go recently received a security upgrade to 1.12.8 (f4894bf9) this
upgrade fixes various CVEs in go standard libraries, for instance in
HTTP/2 functionality. Since go is statically linked packages using this
functionality need to be rebuild.
This reverts commit 086595299761c604747f7ed0fc7ecabe6fc365b1.
This aport downloads dependencies from internet without any
verification ("go get"), i.e. the build is not deterministic.
This is considered as a very bad practice and it's not acceptable
for Alpine packages.
