD_OPTIONS while building to skip tests (Closes: #807290) * Trim Build-Depends (Closes: #807299) * Fix several minor debian/copyright issues (Closes: #807304) * Remove inconsistently included race-built packages (Closes: #807294) . [ Tianon Gravi ] * Add "-k" to "run.bash" invocation so that we do a full test run every time . golang (2:1.5.3-1) unstable; urgency=high . * Update to 1.5.3 upstream release - Fix CVE-2015-8618: Carry propagation in Int.Exp Montgomery code in math/big library (Closes: #809168) * Add "Breaks" to properly complement our "Replaces" (Closes: #810595) . golang (2:1.5.2-1) unstable; urgency=medium . * Update to 1.5.2 upstream release (Closes: #807136) . golang (2:1.5.1-4) unstable; urgency=medium . * Add Conflicts to force newer golang-go.tools too (Closes: #803559) . golang (2:1.5.1-3) unstable; urgency=medium . * Remove architecture qualification on golang-go Build-Depend now that golang-go is available for more architectures. . golang (2:1.5.1-2) unstable; urgency=medium . * Add Conflicts to force newer golang-golang-x-tools (Closes: #802945). . golang (2:1.5.1-1) unstable; urgency=medium . * Upload to unstable. * Update to 1.5.1 upstream release (see notes from experimental uploads for what's changed). * Skip tests on architectures where the tests fail. . golang (2:1.4.3-3) unstable; urgency=medium . * Fix FTBFS for non-amd64 architectures due to handling of "-race". . golang (2:1.5.1-1~exp2) experimental; urgency=medium . * Upload to experimental. * Add arch-qualifiers to "golang-go" build-depends to unblock the buildds (Closes: #800479); thanks Tim! . golang (2:1.4.3-2) unstable; urgency=medium . * Update Recommends/Suggests, especially to add gcc, etc. * Refactor "debian/rules" to utilize debhelper more effectively, especially for arch vs indep building (mostly backported from the 1.5+ changes), which fixes the "arch:all" FTBFS. . golang (2:1.5.1-1~exp1) experimental; urgency=low . * Upload to experimental. * Update to 1.5.1 upstream release (Closes: #796150). - Compiler and runtime written entirely in Go. - Concurrent garbage collector. - GOMAXPROCS=runtime.NumCPU() by default. - "internal" packages for all, not just core. - Experimental "vendoring" support. - Cross-compilation no longer requires a complete rebuild of the stdlib in GOROOT, and thus the golang-go-GOHOST-GOARCH packages are removed. * Sync debian/copyright with the Ubuntu delta. (thanks doko!) * Remove patches that no longer apply. * Add more supported arches to "debian/rules" code for detecting appropriate GOARCH/GOHOSTARCH values; thanks mwhudson and tpot! (Closes: #799907) * Refactor "debian/rules" to utilize debhelper more effectively, especially for arch vs indep building. * Move "dpkg-architecture" to "GOOS"/"GOARCH" code into a simple shell script for easier maintenance. . golang (2:1.4.3-1) unstable; urgency=medium . * New upstream version (https://golang.org/doc/devel/release.html#go1.4.minor) - includes previous CVE and non-CVE security fixes, especially TEMP-0000000-1C4729 . golang (2:1.4.2-4) unstable; urgency=high . * Apply backported CVE fixes (Closes: #795106). - CVE-2015-5739: Invalid headers are parsed as valid headers - CVE-2015-5740: RFC 7230 3.3.3 4 violation - CVE-2015-5741: other discoveries of security-relevant RFC 7230 violations . golang (2:1.4.2-3) unstable; urgency=medium . * Add missing "prerm" for our new alternatives (thanks piuparts). . golang (2:1.4.2-2) unstable; urgency=medium . * Move "go" and "gofmt" into "/usr/lib/go" and use alternatives to provide appropriate symlinks (Closes: #779503, #782301). * Relax "golang-go.tools" relationship to Suggests (from Recommends). * Add "go get" VCS options to Suggests for golang-go (bzr, git, mercurial, subversion). . golang (2:1.4.2-1) unstable; urgency=medium . * New upstream version (https://golang.org/doc/devel/release.html#go1.4.minor) . golang (2:1.4.1-1~exp1) experimental; urgency=low . * New upstream version (https://golang.org/doc/go1.4) - all editor support files have been removed from misc/ upstream upstream, so golang-mode, kate-syntax-go, and