Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

changelog entry, panic less often, reject newer Go versions, document init order caveat #835

Merged
merged 5 commits into from
Feb 18, 2024

Conversation

mvdan
Copy link
Member

@mvdan mvdan commented Feb 18, 2024

(see commit messages - please do not squash)

Panicking in small helpers or in funcs that don't return error
has proved useful to keep code easier to maintain,
particularly for cases that should typically never happen.

However, in these cases we can error just as easily.
In particular, I was getting a panic whenever I forgot
that I was running garble with Go master (1.23), which is over the top.
Right now, we only have linker patches for Go 1.22.x.
We only ever maintain those for one or two major Go versions at a time.

If a user tries to use the Go toolchain from 1.21, we already fail
with "Go version too old" messages early on, but we don't for 1.23,
causing a relatively confusing error later on when we link a binary:

    cannot get modified linker: cannot retrieve linker patches: open patches/go1.23: file does not exist

Instead, fail early and with a good error message.
Keeping the original lexical sorting of Go packages would be very hard,
as a Go program may import an unknown number of Go packages,
and we load and obfuscate one package at a time by design.

One option would be to load all packages upfront when obfuscating
main packages, but that would break the per-package caching of
ofbuscated Go packages, causing a huge slow-down in builds.

Another option would be to not obfuscate import paths,
which would clearly cause a worsening of the obfuscation quality.

The third option is to not attempt to keep the original order,
and document that as a caveat in the README.
I suspect the vast majority of Go projects won't be affected by this,
and those few that might be can always use imports to enforce the order.

Closes burrowers#693, per the decision above to not change what we do.
It accomplishes the same Implicits/Defs logic we were doing here.
@mvdan
Copy link
Member Author

mvdan commented Feb 18, 2024

The changelog entry was written in the release branch, so this adds it to master as well, for consistency.

@pagran pagran merged commit f09db67 into burrowers:master Feb 18, 2024
5 checks passed
@mvdan mvdan deleted the followup branch February 25, 2024 23:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

2 participants