[im_dario]

Telemetry is opt-in [0], it shouldn't be a concern.

[0] https://research.swtch.com/telemetry-opt-in

[fweimer]

GOPROXY is enabled by default. “Since Go 1.13, the go command by default downloads and authenticates modules using the Go module mirror and Go checksum database.” https://proxy.golang.org/

[dolmen]

So you might just need an anonymizing relay to the Google proxy.

The GOPROXY protocol is quite small to allow to implement such a relay: https://go.dev/ref/mod#goproxy-protocol

[dolmen]

Also using a generic http_proxy that does the relay you need might just be enough as many solutions exist in that space.

https://stackoverflow.com/questions/10383299/how-do-i-config...

[eddythompson80]

Only if you’re not vendoring your dependencies, afaik.

[hknmtt]

its mere existence is a concern. people are so dumb when they ignore these things. whenever there already is something, it can only go further.

[eddythompson80]

Debian, for example, has an opt-in telemetry. Would you apply that to Debian?

[hknmtt]

Yes, I 100% would. To any software. The only positive in this case is that Debian is not run by the freaking Google - the overlord of all information on the internet with backdoors for all three letter agencies in USA, despite what Go authors will want you to believe.