From d67a90c930c50b5f922b1280a7f3ef0cf2b1599d Mon Sep 17 00:00:00 2001
From: Boris Nagaev <bnagaev@gmail.com>
Date: Mon, 9 Oct 2017 04:25:58 +0200
Subject: [PATCH] add -a flag when building release binaries

One more step towards byte-perfect reproducibility.
The option -a tells Go to rebuild everything. Libraries in
$GOROOT/pkg/$GOOS_GOARCH could be (and are likely to) build with
other toolchain, leaking build directory of that other toolchain
into resulting binaries.

See https://github.com/NebulousLabs/Sia/issues/2410
---
 Makefile   | 2 +-
 release.sh | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Makefile b/Makefile
index 9b10b7f68b..0eb9d3ac7f 100644
--- a/Makefile
+++ b/Makefile
@@ -72,7 +72,7 @@ release:
 release-race:
 	go install -race -tags='debug profile netgo' $(pkgs)
 release-std:
-	go install -tags 'netgo' -ldflags='-s -w' $(pkgs)
+	go install -tags 'netgo' -a -ldflags='-s -w' $(pkgs)
 
 # clean removes all directories that get automatically created during
 # development.
diff --git a/release.sh b/release.sh
index cd69783e6c..0ff381710f 100755
--- a/release.sh
+++ b/release.sh
@@ -36,7 +36,7 @@ for os in darwin linux windows; do
 		if [ "$os" == "windows" ]; then
 			bin=${pkg}.exe
 		fi
-		GOOS=${os} go build -ldflags="-s -w" -o $folder/$bin ./$pkg
+		GOOS=${os} go build -a -ldflags="-s -w" -o $folder/$bin ./$pkg
 		openssl dgst -sha256 -sign $keyfile -out $folder/${bin}.sig $folder/$bin
 		# verify signature
 		if [[ -n $pubkeyfile ]]; then