@ttsc/linux-arm 0.8.0-dev.20260506 → 0.8.1

package/bin/go/VERSION

@@ -1,2 +1,2 @@
-go1.26.2
-time 2026-03-27T21:58:29Z
+go1.26.0
+time 2026-02-10T01:22:00Z

package/bin/go/src/archive/tar/format.go

@@ -147,12 +147,6 @@ const (
 	// Max length of a special file (PAX header, GNU long name or link).
 	// This matches the limit used by libarchive.
 	maxSpecialFileSize = 1 << 20
-
-	// Maximum number of sparse file entries.
-	// We should never actually hit this limit
-	// (every sparse encoding will first be limited by maxSpecialFileSize),
-	// but this adds an additional layer of defense.
-	maxSparseFileEntries = 1 << 20
 )
 
 // blockPadding computes the number of bytes needed to pad offset up to the

package/bin/go/src/archive/tar/reader.go

@@ -490,8 +490,7 @@ func (tr *Reader) readOldGNUSparseMap(hdr *Header, blk *block) (sparseDatas, err
 	}
 	s := blk.toGNU().sparse()
 	spd := make(sparseDatas, 0, s.maxEntries())
-	totalSize := len(s)
-	for totalSize < maxSpecialFileSize {
+	for {
 		for i := 0; i < s.maxEntries(); i++ {
 			// This termination condition is identical to GNU and BSD tar.
 			if s.entry(i).offset()[0] == 0x00 {
@@ -502,11 +501,7 @@ func (tr *Reader) readOldGNUSparseMap(hdr *Header, blk *block) (sparseDatas, err
 			if p.err != nil {
 				return nil, p.err
 			}
-			var err error
-			spd, err = appendSparseEntry(spd, sparseEntry{Offset: offset, Length: length})
-			if err != nil {
-				return nil, err
-			}
+			spd = append(spd, sparseEntry{Offset: offset, Length: length})
 		}
 
 		if s.isExtended()[0] > 0 {
@@ -515,12 +510,10 @@ func (tr *Reader) readOldGNUSparseMap(hdr *Header, blk *block) (sparseDatas, err
 				return nil, err
 			}
 			s = blk.toSparse()
-			totalSize += len(s)
 			continue
 		}
 		return spd, nil // Done
 	}
-	return nil, errSparseTooLong
 }
 
 // readGNUSparseMap1x0 reads the sparse map as stored in GNU's PAX sparse format
@@ -593,10 +586,7 @@ func readGNUSparseMap1x0(r io.Reader) (sparseDatas, error) {
 		if err1 != nil || err2 != nil {
 			return nil, ErrHeader
 		}
-		spd, err = appendSparseEntry(spd, sparseEntry{Offset: offset, Length: length})
-		if err != nil {
-			return nil, err
-		}
+		spd = append(spd, sparseEntry{Offset: offset, Length: length})
 	}
 	return spd, nil
 }
@@ -630,22 +620,12 @@ func readGNUSparseMap0x1(paxHdrs map[string]string) (sparseDatas, error) {
 		if err1 != nil || err2 != nil {
 			return nil, ErrHeader
 		}
-		spd, err = appendSparseEntry(spd, sparseEntry{Offset: offset, Length: length})
-		if err != nil {
-			return nil, err
-		}
+		spd = append(spd, sparseEntry{Offset: offset, Length: length})
 		sparseMap = sparseMap[2:]
 	}
 	return spd, nil
 }
 
-func appendSparseEntry(spd sparseDatas, ent sparseEntry) (sparseDatas, error) {
-	if len(spd) >= maxSparseFileEntries {
-		return nil, errSparseTooLong
-	}
-	return append(spd, ent), nil
-}
-
 // Read reads from the current file in the tar archive.
 // It returns (0, io.EOF) when it reaches the end of that file,
 // until [Next] is called to advance to the next file.

package/bin/go/src/builtin/builtin.go

@@ -122,10 +122,6 @@ type Type int
 // invocation.
 type Type1 int
 
-// TypeOrExpr is here for the purposes of documentation only. It is a stand-in
-// for either a Go type or an expression.
-type TypeOrExpr int
-
 // IntegerType is here for the purposes of documentation only. It is a stand-in
 // for any integer type: int, uint, int8 etc.
 type IntegerType int
@@ -224,15 +220,10 @@ func max[T cmp.Ordered](x T, y ...T) T
 // min will return NaN.
 func min[T cmp.Ordered](x T, y ...T) T
 