vim-syntax-go can no longer be provided; see https://github.com/golang/go/wiki/IDEsAndTextEditorPlugins for an upstream-maintained list of potential replacements . golang (2:1.3.3-1) unstable; urgency=medium . * New upstream version (https://code.google.com/p/go/source/list?name=go1.3.3) - time: removed from tests now obsolete assumption about Australian tz abbreviations - net: temporarily skip TestAcceptIgnoreSomeErrors - runtime: hide cgocallback_gofunc calling cgocallbackg from linker - runtime: fix GOTRACEBACK reading on Windows, Plan 9 - nacltest.bash: unset GOROOT - cmd/5l, cmd/6l, cmd/8l: fix nacl binary corruption bug * Add Paul and myself as uploaders. Many, many thanks to Michael for his work so far on this package (and hopefully more to come). . golang (2:1.3.2-1) unstable; urgency=medium . * New upstream version . golang (2:1.3.1-1) unstable; urgency=medium . * New upstream version . golang (2:1.3-4) unstable; urgency=medium . [ Tianon Gravi ] * update debian/watch for upstream's latest move (Closes: #756415) * backport archive/tar patch to fix PAX headers (Closes: #756416) . golang (2:1.3-3) unstable; urgency=medium . * don’t depend on emacs23, depend on emacs instead (Closes: #754013) * install include/ in golang-src, VERSION in golang-go (Closes: #693186) . golang (2:1.3-2) unstable; urgency=medium . * Add /usr/lib/go/test symlink * Build with GO386=387 to favor the 387 floating point unit over sse2 instructions (Closes: #753160) * Add debian/patches/0001-backport-delete-whole-line.patch to fix a deprecation warning about flet in the emacs part of golang-mode (Closes: #753607) * Migrate to emacsen >2 (Closes: #753607) * Backport two patches to improve archive/tar performance (for docker): debian/patches/0002-archive-tar-reuse-temporary-buffer-in-writeHeader.patch debian/patches/0003-archive-tar-reuse-temporary-buffer-in-readHeader.patch . golang (2:1.3-1) unstable; urgency=medium . * New upstream version. * Drop patches merged upstream: - debian/patches/add-tar-xattr-support.patch - debian/patches/add-tar-xattr-support.patch * Fix debian/watch (Thanks Tianon) (Closes: #748290) * Remove dangling symlink /usr/lib/go/lib/godoc (Closes: #747968) . golang (2:1.2.1-2) unstable; urgency=low . * Re-apply debian/patches/add-tar-xattr-support.patch which got lost when uploading 1.2.1-1; sorry about that. . golang (2:1.2.1-1) unstable; urgency=low . * New upstream release. . golang (2:1.2-3) unstable; urgency=low . * add debian/patches/add-tar-xattr-support.patch to have xattr support in tar (cherry-picked from upstream) (Thanks proppy) (Closes: #739586) . golang (2:1.2-2) unstable; urgency=low . * add patches/add-src-pkg-debug-elf-testdata-hello.patch to provide source for the testdata/ ELF binaries (Closes: #716853) . golang (2:1.2-1) unstable; urgency=low . * New upstream release. * drop patches/archive-tar-fix-links-and-pax.patch, it is merged upstream * godoc(1) is now in the Debian package golang-go.tools, it was moved into a separate repository by upstream. * move patches/godoc-symlinks.diff to golang-go.tools . golang (2:1.1.2-3) unstable; urgency=low . * cherry-pick upstream commit: archive-tar-fix-links-and-pax.patch (Closes: #730566) . golang (2:1.1.2-2) unstable; urgency=low . * Build golang-go-linux-* for each architecture (Thanks James Page) (Closes: #719611) * Update lintian-overrides to override statically-linked-binary and unstripped-binary-or-object for all of golang-go . golang (2:1.1.2-1) unstable; urgency=low . * New upstream release. * Relicense debian/ under the Go license to match upstream. All copyright holders agreed to this. (Closes: #716907) * golang-mode: don’t install for a number of emacs versions which are not supported upstream (Thanks Kevin Ryde) (Closes: #702511, #717521) . golang (2:1.1.1-4) unstable; urgency=low . * Disable stripping, it breaks go binaries on some architectures. This drops the golang-dbg package which would be empty now. (Thanks Robie Basak) (Closes: #717172) . golang (2:1.1.1-3) unstable; urgency=low . * Ship */runtime/cgo.a in golang-go to ensure it is present. It can