tl;dr importing golang.org/x/crypto/x509roots/fallback adds ~8ms to the startup time of every program or library that imports it. I would like this cost to be zero and would be happy to contribute a fix.
Running the following program: package main import _ "golang.org/x/crypto/x509roots/fallback" func main() {} with the command: $ go build -o tmp main.go $ GODEBUG=inittrace=1 ./tmp |& awk '{print $5, $6, $2}' | sort -n | tail -n 3 0.043 ms internal/godebug 0.052 ms runtime 8.8 ms golang.org/x/crypto/x509roots/fallback shows that golang.org/x/crypto/x509roots/fallback adds an 9ms start-up cost on a fast CPU (AMD Ryzen 8700G). This cost is paid whether or not the fallback X.509 certificates are used or not. >From looking at the code <https://go.googlesource.com/crypto/+/refs/tags/v0.37.0/x509roots/fallback/>, it seems that the CPU is cost is due to parsing about 150 certificates in .PEM format in the package's unskippable init function. The obvious, easy, backwards-compatible fix would be to parse the .PEM files while executing the template that generates bundle.go, instead of parsing them every time at startup. Would you accept a CL to fix this? Tom -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/golang-nuts/d9258786-72c2-47ee-bad3-de6934ff5f80n%40googlegroups.com.