Developer Briefing — Go 1.14 release ships modules by default

Executive briefing: The Go team released Go 1.14 on 25 February 2020. Module-aware builds became the default outside GOPATH, goroutine preemption reduced worst-case scheduler pauses, and defer saw major performance gains. Upstream support now targets Go 1.13 and 1.14, so security fixes will focus on these baselines.

Why it matters

• Dependency hygiene: default module mode forces explicit version selection, reducing implicit GOPATH behaviors.
• Latency-sensitive services: preemptible goroutines tighten tail latencies for Go-based APIs and workers.
• Support window: security patches will not backport indefinitely to earlier Go releases.

Operator actions

1. Plan upgrades: Pin builds to Go 1.14 in CI and container images after validating critical services in staging.
2. Audit modules: Add go env -w GOPROXY to enforce internal proxies and checksum verification for third-party modules.
3. Performance tests: Benchmark latency-sensitive paths to confirm scheduler improvements do not surface unexpected contention or blocking.
4. Retire GOPATH: Update developer onboarding and build docs to remove GOPATH assumptions and use go mod tidy/go mod vendor.