cmd/go: remove -insecure flag on go get

Resolves #37519

Change-Id: Iba675a180b0e61b12835cdb6ecd4c6dc61e0605c
GitHub-Last-Rev: aa018af
GitHub-Pull-Request: #44724
Reviewed-on: https://go-review.googlesource.com/c/go/+/297709
Trust: Jay Conrod <jayconrod@google.com>
Trust: Bryan C. Mills <bcmills@google.com>
Run-TryBot: Jay Conrod <jayconrod@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Jay Conrod <jayconrod@google.com>

doc/go1.17.html

@@ -43,8 +43,16 @@ <h2 id="tools">Tools</h2>
 
 <h3 id="go-command">Go command</h3>
 
-<p>
-  TODO: complete this section, or delete if not needed
+<h4 id="go-get"><code>go</code> <code>get</code></h4>
+
+<p><!-- golang.org/issue/37519 -->
+  The <code>go</code> <code>get</code> <code>-insecure</code> flag is
+  deprecated and has been removed. To permit the use of insecure schemes
+  when fetching dependencies, please use the <code>GOINSECURE</code>
+  environment variable. The <code>-insecure</code> flag also bypassed module
+  sum validation, use <code>GOPRIVATE</code> or <code>GONOSUMDB</code> if
+  you need that functionality. See <code>go</code> <code>help</code>
+  <code>environment</code> for details.
 </p>
 
 <h2 id="runtime">Runtime</h2>

src/cmd/go/internal/cfg/cfg.go

@@ -51,8 +51,6 @@ var (
 	ModCacheRW bool   // -modcacherw flag
 	ModFile    string // -modfile flag
 
-	Insecure bool // -insecure flag
-
 	CmdName string // "build", "install", "list", "mod tidy", etc.
 
 	DebugActiongraph string // -debug-actiongraph flag (undocumented, unstable)

src/cmd/go/internal/get/get.go

@@ -26,7 +26,7 @@ import (
 )
 
 var CmdGet = &base.Command{
-	UsageLine: "go get [-d] [-f] [-t] [-u] [-v] [-fix] [-insecure] [build flags] [packages]",
+	UsageLine: "go get [-d] [-f] [-t] [-u] [-v] [-fix] [build flags] [packages]",
 	Short:     "download and install packages and dependencies",
 	Long: `
 Get downloads the packages named by the import paths, along with their
@@ -43,13 +43,6 @@ of the original.
 The -fix flag instructs get to run the fix tool on the downloaded packages
 before resolving dependencies or building the code.
 
-The -insecure flag permits fetching from repositories and resolving
-custom domains using insecure schemes such as HTTP. Use with caution.
-This flag is deprecated and will be removed in a future version of go.
-The GOINSECURE environment variable should be used instead, since it
-provides control over which packages may be retrieved using an insecure
-scheme. See 'go help environment' for details.
-
 The -t flag instructs get to also download the packages required to build
 the tests for the specified packages.
 
@@ -105,17 +98,17 @@ Usage: ` + CmdGet.UsageLine + `
 }
 
 var (
-	getD   = CmdGet.Flag.Bool("d", false, "")
-	getF   = CmdGet.Flag.Bool("f", false, "")
-	getT   = CmdGet.Flag.Bool("t", false, "")
-	getU   = CmdGet.Flag.Bool("u", false, "")
-	getFix = CmdGet.Flag.Bool("fix", false, "")
+	getD        = CmdGet.Flag.Bool("d", false, "")
+	getF        = CmdGet.Flag.Bool("f", false, "")
+	getT        = CmdGet.Flag.Bool("t", false, "")
+	getU        = CmdGet.Flag.Bool("u", false, "")
+	getFix      = CmdGet.Flag.Bool("fix", false, "")
+	getInsecure = CmdGet.Flag.Bool("insecure", false, "")
 )
 
 func init() {
 	work.AddBuildFlags(CmdGet, work.OmitModFlag|work.OmitModCommonFlags)
 	CmdGet.Run = runGet // break init loop
-	CmdGet.Flag.BoolVar(&cfg.Insecure, "insecure", cfg.Insecure, "")
 }
 
 func runGet(ctx context.Context, cmd *base.Command, args []string) {
@@ -129,8 +122,8 @@ func runGet(ctx context.Context, cmd *base.Command, args []string) {
 	if *getF && !*getU {
 		base.Fatalf("go get: cannot use -f flag without -u")
 	}
-	if cfg.Insecure {
-		fmt.Fprintf(os.Stderr, "go get: -insecure flag is deprecated; see 'go help get' for details\n")
+	if *getInsecure {
+		base.Fatalf("go get: -insecure flag is no longer supported; use GOINSECURE instead")
 	}
 
