CGO users: In case you weren't already aware: for many Go 
packages that use CGO, the recently released security-oriented 
restriction on CGO flags in go1.9.4 /go1.10rc2 broke their build. 


In order for your specific build flags and options to be included in the 
corrective to-be-released-shortly go1.9.5 and go1.10,
it is urgent that you add the (compile and/or link) flags 
and options you need to the whitelist issue here

What if I don't bother to test now with go1.9.4 / go1.10rc2?  

If you don't test now and get your flags whitelisted, then 
the whitelist in go1.9.5 / go1.10 may 
leave your package broken/unable to 
build for quite a while.

So, do this immediately: test your package with go1.9.4 or go1.10rc2, and 
if it breaks with this kind of error:

`invalid flag in #cgo`

then add the flags you are using to the list at the bottom of

Test now!

Already listed flags include

.a files
-msse and -msse4.2
-fno-exceptions -fno-rtti -fpermissive
-Wl,-framework -Wl,--no-as-needed
-finput-charset=UTF-8 --std=c99 -pedantic-errors

So if your options are already in that list, then no further action is 

p.s. the temporarily workaround while waiting for go1.9.5/go1.10 whitelist 
update is to set 
one or both of these env vars with regexes that match your flags. Examples:

export CGO_CFLAGS_ALLOW='-fno-exceptions'

export CGO_LDFLAGS_ALLOW='.*\.a$'

You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
For more options, visit

Reply via email to