-// The built-in function new allocates a new, initialized variable and returns
-// a pointer to it. It accepts a single argument, which may be either a type
-// or an expression.
-// If the argument is a type T, then new(T) allocates a variable of type T
-// initialized to its zero value.
-// Otherwise, the argument is an expression x and new(x) allocates a variable
-// of the type of x initialized to the value of x. If that value is an untyped
-// constant, it is first implicitly converted to its default type.
-func new(TypeOrExpr) *Type
+// The new built-in function allocates memory. The first argument is a type,
+// not a value, and the value returned is a pointer to a newly
+// allocated zero value of that type.
+func new(Type) *Type
 
 // The complex built-in function constructs a complex value from two
 // floating-point values. The real and imaginary parts must be of the same

package/bin/go/src/crypto/tls/conn.go

@@ -1363,7 +1363,7 @@ func (c *Conn) handleKeyUpdate(keyUpdate *keyUpdateMsg) error {
 	}
 
 	newSecret := cipherSuite.nextTrafficSecret(c.in.trafficSecret)
-	if err := c.setReadTrafficSecret(cipherSuite, QUICEncryptionLevelInitial, newSecret, keyUpdate.updateRequested); err != nil {
+	if err := c.setReadTrafficSecret(cipherSuite, QUICEncryptionLevelInitial, newSecret); err != nil {
 		return err
 	}
 
@@ -1683,16 +1683,12 @@ func (c *Conn) VerifyHostname(host string) error {
 // setReadTrafficSecret sets the read traffic secret for the given encryption level. If
 // being called at the same time as setWriteTrafficSecret, the caller must ensure the call
 // to setWriteTrafficSecret happens first so any alerts are sent at the write level.
-func (c *Conn) setReadTrafficSecret(suite *cipherSuiteTLS13, level QUICEncryptionLevel, secret []byte, locked bool) error {
+func (c *Conn) setReadTrafficSecret(suite *cipherSuiteTLS13, level QUICEncryptionLevel, secret []byte) error {
 	// Ensure that there are no buffered handshake messages before changing the
 	// read keys, since that can cause messages to be parsed that were encrypted
 	// using old keys which are no longer appropriate.
 	if c.hand.Len() != 0 {
-		if locked {
-			c.sendAlertLocked(alertUnexpectedMessage)
-		} else {
-			c.sendAlert(alertUnexpectedMessage)
-		}
+		c.sendAlert(alertUnexpectedMessage)
 		return errors.New("tls: handshake buffer not empty before setting read traffic secret")
 	}
 	c.in.setTrafficSecret(suite, level, secret)

package/bin/go/src/crypto/tls/handshake_client_tls13.go

@@ -492,7 +492,7 @@ func (hs *clientHandshakeStateTLS13) establishHandshakeKeys() error {
 	clientSecret := handshakeSecret.ClientHandshakeTrafficSecret(hs.transcript)
 	c.setWriteTrafficSecret(hs.suite, QUICEncryptionLevelHandshake, clientSecret)
 	serverSecret := handshakeSecret.ServerHandshakeTrafficSecret(hs.transcript)
-	if err := c.setReadTrafficSecret(hs.suite, QUICEncryptionLevelHandshake, serverSecret, false); err != nil {
+	if err := c.setReadTrafficSecret(hs.suite, QUICEncryptionLevelHandshake, serverSecret); err != nil {
 		return err
 	}
 
@@ -711,7 +711,7 @@ func (hs *clientHandshakeStateTLS13) readServerFinished() error {
 
 	hs.trafficSecret = hs.masterSecret.ClientApplicationTrafficSecret(hs.transcript)
 	serverSecret := hs.masterSecret.ServerApplicationTrafficSecret(hs.transcript)
-	if err := c.setReadTrafficSecret(hs.suite, QUICEncryptionLevelApplication, serverSecret, false); err != nil {
+	if err := c.setReadTrafficSecret(hs.suite, QUICEncryptionLevelApplication, serverSecret); err != nil {
 		return err
 	}
 

package/bin/go/src/crypto/tls/handshake_server_tls13.go

@@ -752,7 +752,7 @@ func (hs *serverHandshakeStateTLS13) sendServerParameters() error {
 	serverSecret := hs.handshakeSecret.ServerHandshakeTrafficSecret(hs.transcript)
 	c.setWriteTrafficSecret(hs.suite, QUICEncryptionLevelHandshake, serverSecret)
 	clientSecret := hs.handshakeSecret.ClientHandshakeTrafficSecret(hs.transcript)
-	if err := c.setReadTrafficSecret(hs.suite, QUICEncryptionLevelHandshake, clientSecret, false); err != nil {
+	if err := c.setReadTrafficSecret(hs.suite, QUICEncryptionLevelHandshake, clientSecret); err != nil {
 		return err
 	}
 
@@ -1136,7 +1136,7 @@ func (hs *serverHandshakeStateTLS13) readClientFinished() error {
 		return errors.New("tls: invalid client finished hash")
 	}
 
-	if err := c.setReadTrafficSecret(hs.suite, QUICEncryptionLevelApplication, hs.trafficSecret, false); err != nil {
+	if err := c.setReadTrafficSecret(hs.suite, QUICEncryptionLevelApplication, hs.trafficSecret); err != nil {
 		return err
 	}
 

package/bin/go/src/crypto/x509/constraints.go

@@ -58,11 +58,11 @@ import (
 // of nameConstraintsSet, to handle constraints which define full email
 // addresses (i.e. 'test@example.com'). For bare domain constraints, we use the
 // dnsConstraints type described above, querying the domain portion of the email
-// address. For full email addresses, we also hold a map of email addresses with
-// the domain portion of the email lowercased, since it is case insensitive. When
-// looking up an email address in the constraint set, we first check the full
-// email address map, and if we don't find anything, we check the domain portion
-// of the email address against the dnsConstraints.
+// address. For full email addresses, we also hold a map of email addresses that
+// map the local portion of the email to the domain. When querying full email
+// addresses we then check if the local portion of the email is present in the
+// map, and if so case insensitively compare the domain portion of the
+// email.
 
 type nameConstraintsSet[T *net.IPNet | string, V net.IP | string] struct {
 	set []T
@@ -351,7 +351,6 @@ func newDNSConstraints(l []string, permitted bool) interface{ query(string) (str
 	if !permitted {
 		parentConstraints := map[string]string{}
 		for _, name := range nc.constraints.set {
-			name = strings.ToLower(name)
 			trimmedName := trimFirstLabel(name)
 			if trimmedName == "" {
 				continue
@@ -376,8 +375,7 @@ func (dnc *dnsConstraints) query(s string) (string, bool) {
 		return constraint, true
 	}
 
-	if !dnc.permitted && len(s) > 0 && s[0] == '*' {
-		s = strings.ToLower(s)
+	if !dnc.permitted && s[0] == '*' {
 		trimmed := trimFirstLabel(s)
 		if constraint, found := dnc.parentConstraints[trimmed]; found {
 			return constraint, true
@@ -389,22 +387,16 @@ func (dnc *dnsConstraints) query(s string) (string, bool) {
 type emailConstraints struct {
 	dnsConstraints interface{ query(string) (string, bool) }
 
-	// fullEmails is map of rfc2821Mailboxs that are fully specified in the
-	// constraints, which we need to check for separately since they don't
-	// follow the same matching rules as the domain-based constraints. The
-	// domain portion of the rfc2821Mailbox has been lowercased, since the
-	// domain portion is case insensitive. When checking the map for an email,
-	// the domain portion of the query should also be lowercased.
-	fullEmails map[rfc2821Mailbox]struct{}
+	fullEmails map[string]string
 }
 
 func newEmailConstraints(l []string, permitted bool) interface {
-	query(rfc2821Mailbox) (string, bool)
+	query(parsedEmail) (string, bool)
 } {
 	if len(l) == 0 {
 		return nil
 	}
-	exactMap := map[rfc2821Mailbox]struct{}{}
+	exactMap := map[string]string{}
 	var domains []string
 	for _, c := range l {
 		if !strings.ContainsRune(c, '@') {
@@ -419,8 +411,7 @@ func newEmailConstraints(l []string, permitted bool) interface {
 			// certificate since parsing.
 			continue
 		}
-		parsed.domain = strings.ToLower(parsed.domain)
-		exactMap[parsed] = struct{}{}
+		exactMap[parsed.local] = parsed.domain
 	}
 	ec := &emailConstraints{
 		fullEmails: exactMap,
@@ -431,16 +422,16 @@ func newEmailConstraints(l []string, permitted bool) interface {
 	return ec
 }
 
