Google commissioned Trail of Bits to audit Go's cryptography packages, resulting in one low-severity finding related to memory management in the legacy Go+BoringCrypto integration and several informational findings about potential timing side-channels. The audit confirms the security of Go's cryptography libraries and highlights ongoing improvements, including a new FIPS 140-3 mode and post-quantum cryptography support.