Next Release Notes Draft

DRAFT RELEASE NOTES — Introduction to Go 1.26

Go 1.26 is not yet released. These are work-in-progress release notes. Go 1.26 is expected to be released in February 2026.

Changes to the language

The built-in new function, which creates a new variable, now allows its operand to be an expression, specifying the initial value of the variable.

This feature is particularly useful when working with serialization packages such as encoding/json or protocol buffers that use a pointer to represent an optional value, as it enables an optional field to be populated in a simple expression, for example:

import "encoding/json"

type Person struct {
    Name string   `json:"name"`
    Age  *int     `json:"age"` // age if known; nil otherwise
}

func personJSON(name string, born time.Time) ([]byte, error) {
    return json.Marshal(Person{
        Name: name,
        Age:  new(yearsSince(born)),
    })
}

func yearsSince(t time.Time) int {
    return int(time.Since(t).Hours() / (365.25 * 24)) // approximately
}

Tools

Go command

cmd/doc, and go tool doc have been deleted. go doc can be used as a replacement for go tool doc: it takes the same flags and arguments and has the same behavior.

The go fix command, following the pattern of go vet in Go 1.10, now uses the Go analysis framework (golang.org/x/tools/go/analysis). This means the same analyzers that provide diagnostics in go vet can be used to suggest and apply fixes in go fix. The go fix command’s historical fixers, all of which were obsolete, have been removed and replaced by a suite of new analyzers that offer fixes to use newer features of the language and library.

Pprof

The pprof tool web UI, enabled with the -http flag, now defaults to the flame graph view. The previous graph view is available in the “View -> Graph” menu, or via /ui/graph.

Linker

On 64-bit ARM-based Windows (the windows/arm64 port), the linker now supports internal linking mode of cgo programs, which can be requested with the -ldflags=-linkmode=internal flag.

Bootstrap

As mentioned in the Go 1.24 release notes, Go 1.26 now requires Go 1.24.6 or later for bootstrap. We expect that Go 1.28 will require a minor release of Go 1.26 or later for bootstrap.

Standard library

New secret package

The new secret package is available as an experiment. It provides a facility for securely erasing temporaries used in code that manipulates secret information, typically cryptographic in nature. Users can access it by passing GOEXPERIMENT=runtimesecret at build time.

The secret.Do function runs its function argument and then erases all temporary storage (registers, stack, new heap allocations) used by that function argument. Heap storage is not erased until that storage is deemed unreachable by the garbage collector, which might take some time after secret.Do completes.

This package is intended to make it easier to ensure forward secrecy.

crypto/hpke

The new crypto/hpke package implements Hybrid Public Key Encryption (HPKE) as specified in RFC 9180, including support for post-quantum hybrid KEMs.

Minor changes to the library

bytes

The new Buffer.Peek method returns the next n bytes from the buffer without advancing it.

crypto

The new Encapsulator and Decapsulator interfaces allow accepting abstract KEM encapsulation or decapsulation keys.

crypto/dsa

The random parameter to GenerateKey is now ignored. Instead, it now always uses a secure source of cryptographically random bytes. For deterministic testing, use the new testing/cryptotest.SetGlobalRandom function. The new GODEBUG setting cryptocustomrand=1 temporarily restores the old behavior.

crypto/ecdh

The random parameter to Curve.GenerateKey is now ignored. Instead, it now always uses a secure source of cryptographically random bytes. For deterministic testing, use the new testing/cryptotest.SetGlobalRandom function. The new GODEBUG setting cryptocustomrand=1 temporarily restores the old behavior.

The new KeyExchanger interface, implemented by PrivateKey, makes it possible to accept abstract ECDH private keys, e.g. those implemented in hardware.

crypto/ecdsa

The big.Int fields of PublicKey and PrivateKey are now deprecated.

The random parameter to GenerateKey, SignASN1, Sign, and PrivateKey.Sign is now ignored. Instead, they now always use a secure source of cryptographically random bytes. For deterministic testing, use the new testing/cryptotest.SetGlobalRandom function. The new GODEBUG setting cryptocustomrand=1 temporarily restores the old behavior.

crypto/ed25519

If the random parameter to GenerateKey is nil, GenerateKey now always uses a secure source of cryptographically random bytes, instead of crypto/rand.Reader (which could have been overridden). The new GODEBUG setting cryptocustomrand=1 temporarily restores the old behavior.

crypto/fips140

The new WithoutEnforcement and Enforced functions now allow running in GODEBUG=fips140=only mode while selectively disabling the strict FIPS 140-3 checks.