-func (ec *emailConstraints) query(s rfc2821Mailbox) (string, bool) {
-	if len(ec.fullEmails) > 0 {
-		if _, ok := ec.fullEmails[s]; ok {
-			return fmt.Sprintf("%s@%s", s.local, s.domain), true
+func (ec *emailConstraints) query(s parsedEmail) (string, bool) {
+	if len(ec.fullEmails) > 0 && strings.ContainsRune(s.email, '@') {
+		if domain, ok := ec.fullEmails[s.mailbox.local]; ok && strings.EqualFold(domain, s.mailbox.domain) {
+			return ec.fullEmails[s.email] + "@" + s.mailbox.domain, true
 		}
 	}
 	if ec.dnsConstraints == nil {
 		return "", false
 	}
-	constraint, found := ec.dnsConstraints.query(s.domain)
+	constraint, found := ec.dnsConstraints.query(s.mailbox.domain)
 	return constraint, found
 }
 
@@ -450,7 +441,7 @@ type constraints[T any, V any] struct {
 	excluded       interface{ query(V) (T, bool) }
 }
 
-func checkConstraints[T string | *net.IPNet, V any, P string | net.IP | parsedURI | rfc2821Mailbox](c constraints[T, V], s V, p P) error {
+func checkConstraints[T string | *net.IPNet, V any, P string | net.IP | parsedURI | parsedEmail](c constraints[T, V], s V, p P) error {
 	if c.permitted != nil {
 		if _, found := c.permitted.query(s); !found {
 			return fmt.Errorf("%s %q is not permitted by any constraint", c.constraintType, p)
@@ -468,13 +459,13 @@ type chainConstraints struct {
 	ip    constraints[*net.IPNet, net.IP]
 	dns   constraints[string, string]
 	uri   constraints[string, string]
-	email constraints[string, rfc2821Mailbox]
+	email constraints[string, parsedEmail]
 
 	index int
 	next  *chainConstraints
 }
 
-func (cc *chainConstraints) check(dns []string, uris []parsedURI, emails []rfc2821Mailbox, ips []net.IP) error {
+func (cc *chainConstraints) check(dns []string, uris []parsedURI, emails []parsedEmail, ips []net.IP) error {
 	for _, ip := range ips {
 		if err := checkConstraints(cc.ip, ip, ip); err != nil {
 			return err
@@ -497,8 +488,8 @@ func (cc *chainConstraints) check(dns []string, uris []parsedURI, emails []rfc28
 		}
 	}
 	for _, e := range emails {
-		if !domainNameValid(e.domain, false) {
-			return fmt.Errorf("x509: cannot parse rfc822Name %q", e)
+		if !domainNameValid(e.mailbox.domain, false) {
+			return fmt.Errorf("x509: cannot parse rfc822Name %q", e.mailbox)
 		}
 		if err := checkConstraints(cc.email, e, e); err != nil {
 			return err
@@ -518,7 +509,7 @@ func checkChainConstraints(chain []*Certificate) error {
 			ip:    constraints[*net.IPNet, net.IP]{"IP address", newIPNetConstraints(c.PermittedIPRanges), newIPNetConstraints(c.ExcludedIPRanges)},
 			dns:   constraints[string, string]{"DNS name", newDNSConstraints(c.PermittedDNSDomains, true), newDNSConstraints(c.ExcludedDNSDomains, false)},
 			uri:   constraints[string, string]{"URI", newDNSConstraints(c.PermittedURIDomains, true), newDNSConstraints(c.ExcludedURIDomains, false)},
-			email: constraints[string, rfc2821Mailbox]{"email address", newEmailConstraints(c.PermittedEmailAddresses, true), newEmailConstraints(c.ExcludedEmailAddresses, false)},
+			email: constraints[string, parsedEmail]{"email address", newEmailConstraints(c.PermittedEmailAddresses, true), newEmailConstraints(c.ExcludedEmailAddresses, false)},
 			index: i,
 		}
 		if currentConstraints == nil {
@@ -601,15 +592,24 @@ func parseURIs(uris []*url.URL) ([]parsedURI, error) {
 	return parsed, nil
 }
 
