qmuntal
commented
1 year ago I've spent a good amount of time investigating if golang.org/x/crypto could suffer backwards-incompatible changes or not, till I found this issue.
Bumping it to v1 would help communicate that it holds higher compatibility standards than other golang.org/x modules.
x/ repo tagging is here!
@heschi mentioned in #48523 that the system supports v1 as well, and I think that's a better fit for x/crypto than v0. The API is absolutely full of things I wish were not there, but it's been around for too long, and I don't think it would be tenable to make any backwards-incompatible changes without bumping the import path (which going from v0 to v1 doesn't do).
In practice, we've been upholding the Go Compatibility Promise in x/crypto for years, so we're effectively already at v1, we just need to call it that.
/cc @golang/security