On 03/07/2017 07:02 PM, Patrick McLean wrote: > > You also need to recompile to get security bugs fixed. With go it's not > just compiler options, it's also the standard library updates that need > a recompile to get. >
If that's the reasoning, then don't you have the same problem with every other library under dev-go? None of them are really needed at runtime, but you would need to rebuild when they change to get security updates, right? If all dev-go libraries wind up in RDEPEND solely to force rebuilds on upgrades, why not do the same with the standard library (dev-lang/go)?
