[pkg-go] [pkg-golang-devel] Security support for packages written in Go
Dmitry Smirnov
onlyjob at debian.org
Mon Jul 11 07:41:52 UTC 2016
On Monday, 11 July 2016 9:22:12 AM AEST Florian Weimer wrote:
> Hmm. I poked at a few packages, and here is what I found:
> golang-siphash-dev does not have any Built-Using header.
> golang-gopkg-tylerb-graceful.v1-dev does not list golang-x-text,
> although its dependency golang-golang-x-net-dev was built using it.
> (I'm looking at unstable.)
But you are looking at wrong packages. -dev packages are just sources that
strictly speaking are not "built" but more like "validated" on build time.
You do not need to re-build source/-dev packages so they do not have Built-
Using header intentionally. What you need to be looking at is arch:any binary
packages built from go sources involving multiple libraries.
Examples of Golang executables include docker.io, containerd, etcd, grafana,
runc, acbuild, docker2aci, influxdb, rkt, consul, fleet, nomad, skydns,
kubernetes-{node|master|client}, etc.
--
All the best,
Dmitry Smirnov.
---
To swallow and follow, whether old doctrine or new propaganda, is a
weakness still dominating the human mind.
-- Charlotte P. Gilman
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-go-maintainers/attachments/20160711/e603b8bb/attachment.sig>
More information about the Pkg-go-maintainers
mailing list