Sorry I posted here because https://github.com/tg123/sshpiper.crypto has issues disabled. This is just a suggestion, feel free to close. I understand that doing this essentially abandons efforts to get this merged upstream to golang.org/x/crypto.
Currently https://github.com/tg123/sshpiper.crypto forks golang.org/x/crypto. This means that we have to do a mod replace for all of golang.org/x/crypto and you potentially miss critical security updates.
As an alternative, sshpiper.crypto could instead be a go module with one package: ssh, which itself imports golang.org/x/crypto
Then users of sshpiper.crypto only import the ssh package; for everything else, they stick to golang.org/x/crypto.
I have done this to avoid the mod replace, I wrote myself a list to update sshpiper.crypto
Clone https://github.com/tg123/sshpiper.crypto into tmp
Copy tmp/ssh to ./ssh
Copy tmp/internal/poly1305 to ./ssh/internal
Copy tmp/ssh/internal/bcrypt_pbkdf to ./ssh/internal
Alias PublicKey and Signature to x/crypto/ssh to maintain type compatibility
Thanks for the great work with sshpiper :)
Sorry I posted here because https://github.com/tg123/sshpiper.crypto has issues disabled. This is just a suggestion, feel free to close. I understand that doing this essentially abandons efforts to get this merged upstream to
golang.org/x/crypto
.Currently https://github.com/tg123/sshpiper.crypto forks
golang.org/x/crypto
. This means that we have to do a mod replace for all ofgolang.org/x/crypto
and you potentially miss critical security updates.As an alternative,
sshpiper.crypto
could instead be a go module with one package:ssh
, which itself importsgolang.org/x/crypto
Then users of
sshpiper.crypto
only import thessh
package; for everything else, they stick togolang.org/x/crypto
.I have done this to avoid the mod replace, I wrote myself a list to update
sshpiper.crypto
https://github.com/tg123/sshpiper.crypto
intotmp
tmp/ssh
to./ssh
tmp/internal/poly1305
to./ssh/internal
tmp/ssh/internal/bcrypt_pbkdf
to./ssh/internal
PublicKey
andSignature
tox/crypto/ssh
to maintain type compatibility