-func parseMailboxes(emails []string) ([]rfc2821Mailbox, error) {
-	parsed := make([]rfc2821Mailbox, 0, len(emails))
+type parsedEmail struct {
+	email   string
+	mailbox *rfc2821Mailbox
+}
+
+func (e parsedEmail) String() string {
+	return e.mailbox.local + "@" + e.mailbox.domain
+}
+
+func parseMailboxes(emails []string) ([]parsedEmail, error) {
+	parsed := make([]parsedEmail, 0, len(emails))
 	for _, email := range emails {
 		mailbox, ok := parseRFC2821Mailbox(email)
 		if !ok {
 			return nil, fmt.Errorf("cannot parse rfc822Name %q", email)
 		}
 		mailbox.domain = strings.ToLower(mailbox.domain)
-		parsed = append(parsed, mailbox)
+		parsed = append(parsed, parsedEmail{strings.ToLower(email), &mailbox})
 	}
 	return parsed, nil
 }

package/bin/go/src/crypto/x509/verify.go

@@ -253,10 +253,6 @@ type rfc2821Mailbox struct {
 	local, domain string
 }
 
-func (s rfc2821Mailbox) String() string {
-	return fmt.Sprintf("%s@%s", s.local, s.domain)
-}
-
 // parseRFC2821Mailbox parses an email address into local and domain parts,
 // based on the ABNF for a “Mailbox” from RFC 2821. According to RFC 5280,
 // Section 4.2.1.6 that's correct for an rfc822Name from a certificate: “The
@@ -720,8 +716,6 @@ func alreadyInChain(candidate *Certificate, chain []*Certificate) bool {
 // for failed checks due to different intermediates having the same Subject.
 const maxChainSignatureChecks = 100
 
-var errSignatureLimit = errors.New("x509: signature check attempts limit reached while verifying certificate chain")
-
 func (c *Certificate) buildChains(currentChain []*Certificate, sigChecks *int, opts *VerifyOptions) (chains [][]*Certificate, err error) {
 	var (
 		hintErr  error
@@ -729,16 +723,16 @@ func (c *Certificate) buildChains(currentChain []*Certificate, sigChecks *int, o
 	)
 
 	considerCandidate := func(certType int, candidate potentialParent) {
+		if candidate.cert.PublicKey == nil || alreadyInChain(candidate.cert, currentChain) {
+			return
+		}
+
 		if sigChecks == nil {
 			sigChecks = new(int)
 		}
 		*sigChecks++
 		if *sigChecks > maxChainSignatureChecks {
-			err = errSignatureLimit
-			return
-		}
-
-		if candidate.cert.PublicKey == nil || alreadyInChain(candidate.cert, currentChain) {
+			err = errors.New("x509: signature check attempts limit reached while verifying certificate chain")
 			return
 		}
 
@@ -779,20 +773,11 @@ func (c *Certificate) buildChains(currentChain []*Certificate, sigChecks *int, o
 		}
 	}
 
-candidateLoop:
-	for _, parents := range []struct {
-		certType   int
-		potentials []potentialParent
-	}{
-		{rootCertificate, opts.Roots.findPotentialParents(c)},
-		{intermediateCertificate, opts.Intermediates.findPotentialParents(c)},
-	} {
-		for _, parent := range parents.potentials {
-			considerCandidate(parents.certType, parent)
-			if err == errSignatureLimit {
-				break candidateLoop
-			}
-		}
+	for _, root := range opts.Roots.findPotentialParents(c) {
+		considerCandidate(rootCertificate, root)
+	}
+	for _, intermediate := range opts.Intermediates.findPotentialParents(c) {
+		considerCandidate(intermediateCertificate, intermediate)
 	}
 
 	if len(chains) > 0 {
@@ -1295,12 +1280,12 @@ func policiesValid(chain []*Certificate, opts VerifyOptions) bool {
 						} else {
 							// 6.1.4 (b) (3) (i) -- as updated by RFC 9618
 							pg.deleteLeaf(mapping.IssuerDomainPolicy)
+
+							// 6.1.4 (b) (3) (ii) -- as updated by RFC 9618
+							pg.prune()
 						}
 					}
 
-					// 6.1.4 (b) (3) (ii) -- as updated by RFC 9618
-					pg.prune()
-
 					for issuerStr, subjectPolicies := range mappings {
 						// 6.1.4 (b) (1) -- as updated by RFC 9618
 						if matching := pg.leafWithPolicy(OID{der: []byte(issuerStr)}); matching != nil {

package/bin/go/src/html/template/attr_string.go

@@ -14,12 +14,11 @@ func _() {
 	_ = x[attrStyle-3]
 	_ = x[attrURL-4]
 	_ = x[attrSrcset-5]
-	_ = x[attrMetaContent-6]
 }
 