Version returns the resolved FIPS 140-3 Go Cryptographic Module version when building against a frozen module with GOFIPS140.

crypto/hpke

crypto/mlkem

The new DecapsulationKey768.Encapsulator and DecapsulationKey1024.Encapsulator methods implement the new crypto.Decapsulator interface.

crypto/mlkem/mlkemtest

The new crypto/mlkem/mlkemtest package exposes the Encapsulate768 and Encapsulate1024 functions which implement derandomized ML-KEM encapsulation, for use with known-answer tests.

crypto/rand

The random parameter to Prime is now ignored. Instead, it now always uses a secure source of cryptographically random bytes. For deterministic testing, use the new testing/cryptotest.SetGlobalRandom function. The new GODEBUG setting cryptocustomrand=1 temporarily restores the old behavior.

crypto/rsa

The new EncryptOAEPWithOptions function allows specifying different hash functions for OAEP padding and MGF1 mask generation.

The random parameter to GenerateKey, GenerateMultiPrimeKey, and EncryptPKCS1v15 is now ignored. Instead, they now always use a secure source of cryptographically random bytes. For deterministic testing, use the new testing/cryptotest.SetGlobalRandom function. The new GODEBUG setting cryptocustomrand=1 temporarily restores the old behavior.

If PrivateKey fields are modified after calling PrivateKey.Precompute, PrivateKey.Validate now fails.

PrivateKey.D is now checked for consistency with precomputed values, even if it is not used.

Unsafe PKCS #1 v1.5 encryption padding (implemented by EncryptPKCS1v15, DecryptPKCS1v15, and DecryptPKCS1v15SessionKey) is now deprecated.

crypto/tls

The hybrid SecP256r1MLKEM768 and SecP384r1MLKEM1024 post-quantum key exchanges are now enabled by default. They can be disabled by setting Config.CurvePreferences or with the tlssecpmlkem=0 GODEBUG setting.

The new ClientHelloInfo.HelloRetryRequest field indicates if the ClientHello was sent in response to a HelloRetryRequest message. The new ConnectionState.HelloRetryRequest field indicates if the server sent a HelloRetryRequest, or if the client received a HelloRetryRequest, depending on connection role.

The QUICConn type used by QUIC implementations includes new event for reporting TLS handshake errors.

If Certificate.PrivateKey implements crypto.MessageSigner, its SignMessage method is used instead of Sign in TLS 1.2 and later.

The following GODEBUG settings introduced in Go 1.22 and Go 1.23 will be removed in the next major Go release. Starting in Go 1.27, the new behavior will apply regardless of GODEBUG setting or go.mod language version.

  • tlsunsafeekm: ConnectionState.ExportKeyingMaterial will require TLS 1.3 or Extended Master Secret.
  • tlsrsakex: legacy RSA-only key exchanges without ECDH won’t be enabled by default.
  • tls10server: the default minimum TLS version for both clients and servers will be TLS 1.2.
  • tls3des: the default cipher suites will not include 3DES.
  • x509keypairleaf: X509KeyPair and LoadX509KeyPair will always populate the Certificate.Leaf field.

crypto/x509

The ExtKeyUsage and KeyUsage types now have String methods that return the correspodning OID names as defined in RFC 5280 and other registries.

The ExtKeyUsage type now has an OID method that returns the corresponding OID for the EKU.

The new OIDFromASN1OID function allows converting an encoding/asn1.ObjectIdentifier into an OID.

database/sql/driver

A database driver may implement RowsColumnScanner to entirely override Scan behavior.

debug/elf

Additional R_LARCH_* constants from LoongArch ELF psABI v20250521 (global version v2.40) are defined for use with LoongArch systems.

errors

The new AsType function is a generic version of As. It is type-safe, faster, and, in most cases, easier to use.

go/ast

The new ParseDirective function parses directive comments, which are comments such as //go:generate. Source code tools can support their own directive comments and this new API should help them implement the conventional syntax.

