Socket
Socket
Sign inDemoInstall

github.com/inconshreveable/go-update

Package Overview
Dependencies
Alerts
File Explorer
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

github.com/inconshreveable/go-update

Version published
Created
Source

go-update: Build self-updating Go programs godoc reference

Package update provides functionality to implement secure, self-updating Go programs (or other single-file targets) A program can update itself by replacing its executable file with a new version.

It provides the flexibility to implement different updating user experiences like auto-updating, or manual user-initiated updates. It also boasts advanced features like binary patching and code signing verification.

Example of updating from a URL:

import (
    "fmt"
    "net/http"

    "github.com/inconshreveable/go-update"
)

func doUpdate(url string) error {
    resp, err := http.Get(url)
    if err != nil {
        return err
    }
    defer resp.Body.Close()
    err := update.Apply(resp.Body, update.Options{})
    if err != nil {
        // error handling
    }
    return err
}

Features

  • Cross platform support (Windows too!)
  • Binary patch application
  • Checksum verification
  • Code signing verification
  • Support for updating arbitrary files

equinox.io

equinox.io is a complete ready-to-go updating solution built on top of go-update that provides:

  • Hosted updates
  • Update channels (stable, beta, nightly, ...)
  • Dynamically computed binary diffs
  • Automatic key generation and code
  • Release tooling with proper code signing
  • Update/download metrics

API Compatibility Promises

The master branch of go-update is not guaranteed to have a stable API over time. For any production application, you should vendor your dependency on go-update with a tool like git submodules, gb or govendor.

The go-update package makes the following promises about API compatibility:

  1. A list of all API-breaking changes will be documented in this README.
  2. go-update will strive for as few API-breaking changes as possible.

API Breaking Changes

  • Sept 3, 2015: The Options struct passed to Apply was changed to be passed by value instead of passed by pointer. Old API at 28de026.
  • Aug 9, 2015: 2.0 API. Old API at 221d034 or gopkg.in/inconshreveable/go-update.v0.

License

Apache

FAQs

Package last updated on 12 Jan 2016

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Developers Burned by Elasticsearch’s License Change Aren’t Going Back, Despite Its Return to Open Source

Security News

Developers Burned by Elasticsearch’s License Change Aren’t Going Back, Despite Its Return to Open Source

Elastic’s return to open source with the AGPL license has been met with skepticism, as many developers see it as a strategic move rather than a genuine effort to restore user trust and freedoms.

By Sarah Gooding  -  Sep 06, 2024
Introducing Dashboard Analytics

Product

Introducing Dashboard Analytics

We're introducing a new Analytics feature in the Socket dashboard so you can view changes in your organization's and repositories' alerts over time.

By Charlie Gerard  -  Sep 05, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc