New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

github.com/inconshreveable/go-update

Package Overview
Dependencies
Alerts
File Explorer
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

github.com/inconshreveable/go-update

  • v0.0.0-20160112193335-8152e7eb6ccf
  • Source
  • Go
  • Socket score
Version published
Created
Source

go-update: Build self-updating Go programs godoc reference

Package update provides functionality to implement secure, self-updating Go programs (or other single-file targets) A program can update itself by replacing its executable file with a new version.

It provides the flexibility to implement different updating user experiences like auto-updating, or manual user-initiated updates. It also boasts advanced features like binary patching and code signing verification.

Example of updating from a URL:

import (
    "fmt"
    "net/http"

    "github.com/inconshreveable/go-update"
)

func doUpdate(url string) error {
    resp, err := http.Get(url)
    if err != nil {
        return err
    }
    defer resp.Body.Close()
    err := update.Apply(resp.Body, update.Options{})
    if err != nil {
        // error handling
    }
    return err
}

Features

  • Cross platform support (Windows too!)
  • Binary patch application
  • Checksum verification
  • Code signing verification
  • Support for updating arbitrary files

equinox.io

equinox.io is a complete ready-to-go updating solution built on top of go-update that provides:

  • Hosted updates
  • Update channels (stable, beta, nightly, ...)
  • Dynamically computed binary diffs
  • Automatic key generation and code
  • Release tooling with proper code signing
  • Update/download metrics

API Compatibility Promises

The master branch of go-update is not guaranteed to have a stable API over time. For any production application, you should vendor your dependency on go-update with a tool like git submodules, gb or govendor.

The go-update package makes the following promises about API compatibility:

  1. A list of all API-breaking changes will be documented in this README.
  2. go-update will strive for as few API-breaking changes as possible.

API Breaking Changes

  • Sept 3, 2015: The Options struct passed to Apply was changed to be passed by value instead of passed by pointer. Old API at 28de026.
  • Aug 9, 2015: 2.0 API. Old API at 221d034 or gopkg.in/inconshreveable/go-update.v0.

License

Apache

FAQs

Package last updated on 12 Jan 2016

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Maven Central Adds Sigstore Signature Validation

Security News

Maven Central Adds Sigstore Signature Validation

Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.

By Sarah Gooding  -  Feb 06, 2025
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc