I have multiple servers running Debian 12 stable, which currently provides version 1.19 of the golang package. This is a bit of a nuisance because (the latest version of) many packages out there only support the last two Go minor versions. When should I expect the next minor version of Go to show up in the Debian stable release?
I suppose I could switch to the testing release to get a newer version, but what are the broader security implications of doing so?
hi,
this for sure not a topic for a Go forum, but somethig to ask directly to debian maintainers.
But in general you don’t need to have Go installed on server in order to run Go programs: the runtime is embedded in the executable
1 Like
True, but I have it set up so it builds the server code on the server.
From what I am reading on the Debian website, it seems like there are not generally new versions of packages available in any given release (bullseye, bookworm, etc). Is that correct? In that case I have to wait for the next release to become stable.
no idea. question for Debian maintainers
can’t you just install go yourself on the servers?
I develop and compile on Mac (GOOS=linux go build) and then upload the binary to the Debian server using Webmin (or other server “admin desktop”). Then use systemd for starting/stopping/autostart the Go server. Works good for me…
I suppose I could, but it would take more configuring to automate the installation. Currently I am using Salt Stack to manage my servers, which makes it as easy as pkg.installed -name: golang and I have a usable go installation.
I have my code and accompanying configuration in a git repo, so what I do using Salt Stack is like this (on the server itself):
- git pull
- If there were any changes, run go build.
- Restart the systemd service which runs the built binary.
So it seems like I either need to go to the work of installing the package semi-manually or just be content not using the latest version of everything, go dependencies included.
This seems to be common practice in most Linux distros indeed, for stability reasons.
If you find automating the installation of newest Go problematic, perhaps you could seek help in Debian forums, as others suggested.