only be used on the native architecture anyway (cannot be used when cross-compiling), so having it in golang-go-$GOOS-$GOARCH is not necessary. Even worse, since these packages are arch: all, they will be built precisely once, and only the runtime/cgo.a for the buildd’s native arch will be present. (Closes: #715025) . golang (2:1.1.1-2) unstable; urgency=low . [ James Page ] * Ensure smooth upgrade path from << 2:1.1-2 (Closes: #714838) . golang (2:1.1.1-1) unstable; urgency=low . * Imported Upstream version 1.1.1 . golang (2:1.1-2) unstable; urgency=low . [ Ondřej Surý ] * Promote Michael to Maintainer . [ Michael Stapelberg ] * Build golang-go-$GOOS-$GOARCH packages for cross-compiling (Closes: #710090) * Build race detector on linux/amd64 (only supported arch) (Closes: #710691) * Switch compression to xz (50% smaller binaries) . golang (2:1.1-1) unstable; urgency=low . * New upstream release: Go 1.1! * Remove the long obsolete goinstall debconf question and config file. goinstall does not exist anymore since a long time. This also obsoletes the need for any translations (Closes: #685923, #692478) * Emacs go-mode auto-mode-alist entry was fixed upstream (Closes: #670371) . golang (2:1.1~hg20130405-1) experimental; urgency=low . * Provide a new hg tip snapshot. This includes what was recently released as Go 1.1 beta. . golang (2:1.1~hg20130323-1) experimental; urgency=low . * Provide a new hg tip snapshot. * Add debian/watch (Closes: #699698) . golang (2:1.1~hg20130304-2) experimental; urgency=low . * Fix FTBFS of binary-arch only builds (as performed by buildds) caused by 'rm' not finding jquery.js in golang-doc (Thanks Peter Green) . golang (2:1.1~hg20130304-1) experimental; urgency=low . * Provide a hg tip snapshot (2013-03-04) in Debian experimental. Current hg tip is a good approximation to Go 1.1 and should get some testing within Debian in order to package Go 1.1 well when it is released. Thanks to Andrew Gerrand. . golang (2:1.0.2-2) unstable; urgency=low . * Add myself to uploaders, as discussed in #683421. * cherry-pick r820ffde8c396 (net/http: non-keepalive connections close successfully) (Closes: #683421) . golang (2:1.0.2-1.1) unstable; urgency=low . * Non-maintainer upload. (as discussed with Ondřej in #679692) * Fix godoc-symlinks.diff (godoc didn’t find docs) (Closes: #679692) . golang (2:1.0.2-1) unstable; urgency=low . [ Ondřej Surý ] * Imported Upstream version 1.0.2 * Update Vcs fields to reflect new git repository location * Kill get-orig-source, since 1.0.0, the tarballs can be downloaded from webpage . [ Michael Stapelberg ] * golang-mode: use debian-pkg-add-load-path-item (Closes: #664802) * add manpages (Closes: #632964) * Use updated pt.po from Pedro Ribeiro (Closes: #674958) . golang (2:1.0.1-1) unstable; urgency=low . * Imported Upstream version 1.0.1 * Apply godoc patch to display package list correctly (Closes: #669354) . golang (2:1-6) unstable; urgency=low . * Merge upstream patch to fix homedir issue (http://code.google.com/p/go/source/detail?r=709120aecee0) * Disable GNU/KFreeBSD build (Closes: #668794) . golang (2:1-5) unstable; urgency=low . * Rewrite test conditions to make them more readable (and fix the debian/rules to really not check on armel+kfreebsd) * Patch upstream test to not fail on missing home directory . golang (2:1-4) unstable; urgency=low . * Disable tests on Debian GNU/KFreeBSD, they just hang now (Closes: #668794) * Disable tests on armel, but the invalid instruction needs fixing in upstream * Create fake home directory to pass the os/user test . golang (2:1-3) unstable; urgency=high . * Use VERSION provided by upstream for packaging purposes * Run tests as a part of a build process * Install full src tree (except pkg/debug) because go command depend on sources available * Install sources without testdata and *_test.go * Remove circular dependency golang-go->golang-doc->golang-go * Make sure that timestamp on installed binaries and libraries is same because go build/install recompiles everything if the go binary has more recent timestamp than libraries (Closes: #668235) + Need to update timestamps at postinst time because already created directories can have time in the past * Fix couple of lintian errors and warnings . golang (2:1-2) unstable; urgency=low . * Remove preserving of old -tools settings, there are too many options now anyway (Closes: #666007) . golang (2:1-1) unstable; urgency=low . * New major upstream release Go 1 (Closes: #666942) * Bumb epoch to 2, since 1 < 60 < 2011 (I wonder if next version will be 0 :) * Debconf templates and debian/control reviewed by the debian-l10n- english team as part of the Smith review project. (Closes: #663181) * [Debconf translation updates] + Pick existing translations from golang-weekly and do appropriate sed magic to fit golang templates. (Closes: #666884, #666880, #666881) + Dutch; (Jeroen Schot). (Closes: #664598) + Czech (Michal Simunek). (Closes: #665385) + Spanish; (Camaleón). (Closes: #666177) + Danish (Joe Hansen). (Closes: #666526) . golang (1:60.3-2) unstable; urgency=low . * debconf-gettextize package templates . golang (1:60.3-1) unstable; urgency=low . * Imported Upstream version 60.3 . golang (1:60.2-1) unstable; urgency=low . * Imported Upstream version 60.2 . golang (1:60.1-1) unstable; urgency=low . * Imported Upstream version 60.1 . golang (1:60-1) unstable; urgency=low . * Imported Upstream version 60 * Save upstream VERSION to the archive * Use GOVERSION as generated by src/version.bash on hg archive time * Add support for goinstall dashboard debconf question in the Debian packaging * Read goinstall dashboard option from debian configuration file * Remove 005-goinstall_dont_call_home_by_default.patch; replaced by configuration option * Fix directory name for upstream archive checkout . golang (1:59-1) unstable; urgency=low . * Imported Upstream version 59 * Refresh patches to a new release * Fix FTBFS on ARM (Closes: #634270) * Update version.bash to work with Debian packaging and not hg repository . golang (1:58.1-2) unstable; urgency=low . * Install golang-doc package by default (Recommends from golang-tools, Depends from golang) . golang (1:58.1-1) unstable; urgency=low . * Imported Upstream version 58.1 . golang (1:58-1) unstable; urgency=low . * Imported Upstream version 58 + Add NEWS file with upstream API changes * Remove patch to not update standard package, fixed in upstream . golang (1:57.2-1) unstable; urgency=low . * Imported Upstream version 57.2 * More spelling fixes (Closes: #630660) . golang (1:57.1-4) unstable; urgency=low . * Description update to have proper articles and capitalization (Closes: #630189) * Add extended description about Go being experimental and that the languager can change between releases . golang (1:57.1-3) unstable; urgency=low . * Fix "the Google's Go implementation" in extended description (Closes: #627814) * Update Vcs-* links * Install vim ftplugin files into correct directory (Closes: #629844) . golang (1:57.1-2) unstable; urgency=low . * Bump standards version to 3.9.2 * Capitalize Kate (Closes: #627036) * Import slightly modified patch to be more clear about $GOPATH installs for non-root users * Remove don't install deps patch from goinstall; deprecated by $GOPATH installs . golang (1:57.1-1) unstable; urgency=low . * Add support for dot-minor releases * Imported Upstream version 57.1 . golang (1:57-3) unstable; urgency=low . [ Florian Weimer ] * golang-tools: install gofix binary . [ Ondřej Surý ] * Add lintian-overrides for gofix binary . golang (1:57-2) unstable; urgency=low . * Remove weekly code from debian/rules * Add golang meta-package * Don't create tool chain symlinks twice * Make debian/rules more generic for simpler sync between weekly and release branches . golang (1:57-1) unstable; urgency=low . * Imported Upstream version r57 * Bumped epoch version to 1, to convert from date based versions to release number based version * Allow release to migrate to testing (Closes: #624408) * Add kate and vim syntax highlighting (Closes: #624544) * Add -dbg package with debugging symbols . golang (2011.04.27-2) unstable; urgency=low . * Fix yet another build failure on