rspec/rules/S4423/go/how-to-fix-it/stdlib.adoc

== How to fix it in Go Standard Library

=== Code examples

==== Noncompliant code example

For HTTP clients:

[source,go,diff-id=1,diff-type=noncompliant]
----
import (
    "net/http"
)

func main() {
    client := &http.Client{
        Transport: &http.Transport{
            TLSClientConfig: &tls.Config{
                MinVersion: tls.VersionTLS10, // Noncompliant
            },
        },
    }
    resp, err := client.Get("https://www.example.com")
    if err != nil {
        panic(err)
    }
    defer resp.Body.Close()
}
----

==== Compliant solution

For HTTP clients:

[source,go,diff-id=1,diff-type=compliant]
----
import (
    "net/http"
)

func main() {
    // TLS 1.2 is the default minimal version for HTTP clients
    resp, err := http.Get("https://www.example.com")
    if err != nil {
        panic(err)
    }
    defer resp.Body.Close()
}
----


=== How does this work?

include::../../common/fix/fix.adoc[]