[tptacek]

crypto/, not crypto/fips140.

[FiloSottile]

To nitpick, there is no special crypto/fips140 package. (Ok, there is, but it just has an Enabled() bool function.)

FIPS 140-3 mode is enabled by building with GOFIPS140=v1.0.0 (or similar, see https://go.dev/doc/security/fips140), but it shares 99% of the code with non-FIPS mode.

Still, your message is right, just GOFIPS140=off (the default!), not GOFIPS140=v1.0.0.

[tptacek]

Not a nitpick! I was just wrong!

[bravesoul2]

That's a nice solution when managing a platform. You can "upgrade" all your teams, and/or easily detect they have upgraded.