go/doc/godebug.md, branch fix-runtime-test-GOMAXPROCS

cmd/go: disable support for multiple vcs in one module

2025-07-08T18:30:38Z

Removes the somewhat redundant vcs.FromDir, "allowNesting" argument, which was always enabled, and disallow multiple VCS metadata folders being present in a single directory. This makes VCS injection attacks much more difficult. Also adds a GODEBUG, allowmultiplevcs, which re-enables this behavior. Thanks to RyotaK (https://ryotak.net) of GMO Flatt Security Inc for reporting this issue. Fixes #74380 Fixes CVE-2025-4674 Change-Id: I5787d90cdca8deb3aca6f154efb627df1e7d2789 Reviewed-on: https://go-review.googlesource.com/c/go/+/686515 LUCI-TryBot-Result: Go LUCI Reviewed-by: David Chase Commit-Queue: Carlos Amedee Reviewed-by: Carlos Amedee

doc: fix links to runtime Environment Variables

2025-06-24T16:40:34Z

Change-Id: I9e8ecc5e4f4cba0b09008b2b0d9d3f8842687ec3 GitHub-Last-Rev: e0ddaaed3875761a1ff3692af49c0ec2622a5e20 GitHub-Pull-Request: golang/go#74180 Reviewed-on: https://go-review.googlesource.com/c/go/+/681516 Reviewed-by: Dmitri Shuralyov Reviewed-by: Junyang Shao Reviewed-by: Sean Liao LUCI-TryBot-Result: Go LUCI Auto-Submit: Sean Liao

crypto/x509: use truncated SHA-256 for SubjectKeyId

2025-05-21T22:09:45Z

Fixes #71746 Change-Id: I6a6a46568b092933d8ac2039df99ee9f0edf6e56 Reviewed-on: https://go-review.googlesource.com/c/go/+/674477 Reviewed-by: Daniel McCarney Reviewed-by: David Chase Reviewed-by: Roland Shoemaker Auto-Submit: Filippo Valsorda LUCI-TryBot-Result: Go LUCI

crypto/tls: disable SHA-1 signature algorithms in TLS 1.2

2025-05-21T22:09:29Z

This implements RFC 9155 by removing support for SHA-1 algorithms: - we don't advertise them in ClientHello and CertificateRequest (where supportedSignatureAlgorithms is used directly) - we don't select them in our ServerKeyExchange and CertificateVerify (where supportedSignatureAlgorithms filters signatureSchemesForCertificate) - we reject them in the peer's ServerKeyExchange and CertificateVerify (where we check against the algorithms we advertised in ClientHello and CertificateRequest) Fixes #72883 Change-Id: I6a6a4656e2aafd2c38cdd32090d3d8a9a8047818 Reviewed-on: https://go-review.googlesource.com/c/go/+/658216 LUCI-TryBot-Result: Go LUCI Auto-Submit: Filippo Valsorda Reviewed-by: David Chase Reviewed-by: Roland Shoemaker Reviewed-by: Daniel McCarney

runtime: use cgroup CPU limit to set GOMAXPROCS

2025-05-21T17:21:55Z

This CL adds two related features enabled by default via compatibility GODEBUGs containermaxprocs and updatemaxprocs. On Linux, containermaxprocs makes the Go runtime consider cgroup CPU bandwidth limits (quota/period) when setting GOMAXPROCS. If the cgroup limit is lower than the number of logical CPUs available, then the cgroup limit takes precedence. On all OSes, updatemaxprocs makes the Go runtime periodically recalculate the default GOMAXPROCS value and update GOMAXPROCS if it has changed. If GOMAXPROCS is set manually, this update does not occur. This is intended primarily to detect changes to cgroup limits, but it applies on all OSes because the CPU affinity mask can change as well. The runtime only considers the limit in the leaf cgroup (the one that actually contains the process), caching the CPU limit file descriptor(s), which are periodically reread for updates. This is a small departure from the original proposed design. It will not consider limits of parent cgroups (which may be lower than the leaf), and it will not detection cgroup migration after process start. We can consider changing this in the future, but the simpler approach is less invasive; less risk to packages that have some awareness of runtime internals. e.g., if the runtime periodically opens new files during execution, file descriptor leak detection is difficult to implement in a stable way. For #73193. Cq-Include-Trybots: luci.golang.try:gotip-linux-amd64-longtest Change-Id: I6a6a636c631c1ae577fb8254960377ba91c5dc98 Reviewed-on: https://go-review.googlesource.com/c/go/+/670497 LUCI-TryBot-Result: Go LUCI Reviewed-by: Michael Knyszek

