On 06/29/2015 11:25 PM, Zac Medico wrote: > > Considering that Go binaries are statically linked, you'll end up with a > bunch of Go libraries installed that you don't need during run-time. >
They'll eventually give this up, because everyone does when their language starts seeing serious use. I won't pretend that's a real argument though. Suppose ten years from now everything is written in Go. I have 500 statically linked Go packages on my system, all of whose dependencies were built and compiled-in at install time. Now someone finds a remote root vulnerability in the go-openssl library. I know some of the packages I have installed were built against it. What do I do? At least with the useless dev-go/go-openssl installed, I can use subslots to rebuild everything after an upgrade to the fixed version.
