v0.10.0
This release drops support for Go 1.19, continues support for Go 1.20, and adds initial support for the upcoming Go 1.21.
@lu4p rewrote the code to detect whether reflect is used on each Go type, which is used to decide which Go types should not be obfuscated to prevent breakage. The old code analyzed syntax trees with type information, which is cheap but clumsy. The new code uses SSA, which adds a bit of CPU cost to builds, but allows for a more powerful analysis that is less likely to break on edge cases. While this change does slow down builds slightly, we will start using SSA for more features in the near term, such as control flow obfuscation. See #732.
@pagran improved the patching of Go's linker to also obfuscate funcInfo.entryoff, making it harder to relate a function's metadata with its body in the binary. See #641.
@mvdan rewrote garble's caching to be more robust, avoiding errors such as "cannot load garble export file". The new caching system is entirely separate from Go's GOCACHE, being placed in GARBLE_CACHE, which defaults to a directory such as ~/.cache/garble. See #708.
@DominicBreuker taught -literals to support obfuscating large string literals by using the "simple" obfuscator on them, as it runs in linear time. See #720.
@mvdan added support for garble run, the obfuscated version of go run, to quickly test that a main program still works when obfuscated. See #661.
A number of bugfixes are also included:
- Ensure that
sync/atomictypes are still aligned by the compiler - #686 - Print the chosen random seed when using
-seed=random- #696 - Avoid errors in
git applyif the system language isn't English - #698 - Avoid a panic when importing a missing package - #694
- Suggest a command when asking the user to rebuild garble - #739