runtime: remove GODEBUG=runtimecontentionstacks

2025-05-07T19:22:24Z

Go 1.22 promised to remove the setting in a future release once the semantics of runtime-internal lock contention matched that of sync.Mutex. That work is done, remove the setting. Previously reviewed as https://go.dev/cl/585639. For #66999 Change-Id: I9fe62558ba0ac12824874a0bb1b41efeb7c0853f Reviewed-on: https://go-review.googlesource.com/c/go/+/668995 LUCI-TryBot-Result: Go LUCI Reviewed-by: Michael Knyszek Auto-Submit: Rhys Hiltner Reviewed-by: Carlos Amedee

doc: fix grammar and spelling

2025-04-29T14:37:04Z

Minor typo fixes in the docs Change-Id: I56b5d0318936aecc7775fb5bc70534456707da49 GitHub-Last-Rev: b4d042f8a997aa0d3824d8f9350dd24090b21073 GitHub-Pull-Request: golang/go#73531 Reviewed-on: https://go-review.googlesource.com/c/go/+/668815 Reviewed-by: Keith Randall LUCI-TryBot-Result: Go LUCI Reviewed-by: Carlos Amedee Auto-Submit: Keith Randall Reviewed-by: Keith Randall

cmd/go: allow symlinks of non-directory files in embed

2025-03-11T14:51:38Z

We previously disallowed all non-regular files being embedded. This CL relaxes the restriction a little: if the GODEBUG embedfollowsymlinks=1 is set, we allow the leaf files being embedded (not the directories containing them) to be symlinks. The files pointed to by the symlinks must still be regular files. This will be used when a Bazel build action executing the Go command is running in a symlink-based sandbox. It's not something we want to enable in general for now, so it's behind a GODEBUG. Fixes #59924 Change-Id: I895be14c12de55b7d1b663d81bdda1df37d54804 Reviewed-on: https://go-review.googlesource.com/c/go/+/643215 LUCI-TryBot-Result: Go LUCI Reviewed-by: Alan Donovan

internal/godebugs: add decoratemappings as an opaque godebug setting

2025-03-10T15:29:59Z

This adds a new godebug to control whether the runtime applies the anonymous memory mapping annotations added in https://go.dev/cl/646095. It is enabled by default. This has several effects: * The feature is only enabled by default when the main go.mod has go >= 1.25. * This feature can be disabled with GODEBUG=decoratemappings=0, or the equivalents in go.mod or package main. See https://go.dev/doc/godebug. * As an opaque setting, this option will not appear in runtime/metrics. * This setting is non-atomic, so it cannot be changed after startup. I am not 100% sure about my decision for the last two points. I've made this an opaque setting because it affects every memory mapping the runtime performs. Thus every mapping would report "non-default behavior", which doesn't seem useful. This setting could trivially be atomic and allow changes at run time, but those changes would only affect future mappings. That seems confusing and not helpful. On the other hand, going back to annotate or unannotate every previous mapping when the setting changes is unwarranted complexity. For #71546. Change-Id: I6a6a636c5ad551d76691cba2a6f668d5cff0e352 Reviewed-on: https://go-review.googlesource.com/c/go/+/655895 Reviewed-by: Michael Knyszek Reviewed-by: Ian Lance Taylor LUCI-TryBot-Result: Go LUCI Auto-Submit: Michael Pratt

doc: update godebug doc to clarify godebug directive in workspace

2025-03-06T16:08:42Z

Make it clear that we only use godebug directives in the go.work, and that we don't use those in go.mod, when we're in a workspace. Fixes #72109 Change-Id: I648bfa4dd9b3ca0ac299c0a890843d41fe1ac7f0 Reviewed-on: https://go-review.googlesource.com/c/go/+/655158 LUCI-TryBot-Result: Go LUCI Reviewed-by: Ian Lance Taylor