You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
// https://go.dev/issue/52372: only include ldflags if -trimpath is not set,
// since it can include system paths through various linker flags (notably
// -extar, -extld, and -extldflags).
//
// TODO: since we control cmd/link, in theory we can parse ldflags to
// determine whether they may refer to system paths. If we do that, we can
// redact only those paths from the recorded -ldflags setting and still
// record the system-independent parts of the flags.
if!cfg.BuildTrimpath {
appendSetting("-ldflags", ldflags)
}
While I understand the reason this was done, I think -ldflags values can always safely be included in binary build information without negatively affecting binary reproducibility if CGO_ENABLED=0. In fact it would improve the ease at which others could reproduce pure-Go binaries as more build information would be embedded in binaries when -trimpath is set (which is very often for release binaries).
If CGO isn't used, -extar, -extld, and -extldflags shouldn't be set and so including the values of -ldflags should be safe without affecting binary reproducibility. If this small change is approved I can take care of this myself.
The text was updated successfully, but these errors were encountered:
What version of Go are you using (
go version
)?Does this issue reproduce with the latest release?
Yes
What operating system and processor architecture are you using (
go env
)?go env
OutputWhat did you do?
Built a binary with
CGO_ENABLED=0
,-trimpath
set and-ldflags="-s -w -X ..."
set.What did you expect to see?
Running
go version -m
on the output binary would include what I set-ldflags
to at build time.What did you see instead?
-ldflags
was not included in the binarie's build information.This is somewhat of a regression caused from the fix to #52372 here:
go/src/cmd/go/internal/load/pkg.go
Lines 2387 to 2398 in bc9dc8d
While I understand the reason this was done, I think
-ldflags
values can always safely be included in binary build information without negatively affecting binary reproducibility ifCGO_ENABLED=0
. In fact it would improve the ease at which others could reproduce pure-Go binaries as more build information would be embedded in binaries when-trimpath
is set (which is very often for release binaries).If CGO isn't used,
-extar
,-extld
, and-extldflags
shouldn't be set and so including the values of-ldflags
should be safe without affecting binary reproducibility. If this small change is approved I can take care of this myself.The text was updated successfully, but these errors were encountered: