dustinkirkland
commented
3 weeks ago In order to potentially upstream this, should we split the functionality into -trimpath and -trimflags (and we just won't use -trimflags)?
Closed xnox closed 1 week ago
dustinkirkland
commented
3 weeks ago In order to potentially upstream this, should we split the functionality into -trimpath and -trimflags (and we just won't use -trimflags)?
xnox
commented
3 weeks ago Proposing https://github.com/golang/go/pull/67072
trimpath reduces binary size a lot by stripping filepaths from binaries.
For privacy reasons it also strips ldflags from binaries; even if they don't contain any paths.
That hides useful information - ie.
We should patch our golang toolchain to not hide ldflags from binaries, when they are built using trimpath.
As this hides information from security scanners.
See also:
https://github.com/golang/go/issues/50603 https://github.com/golang/go/issues/63432