 	// Disable any prompting for passwords by Git.
@@ -435,7 +428,7 @@ func downloadPackage(p *load.Package) error {
 		return fmt.Errorf("%s: invalid import path: %v", p.ImportPath, err)
 	}
 	security := web.SecureOnly
-	if cfg.Insecure || module.MatchPrefixPatterns(cfg.GOINSECURE, importPrefix) {
+	if module.MatchPrefixPatterns(cfg.GOINSECURE, importPrefix) {
 		security = web.Insecure
 	}
 

src/cmd/go/internal/help/helpdoc.go

@@ -251,7 +251,7 @@ For example,
 will result in the following requests:
 
 	https://example.org/pkg/foo?go-get=1 (preferred)
-	http://example.org/pkg/foo?go-get=1  (fallback, only with -insecure)
+	http://example.org/pkg/foo?go-get=1  (fallback, only with use of correctly set GOINSECURE)
 
 If that page contains the meta tag
 
@@ -517,9 +517,8 @@ General-purpose environment variables:
 		Comma-separated list of glob patterns (in the syntax of Go's path.Match)
 		of module path prefixes that should always be fetched in an insecure
 		manner. Only applies to dependencies that are being fetched directly.
-		Unlike the -insecure flag on 'go get', GOINSECURE does not disable
-		checksum database validation. GOPRIVATE or GONOSUMDB may be used
-		to achieve that.
+		GOINSECURE does not disable checksum database validation. GOPRIVATE or
+		GONOSUMDB may be used to achieve that.
 	GOOS
 		The operating system for which to compile code.
 		Examples are linux, darwin, windows, netbsd.

src/cmd/go/internal/modfetch/repo.go

@@ -267,7 +267,7 @@ var (
 func lookupDirect(path string) (Repo, error) {
 	security := web.SecureOnly
 
-	if allowInsecure(path) {
+	if module.MatchPrefixPatterns(cfg.GOINSECURE, path) {
 		security = web.Insecure
 	}
 	rr, err := vcs.RepoRootForImportPath(path, vcs.PreferMod, security)
@@ -312,7 +312,7 @@ func ImportRepoRev(path, rev string) (Repo, *RevInfo, error) {
 	// version control system, we ignore meta tags about modules
 	// and use only direct source control entries (get.IgnoreMod).
 	security := web.SecureOnly
-	if allowInsecure(path) {
+	if module.MatchPrefixPatterns(cfg.GOINSECURE, path) {
 		security = web.Insecure
 	}
 	rr, err := vcs.RepoRootForImportPath(path, vcs.IgnoreMod, security)

src/cmd/go/internal/modfetch/sumdb.go

@@ -34,7 +34,7 @@ import (
 
 // useSumDB reports whether to use the Go checksum database for the given module.
 func useSumDB(mod module.Version) bool {
-	return cfg.GOSUMDB != "off" && !cfg.Insecure && !module.MatchPrefixPatterns(cfg.GONOSUMDB, mod.Path)
+	return cfg.GOSUMDB != "off" && !module.MatchPrefixPatterns(cfg.GONOSUMDB, mod.Path)
 }
 
 // lookupSumDB returns the Go checksum database's go.sum lines for the given module,

src/cmd/go/internal/modget/get.go

@@ -37,7 +37,6 @@ import (
 	"sync"
 
 	"cmd/go/internal/base"
-	"cmd/go/internal/cfg"
 	"cmd/go/internal/imports"
 	"cmd/go/internal/load"
 	"cmd/go/internal/modload"
@@ -53,7 +52,7 @@ import (
 var CmdGet = &base.Command{
 	// Note: -d -u are listed explicitly because they are the most common get flags.
 	// Do not send CLs removing them because they're covered by [get flags].
-	UsageLine: "go get [-d] [-t] [-u] [-v] [-insecure] [build flags] [packages]",
+	UsageLine: "go get [-d] [-t] [-u] [-v] [build flags] [packages]",
 	Short:     "add dependencies to current module and install them",
 	Long: `
 Get resolves its command-line arguments to packages at specific module versions,
@@ -99,14 +98,6 @@ but changes the default to select patch releases.
 When the -t and -u flags are used together, get will update
 test dependencies as well.
 
-The -insecure flag permits fetching from repositories and resolving
-custom domains using insecure schemes such as HTTP, and also bypassess
-module sum validation using the checksum database. Use with caution.
-This flag is deprecated and will be removed in a future version of go.
-To permit the use of insecure schemes, use the GOINSECURE environment
-variable instead. To bypass module sum validation, use GOPRIVATE or
-GONOSUMDB. See 'go help environment' for details.
-
 The -d flag instructs get not to build or install packages. get will only
 update go.mod and download source code needed to build packages.
 