-const _attr_name = "attrNoneattrScriptattrScriptTypeattrStyleattrURLattrSrcsetattrMetaContent"
+const _attr_name = "attrNoneattrScriptattrScriptTypeattrStyleattrURLattrSrcset"
 
-var _attr_index = [...]uint8{0, 8, 18, 32, 41, 48, 58, 73}
+var _attr_index = [...]uint8{0, 8, 18, 32, 41, 48, 58}
 
 func (i attr) String() string {
 	if i >= attr(len(_attr_index)-1) {

package/bin/go/src/html/template/context.go

@@ -6,7 +6,6 @@ package template
 
 import (
 	"fmt"
-	"slices"
 	"text/template/parse"
 )
 
@@ -38,7 +37,7 @@ func (c context) String() string {
 	if c.err != nil {
 		err = c.err
 	}
-	return fmt.Sprintf("{%v %v %v %v %v %v %v %v}", c.state, c.delim, c.urlPart, c.jsCtx, c.jsBraceDepth, c.attr, c.element, err)
+	return fmt.Sprintf("{%v %v %v %v %v %v %v}", c.state, c.delim, c.urlPart, c.jsCtx, c.attr, c.element, err)
 }
 
 // eq reports whether two contexts are equal.
@@ -47,7 +46,6 @@ func (c context) eq(d context) bool {
 		c.delim == d.delim &&
 		c.urlPart == d.urlPart &&
 		c.jsCtx == d.jsCtx &&
-		slices.Equal(c.jsBraceDepth, d.jsBraceDepth) &&
 		c.attr == d.attr &&
 		c.element == d.element &&
 		c.err == d.err
@@ -70,9 +68,6 @@ func (c context) mangle(templateName string) string {
 	if c.jsCtx != jsCtxRegexp {
 		s += "_" + c.jsCtx.String()
 	}
-	if c.jsBraceDepth != nil {
-		s += fmt.Sprintf("_jsBraceDepth(%v)", c.jsBraceDepth)
-	}
 	if c.attr != attrNone {
 		s += "_" + c.attr.String()
 	}
@@ -82,13 +77,6 @@ func (c context) mangle(templateName string) string {
 	return s
 }
 
-// clone returns a copy of c with the same field values.
-func (c context) clone() context {
-	clone := c
-	clone.jsBraceDepth = slices.Clone(c.jsBraceDepth)
-	return clone
-}
-
 // state describes a high-level HTML parser state.
 //
 // It bounds the top of the element stack, and by extension the HTML insertion
@@ -168,10 +156,6 @@ const (
 	// stateError is an infectious error state outside any valid
 	// HTML/CSS/JS construct.
 	stateError
-	// stateMetaContent occurs inside a HTML meta element content attribute.
-	stateMetaContent
-	// stateMetaContentURL occurs inside a "url=" tag in a HTML meta element content attribute.
-	stateMetaContentURL
 	// stateDead marks unreachable code after a {{break}} or {{continue}}.
 	stateDead
 )
@@ -283,8 +267,6 @@ const (
 	elementTextarea
 	// elementTitle corresponds to the RCDATA <title> element.
 	elementTitle
-	// elementMeta corresponds to the HTML <meta> element.
-	elementMeta
 )
 
 //go:generate stringer -type attr
@@ -306,6 +288,4 @@ const (
 	attrURL
 	// attrSrcset corresponds to a srcset attribute.
 	attrSrcset
-	// attrMetaContent corresponds to the content attribute in meta HTML element.
-	attrMetaContent
 )

package/bin/go/src/html/template/element_string.go

@@ -13,12 +13,11 @@ func _() {
 	_ = x[elementStyle-2]
 	_ = x[elementTextarea-3]
 	_ = x[elementTitle-4]
-	_ = x[elementMeta-5]
 }
 
-const _element_name = "elementNoneelementScriptelementStyleelementTextareaelementTitleelementMeta"
+const _element_name = "elementNoneelementScriptelementStyleelementTextareaelementTitle"
 
-var _element_index = [...]uint8{0, 11, 24, 36, 51, 63, 74}
+var _element_index = [...]uint8{0, 11, 24, 36, 51, 63}
 
 func (i element) String() string {
 	if i >= element(len(_element_index)-1) {

package/bin/go/src/html/template/escape.go

@@ -166,8 +166,6 @@ func (e *escaper) escape(c context, n parse.Node) context {
 
 var debugAllowActionJSTmpl = godebug.New("jstmpllitinterp")
 