kfreebsd (use linux userspace) . golang (2011.04.27-1) unstable; urgency=low . * Imported Upstream version 2011.04.27 * Update debian/rules to allow pulling weekly upstream releases * Don't remove RUNPATH from binaries; fixed upstream (golang#1527) * Set GOHOSTOS and GOHOSTARCH to match dpkg-architecture variables * Add support for kfreebsd-i386, kfreebsd-amd64, armel and armhf architectures + 006-fix_kfreebsd_build.patch: - Add GNU/KFreeBSD support by replacing all uname calls by $(GOOS) + 007-use_native_dynamic_linker_on_kfreebsd.patch: - Use native kfreebsd dynamic linker (/lib/ld-*.so.1) * Add information about available architectures (Closes: #623877) * Don't strip gotest * Add Depends: golang-go to golang-tools * Add better support for armhf . golang (2011.04.13-1) unstable; urgency=low . [ Florian Weimer ] * Delete bin directory in clean target * Enable parallel build * golang-src: install source files directly * Use proper symlink targets for architecture-independent toolchain names * Emacs mode: indent keys in struct literals properly . [ Ondřej Surý ] * Imported Upstream weekly version 2011.04.13 * Update patches to new weekly release * Add lintian-override for gotest binary . golang (2011.03.07.1-1) unstable; urgency=low . * Imported Upstream version 2011.03.07.1 * Install to /usr/lib/go * Remove xkcd strip to get rid of CC-NC-BY * Update golang-src.install to new upstream * Remove 002-use_GOROOT_FINAL_in_generated_binaries.patch; merged upstream * Make all .go files no-executable * Update lintian-overrides to include both types of syntax . golang (2011.02.15-2) unstable; urgency=low . [ Ondřej Surý ] * Add ${misc:Depends} to golang-mode to shutup lintian * Rehaul build system and add golang-src package with .go source files * goinstall: do not automatically install prerequisities * goinstall: don't report to dashboard by default * Add a README.Debian about local modifications to goinstall * Add warning about local modifications also directly to goinstall command . [ Florian Weimer ] * Fix syntax error in 004- dont_reinstall_dependencies_in_goinstall.patch . golang (2011.02.15-1) unstable; urgency=low . [ Obey Arthur Liu ] * Added pkg-google git repo to control file . [ Florian Weimer ] * Build golang-mode package . [ Ondřej Surý ] * Imported Upstream version 2011.02.15 * Don't compress godoc documentation * Correctly use $GOROOT_FINAL in the build chain * Remove RPATH/RUNPATH from go binaries . golang (2011.02.01.1-1) unstable; urgency=low . [ Ivan Wong ] * Initial release (Closes: #574371) . [ Jonathan Nieder ] * Fill out copyright file * Rewrite debian/rules using dh driver * debian: fix get-orig-source rule * debian: do not install extra files on repeated build * debian: fix reversed ‘if’ * debian: do not leave around stale debian/env.sh+ file * debian: Build-Depends on awk instead of gawk * debian: add run-time dependency on perl * debian: add build-time dependency on perl * debian: fix setting of GOARM on arm * debian: do not compress files in web page * debian: install favicon . [ Ondřej Surý ] * Make myself a maintainer * Add patch to allow IPv4 on IPv6 sockets (Courtesy of Florian Weimer) * Use GOROOT_FINAL and change GOBIN to /usr/bin * Get rid of env.sh and wrappers * Add support for building in i386 pbuilder on amd64 architecture * Rename source package to golang to match upstream repository name * Add golang-doc package * Split package into compiler, docs and tools * Don't install quietgcc and hgpatch * Don't generate fake gomake * Update golang-doc package * Export GOHOSTARCH and GOHOSTOS * Disable build time checks * Fail on missed installed files * Revert s{tmp{golang-go{ change in DESTDIR * Relicence debian/ files from versionless GPL to GPL-3 * Move golang-doc to doc section * Add more lintian overrides for Go binaries * Install all 6,8,5 variants of commands * Install golang-* symlinks for 6,8,5* commands * Don't strip govet as well * Remove ${shlibs:Depends} where it doesn't belong * Move more html files to golang-doc package * Remove codereview directory - some python code to deal with mercurial