The new BasicLit.ValueEnd field records the precise end position of a literal so that the BasicLit.End method can now always return the correct answer. (Previously it was computed using a heuristic that was incorrect for multi-line raw string literals in Windows source files, due to removal of carriage returns.)

go/token

The new File.End convenience method returns the file’s end position.

image/jpeg

The JPEG encoder and decoder have been replaced with new, faster, more accurate implementations. Code that expects specific bit-for-bit outputs from the encoder or decoder may need to be updated.

log/slog

The NewMultiHandler function creates a MultiHandler that invokes all the given Handlers. Its Enable method reports whether any of the handlers’ Enabled methods return true. Its Handle, WithAttr and WithGroup methods call the corresponding method on each of the enabled handlers.

net

The new Dialer methods DialIP, DialTCP, DialUDP, and DialUnix permit dialing specific network types with context values.

net/http

The new HTTP2Config.StrictMaxConcurrentRequests field controls whether a new connection should be opened if an existing HTTP/2 connection has exceeded its stream limit.

The new Transport.NewClientConn method returns a client connection to an HTTP server. Most users should continue to use Transport.RoundTrip to make requests, which manages a pool of connection. NewClientConn is useful for users who need to implement their own conection management.

net/http/httptest

The HTTP client returned by Server.Client will now redirect requests for example.com and any subdomains to the server being tested.

net/http/httputil

The ReverseProxy.Director configuration field is deprecated in favor of ReverseProxy.Rewrite.

A malicious client can remove headers added by a Director function by designating those headers as hop-by-hop. Since there is no way to address this problem within the scope of the Director API, we added a new Rewrite hook in Go 1.20. Rewrite hooks are provided with both the unmodified inbound request received by the proxy and the outbound request which will be sent by the proxy.

Since the Director hook is fundamentally unsafe, we are now deprecating it.

net/netip

The new Prefix.Compare method compares two prefixes.

net/url

Parse now rejects malformed URLs containing colons in the host subcomponent, such as http://::1/ or http://localhost:80:80/. URLs containing bracketed IPv6 addresses, such as http://[::1]/ are still accepted. The new GODEBUG=urlstrictcolons=0 setting restores the old behavior.

os

The new Process.WithHandle method provides access to an internal process handle on supported platforms (Linux 5.4 or later and Windows). On Linux, the process handle is a pidfd. The method returns ErrNoHandle on unsupported platforms or when no process handle is available.

On Windows, the OpenFile flag parameter can now contain any combination of Windows-specific file flags, such as FILE_FLAG_OVERLAPPED and FILE_FLAG_SEQUENTIAL_SCAN, for control of file or device caching behavior, access modes, and other special-purpose flags.

os/signal

NotifyContext now cancels the returned context with context.CancelCauseFunc and an error indicating which signal was received.

reflect

reflect.Type includes new methods that return iterators for a type’s fields, methods, inputs and outputs. Similarly, reflect.Value includes two new methods that return iterators over a value’s fields or methods, each element being a pair of the value (reflect.Value) and its type information (reflect.StructField or reflect.Method).

testing

The new methods T.ArtifactDir, B.ArtifactDir, and F.ArtifactDir return a directory in which to write test output files (artifacts).

When the -artifacts flag is provided to go test, this directory will be located under the output directory (specified with -outputdir, or the current directory by default). Otherwise, artifacts are stored in a temporary directory which is removed after the test completes.

The first call to ArtifactDir when -artifacts is provided writes the location of the directory to the test log.

For example, in a test named TestArtifacts, t.ArtifactDir() emits:

=== ARTIFACTS Test /path/to/artifact/dir

testing/cryptotest

The new SetGlobalRandom function configures a global, deterministic cryptographic randomness source for the duration of the test. It affects crypto/rand, and all implicit sources of cryptographic randomness in the crypto/... packages.

Ports

Darwin

Go 1.26 is the last release that will run on macOS 12 Monterey. Go 1.27 will require macOS 13 Ventura or later.

FreeBSD

The freebsd/riscv64 port (GOOS=freebsd GOARCH=riscv64) has been marked broken. See issue 76475 for details.

Windows

As announced in the Go 1.25 release notes, the broken 32-bit windows/arm port (GOOS=windows GOARCH=arm) is removed.

go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.