-var htmlmetacontenturlescape = godebug.New("htmlmetacontenturlescape")
-
 // escapeAction escapes an action template node.
 func (e *escaper) escapeAction(c context, n *parse.ActionNode) context {
 	if len(n.Pipe.Decl) != 0 {
@@ -225,18 +223,6 @@ func (e *escaper) escapeAction(c context, n *parse.ActionNode) context {
 		default:
 			panic(c.urlPart.String())
 		}
-	case stateMetaContent:
-		// Handled below in delim check.
-	case stateMetaContentURL:
-		if htmlmetacontenturlescape.Value() != "0" {
-			s = append(s, "_html_template_urlfilter")
-		} else {
-			// We don't have a great place to increment this, since it's hard to
-			// know if we actually escape any urls in _html_template_urlfilter,
-			// since it has no information about what context it is being
-			// executed in etc. This is probably the best we can do.
-			htmlmetacontenturlescape.IncNonDefault()
-		}
 	case stateJS:
 		s = append(s, "_html_template_jsvalescaper")
 		// A slash after a value starts a div operator.
@@ -523,7 +509,7 @@ func (e *escaper) escapeBranch(c context, n *parse.BranchNode, nodeName string)
 	if nodeName == "range" {
 		e.rangeContext = &rangeContext{outer: e.rangeContext}
 	}
-	c0 := e.escapeList(c.clone(), n.List)
+	c0 := e.escapeList(c, n.List)
 	if nodeName == "range" {
 		if c0.state != stateError {
 			c0 = joinRange(c0, e.rangeContext)
@@ -554,7 +540,7 @@ func (e *escaper) escapeBranch(c context, n *parse.BranchNode, nodeName string)
 			return c0
 		}
 	}
-	c1 := e.escapeList(c.clone(), n.ElseList)
+	c1 := e.escapeList(c, n.ElseList)
 	return join(c0, c1, n, nodeName)
 }
 

package/bin/go/src/html/template/state_string.go

@@ -36,14 +36,12 @@ func _() {
 	_ = x[stateCSSBlockCmt-25]
 	_ = x[stateCSSLineCmt-26]
 	_ = x[stateError-27]
-	_ = x[stateMetaContent-28]
-	_ = x[stateMetaContentURL-29]
-	_ = x[stateDead-30]
+	_ = x[stateDead-28]
 }
 
-const _state_name = "stateTextstateTagstateAttrNamestateAfterNamestateBeforeValuestateHTMLCmtstateRCDATAstateAttrstateURLstateSrcsetstateJSstateJSDqStrstateJSSqStrstateJSTmplLitstateJSRegexpstateJSBlockCmtstateJSLineCmtstateJSHTMLOpenCmtstateJSHTMLCloseCmtstateCSSstateCSSDqStrstateCSSSqStrstateCSSDqURLstateCSSSqURLstateCSSURLstateCSSBlockCmtstateCSSLineCmtstateErrorstateMetaContentstateMetaContentURLstateDead"
+const _state_name = "stateTextstateTagstateAttrNamestateAfterNamestateBeforeValuestateHTMLCmtstateRCDATAstateAttrstateURLstateSrcsetstateJSstateJSDqStrstateJSSqStrstateJSTmplLitstateJSRegexpstateJSBlockCmtstateJSLineCmtstateJSHTMLOpenCmtstateJSHTMLCloseCmtstateCSSstateCSSDqStrstateCSSSqStrstateCSSDqURLstateCSSSqURLstateCSSURLstateCSSBlockCmtstateCSSLineCmtstateErrorstateDead"
 
-var _state_index = [...]uint16{0, 9, 17, 30, 44, 60, 72, 83, 92, 100, 111, 118, 130, 142, 156, 169, 184, 198, 216, 235, 243, 256, 269, 282, 295, 306, 322, 337, 347, 363, 382, 391}
+var _state_index = [...]uint16{0, 9, 17, 30, 44, 60, 72, 83, 92, 100, 111, 118, 130, 142, 156, 169, 184, 198, 216, 235, 243, 256, 269, 282, 295, 306, 322, 337, 347, 356}
 
 func (i state) String() string {
 	if i >= state(len(_state_index)-1) {