@@ -227,13 +218,13 @@ variable for future go command invocations.
 }
 
 var (
-	getD   = CmdGet.Flag.Bool("d", false, "")
-	getF   = CmdGet.Flag.Bool("f", false, "")
-	getFix = CmdGet.Flag.Bool("fix", false, "")
-	getM   = CmdGet.Flag.Bool("m", false, "")
-	getT   = CmdGet.Flag.Bool("t", false, "")
-	getU   upgradeFlag
-	// -insecure is cfg.Insecure
+	getD        = CmdGet.Flag.Bool("d", false, "")
+	getF        = CmdGet.Flag.Bool("f", false, "")
+	getFix      = CmdGet.Flag.Bool("fix", false, "")
+	getM        = CmdGet.Flag.Bool("m", false, "")
+	getT        = CmdGet.Flag.Bool("t", false, "")
+	getU        upgradeFlag
+	getInsecure = CmdGet.Flag.Bool("insecure", false, "")
 	// -v is cfg.BuildV
 )
 
@@ -264,7 +255,6 @@ func (v *upgradeFlag) String() string { return "" }
 func init() {
 	work.AddBuildFlags(CmdGet, work.OmitModFlag)
 	CmdGet.Run = runGet // break init loop
-	CmdGet.Flag.BoolVar(&cfg.Insecure, "insecure", cfg.Insecure, "")
 	CmdGet.Flag.Var(&getU, "u", "")
 }
 
@@ -284,8 +274,8 @@ func runGet(ctx context.Context, cmd *base.Command, args []string) {
 	if *getM {
 		base.Fatalf("go get: -m flag is no longer supported; consider -d to skip building packages")
 	}
-	if cfg.Insecure {
-		fmt.Fprintf(os.Stderr, "go get: -insecure flag is deprecated; see 'go help get' for details\n")
+	if *getInsecure {
+		base.Fatalf("go get: -insecure flag is no longer supported; use GOINSECURE instead")
 	}
 	load.ModResolveTests = *getT
 

src/cmd/go/internal/web/http.go

@@ -28,7 +28,7 @@ import (
 	"cmd/internal/browser"
 )
 
-// impatientInsecureHTTPClient is used in -insecure mode,
+// impatientInsecureHTTPClient is used with GOINSECURE,
 // when we're connecting to https servers that might not be there
 // or might be using self-signed certificates.
 var impatientInsecureHTTPClient = &http.Client{

src/cmd/go/testdata/script/get_404_meta.txt

@@ -3,9 +3,10 @@
 [!net] skip
 [!exec:git] skip
 
+env GONOSUMDB=bazil.org,github.com,golang.org
 env GO111MODULE=off
-go get -d -insecure bazil.org/fuse/fs/fstestutil
+go get -d bazil.org/fuse/fs/fstestutil
 
 env GO111MODULE=on
 env GOPROXY=direct
-go get -d -insecure bazil.org/fuse/fs/fstestutil
+go get -d bazil.org/fuse/fs/fstestutil

src/cmd/go/testdata/script/get_insecure.txt

@@ -12,10 +12,12 @@ env GO111MODULE=off
 # GOPATH: Try go get -d of HTTP-only repo (should fail).
 ! go get -d insecure.go-get-issue-15410.appspot.com/pkg/p
 
-# GOPATH: Try again with -insecure (should succeed).
-go get -d -insecure insecure.go-get-issue-15410.appspot.com/pkg/p
+# GOPATH: Try again with GOINSECURE (should succeed).
+env GOINSECURE=insecure.go-get-issue-15410.appspot.com
+go get -d insecure.go-get-issue-15410.appspot.com/pkg/p
 
-# GOPATH: Try updating without -insecure (should fail).
+# GOPATH: Try updating without GOINSECURE (should fail).
+env GOINSECURE=''
 ! go get -d -u -f insecure.go-get-issue-15410.appspot.com/pkg/p
 
 # Modules: Set up
@@ -29,10 +31,14 @@ env GOPROXY=''
 # Modules: Try go get -d of HTTP-only repo (should fail).
 ! go get -d insecure.go-get-issue-15410.appspot.com/pkg/p
 
-# Modules: Try again with -insecure (should succeed).
-go get -d -insecure insecure.go-get-issue-15410.appspot.com/pkg/p
+# Modules: Try again with GOINSECURE (should succeed).
+env GOINSECURE=insecure.go-get-issue-15410.appspot.com
+env GONOSUMDB=insecure.go-get-issue-15410.appspot.com
+go get -d insecure.go-get-issue-15410.appspot.com/pkg/p
 
-# Modules: Try updating without -insecure (should fail).
+# Modules: Try updating without GOINSECURE (should fail).
+env GOINSECURE=''
+env GONOSUMDB=''
 ! go get -d -u -f insecure.go-get-issue-15410.appspot.com/pkg/p
 
 go list -m ...
@@ -48,4 +54,4 @@ func main() {
 	os.Exit(1)
 }
 -- module_file --
-module m
+module m

src/cmd/go/testdata/script/get_insecure_custom_domain.txt

@@ -3,4 +3,6 @@
 env GO111MODULE=off
 
 ! go get -d insecure.go-get-issue-15410.appspot.com/pkg/p
-go get -d -insecure insecure.go-get-issue-15410.appspot.com/pkg/p
+
+env GOINSECURE=insecure.go-get-issue-15410.appspot.com
+go get -d insecure.go-get-issue-15410.appspot.com/pkg/p