It forces what the foundation wants you to do. It takes away control from you, it's unethical.
Not only that, it opens a can of worms. A compiler should be a compiler.
Not an self updating application, nor an dependency modulator from GitHub. How can I trust it when it does all these things?
Call me old fashioned at 35.
If you want the latest then go download the latest. Is that now to hard for the user?
Just because the latest is out doesn't mean it's any better than the previous version. What happens in a CrowdStrike scenario? What happens when Go gets retired in 50 years?
I don't want to work with the latest. Should I? TCL 9 is getting there but TCL 8.7 is still perfectly operatable. Should I be using 9 because it exists? My work only has 8.6 on production.
So your toolchain updates and they've removed a thing. You've got to hunt down the previous version, let alone needing to discover why it was working yesterday and not today. Unnecessary overhead.
You use a dependency that's not updated for the future version?
What stops someone from crafting a malicious binary? Malware hijacking the download path?
Auto-updating takes away your integrity. Your making blind trust that everything is what it is.
How can I be sure that the updated compiler is the compiler and not a malicious crafted version? If you can't trust the compiler how can you trust your code?
Yes, I could turn it off, but could I turn it on instead.
I shouldn't need to turn it off, I'll update when I want to update tyvm.
It forces what the foundation wants you to do. It takes away control from you, it's unethical.
Not only that, it opens a can of worms. A compiler should be a compiler.
Not an self updating application, nor an dependency modulator from GitHub. How can I trust it when it does all these things?
Call me old fashioned at 35.
If you want the latest then go download the latest. Is that now to hard for the user?
Just because the latest is out doesn't mean it's any better than the previous version. What happens in a CrowdStrike scenario? What happens when Go gets retired in 50 years?
I don't want to work with the latest. Should I? TCL 9 is getting there but TCL 8.7 is still perfectly operatable. Should I be using 9 because it exists? My work only has 8.6 on production.
So your toolchain updates and they've removed a thing. You've got to hunt down the previous version, let alone needing to discover why it was working yesterday and not today. Unnecessary overhead.
You use a dependency that's not updated for the future version?
What stops someone from crafting a malicious binary? Malware hijacking the download path?
Auto-updating takes away your integrity. Your making blind trust that everything is what it is.
How can I be sure that the updated compiler is the compiler and not a malicious crafted version? If you can't trust the compiler how can you trust your code?
Yes, I could turn it off, but could I turn it on instead.
I shouldn't need to turn it off, I'll update when I want to update tyvm.