i see that in golang you have modules and when you use these modules google does track your ip and log the instance each time you download a golang module. which i think i terrible for privacy. is this something most are not bothered or you have some privacy protection hacks you can apply when using golang modules thanks
These services can only access publicly available source code. If you depend on private modules, set GOPRIVATE to a glob pattern that covers them. See Module configuration for non-public modules in the go command documentation for more details.
To opt-out of this module mirror, you can turn it off by setting GOPROXY=direct
In addition to @NobbZ’s advice, you can also set up your own private Go module proxy server.
Also, the proxy documentation describes what is being logged:
If I don’t set
GOPRIVATE and request a private module from these services, what leaks?
We use that data for monitoring and debugging. In general, we’ve built these services to retain as little information about usage as possible while still ensuring that we are able to detect and fix problems.
We do not store logged personally identifiable information such as IP addresses for more than 30 days. We also do not correlate or combine information from our request logs with any personal information that you have provided Google for other services.
In addition to the excellent notes already made, I’m curious about package managers you’re using that are better about privacy than go modules.
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.