Skip to content

Commit

Permalink
cmd/go/internal/modget: Improve GOINSECURE docs.
Browse files Browse the repository at this point in the history
Recommend use of GOINSECURE over -insecure flang and clarify that GOINSECURE
environment variable does not also imply GONOSUMDB.
  • Loading branch information
witchard committed Apr 21, 2020
1 parent 4974ac6 commit 16f0896
Show file tree
Hide file tree
Showing 3 changed files with 16 additions and 12 deletions.
21 changes: 10 additions & 11 deletions src/cmd/go/alldocs.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions src/cmd/go/internal/help/helpdoc.go
Original file line number Diff line number Diff line change
Expand Up @@ -510,6 +510,8 @@ General-purpose environment variables:
Comma-separated list of glob patterns (in the syntax of Go's path.Match)
of module path prefixes that should always be fetched in an insecure
manner. Only applies to dependencies that are being fetched directly.
Unlike the -insecure flag on 'go get' this does not disable checksum
database validation; please use GOPRIVATE or GONOSUMDB to achieve that.
GOOS
The operating system for which to compile code.
Examples are linux, darwin, windows, netbsd.
Expand Down
5 changes: 4 additions & 1 deletion src/cmd/go/internal/modget/get.go
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,10 @@ require downgrading other dependencies, and 'go get' does
this automatically as well.
The -insecure flag permits fetching from repositories and resolving
custom domains using insecure schemes such as HTTP. Use with caution.
custom domains using insecure schemes such as HTTP. Use with caution. It is
recommended to use the GOINSECURE environment variable instead as it allows
for more fine-grained control when fetching dependencies in this manner. See
'go help environment' for details.
The second step is to download (if needed), build, and install
the named packages.
Expand Down

0 comments on commit 16f0896

Please sign in to comment.