Go modules: go.sum, SumDB, GOPROXY/GOSUMDB

Jan 1, 0001

Definition

Go modules are a dependency management system for Go programming language, introduced to handle versioning and package distribution. The go.sum file ensures the integrity of module downloads by recording the expected cryptographic checksums of module content. SumDB is a public database that provides verifiable checksums for Go modules, enhancing security by preventing tampering. GOPROXY and GOSUMDB are environment variables that configure the proxy server and checksum database used by the Go toolchain to fetch and verify modules.

Secure Settings Example

export GOPROXY=https://proxy.golang.org
export GOSUMDB=sum.golang.org

Insecure Settings Example

export GOPROXY=direct
export GOSUMDB=off

Go modules: go.sum, SumDB, GOPROXY/GOSUMDB

Definition

Secure Settings Example

Insecure Settings Example

Ask AppSec: free security newsletter

Ask AppSec: free security newsletter