You are viewing the 2025 edition of FOSDEM. Click here to view the 2026 edition

Go in the Nix ecosystem: vulnerability scanning and experiments towards a next-gen builder

Name: Go in the Nix ecosystem: vulnerability scanning and experiments towards a next-gen builder
Start: 2025-02-01T13:15:00
End: 2025-02-01T13:15:00
Location: K.3.601

K.3.601 | Day 1 | 13:15 - 13:35 | Speakers: Paul Meyer

Copy link

Copy link

Open in browser

Get involved in the conversation!Join the chat

Notes

Abstract

After looking at the current way Go code is packaged in nixpkgs using buildGoModule, disadvantages are pointed out with a focus on security (backed by data from govulncheck-nixpkgs project) and performance. Out-of-tree alternatives are presented with a focus on the new and promising approach of gobuild.nix, which implements a hook-based builder with module-level caching.

Attachments

Slides

Speakers

Paul Meyer

External Links

Notice: The placeholder video image is licensed under CC BY-SA 4.0. The original image can be found hereChanges made to the image are: Cropped the image to a new ratio, part of the image was cut off.