gopherbot added this to the Proposal milestone Aug 4, 2022

gopherbot added the Proposal label Aug 4, 2022

thanm mentioned this issue Aug 9, 2022

Go compiler and runtime meeting notes #43930

Open

ianlancetaylor added this to Proposals Aug 10, 2022

ianlancetaylor moved this to Incoming in Proposals Aug 10, 2022

dmitshur mentioned this issue Aug 15, 2022

x/build: update Go bootstrap on Corellium builders #54246

Closed

rsc moved this from Incoming to Active in Proposals Sep 7, 2022

julieqiu added this to Go Security Sep 8, 2022

julieqiu removed this from Go Security Sep 8, 2022

rsc moved this from Active to Likely Accept in Proposals Sep 28, 2022

rsc added the Proposal-FinalCommentPeriod label Sep 28, 2022

changkun mentioned this issue Jul 23, 2023

golang: bump to 1.20.6 termux/termux-packages#17495

Closed

1 task

rsc removed the Proposal-FinalCommentPeriod label Jul 26, 2023

heschi modified the milestones: Go1.24, Go1.22 Aug 24, 2023

heschi closed this as completed Aug 24, 2023

jefferyto mentioned this issue Sep 24, 2023

go: find bootstrap automatically if go bin exists openwrt/packages#20889

Open

dmitshur mentioned this issue Dec 15, 2023

build: adopt Go 1.22 as bootstrap toolchain for Go 1.24 #64751

Closed

stefanb mentioned this issue Dec 19, 2023

go 1.22.0 Homebrew/homebrew-core#157782

Merged

tianon mentioned this issue Dec 19, 2023

Add 1.22rc1 docker-library/golang#500

Merged

linsui mentioned this issue Dec 28, 2023

Bootstrap go from source NixOS/nixpkgs#277244

Open

tianon mentioned this issue Jan 9, 2024

:tip tag docker-library/golang#464

Closed

algitbot pushed a commit to alpinelinux/aports that referenced this issue Feb 17, 2024

main/gcc: remove go-bootstrap provider from gcc-go

c184b82

So long and thanks for all the fish. See golang/go#54265

bell-sw pushed a commit to bell-sw/alpaquita-aports that referenced this issue Feb 20, 2024

core/gcc: remove go-bootstrap provider from gcc-go

b2bd5ad

[ commit c184b82e4b323135f3e26dd2c263469a21bfa9ed ] So long and thanks for all the fish. See golang/go#54265

rsc removed this from Proposals Aug 29, 2024

findleyr mentioned this issue Sep 3, 2024

x/playground: eliminate bootstrap version maintenance #69238

Closed

dmitshur mentioned this issue Sep 6, 2024

build: adopt Go 1.24 as bootstrap toolchain for Go 1.26 #69315

Open

build: adopt Go 1.20 as bootstrap toolchain for Go 1.22 #54265

build: adopt Go 1.20 as bootstrap toolchain for Go 1.22 #54265

Comments

rsc commented Aug 4, 2022 • edited by dmitshur Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

ianlancetaylor commented Aug 4, 2022

Uh oh!

mdempsky commented Aug 4, 2022 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

rsc commented Aug 4, 2022

Uh oh!

randall77 commented Aug 4, 2022

Uh oh!

ianlancetaylor commented Aug 4, 2022 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

rsc commented Aug 5, 2022

Uh oh!

aclements commented Aug 30, 2022

Uh oh!

gopherbot commented Sep 2, 2022

Uh oh!

rsc commented Sep 7, 2022

Uh oh!

rsc commented Sep 7, 2022

Uh oh!

mewmew commented Sep 8, 2022 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

rsc commented Sep 8, 2022

Uh oh!

gopherbot commented Sep 13, 2022

Uh oh!

gopherbot commented Sep 14, 2022

Uh oh!

rsc commented Sep 28, 2022

Uh oh!

06kellyjac commented Oct 3, 2022

Uh oh!

gopherbot commented Jul 23, 2023

Uh oh!

gopherbot commented Jul 24, 2023

Uh oh!

mvdan commented Aug 24, 2023

Uh oh!

heschi commented Aug 24, 2023

Uh oh!

gopherbot commented Feb 11, 2024

Uh oh!

gopherbot commented Aug 30, 2024

Uh oh!

gopherbot commented Sep 4, 2024

Uh oh!

Uh oh!

rsc commented Aug 4, 2022 •

edited by dmitshur

Loading

mdempsky commented Aug 4, 2022 •

edited

Loading

ianlancetaylor commented Aug 4, 2022 •

edited

Loading

mewmew commented Sep 8, 2022 •

edited

Loading