For various reasons we need to patch cryptobytes for our build (https://github.com/evcc-io/eebus/issues/1#issuecomment-1146843187).
We've tried to do this in a consistent way for local, Docker and Github CI build by vendoring our modules (go mod vendor) and patching the vendored copy. Test confirms the vendored copy is successfully patched (https://github.com/evcc-io/evcc/blob/master/main.go#L37). However, and that part is harder to explain, our application- when receiving TLS connections- still seems to act as if the patch is not in place. Since cryptobytes is also part of GOROOT I'm wondering is there is any chance of the original file ending up in our build, too? What is the role of GOROOT for the final binary and which files (vendored vs. mod cache vs. GOROOT) really end up the build in the end? Much appreciated, Andreas (andig) -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/8ecc71ca-4d44-4be4-a4ad-401d4687e40cn%40googlegroups.com.
