Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cmd/go: show why indirect dependencies are needed #26620

Closed
gregory-m opened this issue Jul 26, 2018 · 8 comments
Closed

cmd/go: show why indirect dependencies are needed #26620

gregory-m opened this issue Jul 26, 2018 · 8 comments
Labels
FrozenDueToAge modules NeedsFix The path to resolution is known, but the work has not been done.
Milestone
Go1.11

Comments

@gregory-m
Copy link
Contributor

What version of Go are you using (go version)?

go version go1.11beta2 darwin/amd64

What did you do?

⇢ $ cat main.go
package main

import "github.com/aws/aws-sdk-go/service/s3"

func main() {
}

⇢ $ go1.11beta2 mod -init && go1.11beta2 mod -sync
go: creating new go.mod: module github.com/gregory-m/mod-test
go: finding github.com/aws/aws-sdk-go/service/s3 latest
go: finding github.com/aws/aws-sdk-go/service latest
go: finding github.com/smartystreets/goconvey/convey latest
go: finding github.com/stretchr/testify/assert latest
go: finding github.com/smartystreets/goconvey latest
go: finding golang.org/x/net/http2 latest
go: finding golang.org/x/net latest
go: finding github.com/davecgh/go-spew/spew latest
go: finding github.com/pmezard/go-difflib/difflib latest
go: finding github.com/smartystreets/assertions latest
go: finding golang.org/x/text/unicode/bidi latest
go: finding golang.org/x/text/unicode/norm latest
go: finding golang.org/x/text/unicode latest
go: finding golang.org/x/text/secure/bidirule latest
go: finding golang.org/x/text/secure latest
go: finding github.com/gopherjs/gopherjs/js latest
go: finding github.com/gopherjs/gopherjs latest

⇢ $ cat go.mod
module github.com/gregory-m/mod-test

require (
	github.com/aws/aws-sdk-go v1.14.33
	github.com/davecgh/go-spew v1.1.0 // indirect
	github.com/gopherjs/gopherjs v0.0.0-20180628210949-0892b62f0d9f // indirect
	github.com/jtolds/gls v4.2.1+incompatible // indirect
	github.com/pmezard/go-difflib v1.0.0 // indirect
	github.com/smartystreets/assertions v0.0.0-20180725160413-e900ae048470 // indirect
	github.com/smartystreets/goconvey v0.0.0-20180222194500-ef6db91d284a // indirect
	github.com/stretchr/testify v1.2.2 // indirect
	golang.org/x/net v0.0.0-20180724234803-3673e40ba225 // indirect
	golang.org/x/text v0.3.0 // indirect
)

⇢ $ go1.11beta2 mod -graph
github.com/gregory-m/mod-test github.com/aws/aws-sdk-go@v1.14.33
github.com/gregory-m/mod-test github.com/davecgh/go-spew@v1.1.0
github.com/gregory-m/mod-test github.com/go-ini/ini@v1.25.4
github.com/gregory-m/mod-test github.com/gopherjs/gopherjs@v0.0.0-20180628210949-0892b62f0d9f
github.com/gregory-m/mod-test github.com/jmespath/go-jmespath@v0.0.0-20160202185014-0b12d6b521d8
github.com/gregory-m/mod-test github.com/jtolds/gls@v4.2.1+incompatible
github.com/gregory-m/mod-test github.com/pmezard/go-difflib@v1.0.0
github.com/gregory-m/mod-test github.com/smartystreets/assertions@v0.0.0-20180725160413-e900ae048470
github.com/gregory-m/mod-test github.com/smartystreets/goconvey@v0.0.0-20180222194500-ef6db91d284a
github.com/gregory-m/mod-test github.com/stretchr/testify@v1.2.2
github.com/gregory-m/mod-test golang.org/x/net@v0.0.0-20180724234803-3673e40ba225
github.com/gregory-m/mod-test golang.org/x/text@v0.3.0
github.com/aws/aws-sdk-go@v1.14.33 github.com/go-ini/ini@v1.25.4
github.com/aws/aws-sdk-go@v1.14.33 github.com/jmespath/go-jmespath@v0.0.0-20160202185014-0b12d6b521d8

What did you expect to see?

Reason why gopherjs or any other indirect dependency added to mod file.

What did you see instead?

No simple way to understand why indirect dependencies added to mod file.
@oiooj oiooj added the modules label Jul 26, 2018
@bcmills
Copy link
Contributor

bcmills commented Jul 26, 2018

The -pgraph flag that @rsc mentioned in #26581 (comment) should address this, I think.

@bcmills bcmills added the NeedsFix The path to resolution is known, but the work has not been done. label Jul 26, 2018
@bcmills bcmills added this to the Go1.11 milestone Jul 26, 2018
@bcmills bcmills changed the title cmd/go mod -graph does not show why indirect dependencies introduced cmd/go: show why indirect dependencies are needed Jul 26, 2018
@flibustenet
Copy link

Since go.mod is versioned it could be fine to record the origin of the indirect dependencies directly in the comments

// indirect from ... (and ... and ...)

@bcmills
Copy link
Contributor

bcmills commented Jul 26, 2018

For builds involving a lot of packages that could get pretty ungainly, and it would potentially add a lot of unnecessary diffs as the set of packages changes over time.

@pwaller
Copy link
Contributor

pwaller commented Aug 2, 2018

Hm. The current behaviour looks quite broken to me, I can't explain the output of this. Is it because the vast majority of the packages don't have their own concrete mod files yet?

It's confusing that it shows all of these as hanoverd imports - in reality hanoverd only imports a couple of packages, including docker, which results in quite a large tree.

But then, gopkg.in/yaml.v2@v2.2.1 gets its own line presumably because it is the only one with a mod file?

Output of `go mod graph` 
github.com/sensiblecodeio/hanoverd github.com/Azure/go-ansiterm@v0.0.0-20170929234023-d6e3b3328b78
github.com/sensiblecodeio/hanoverd github.com/Microsoft/go-winio@v0.4.9
github.com/sensiblecodeio/hanoverd github.com/Nvveen/Gotty@v0.0.0-20120604004816-cd527374f1e5
github.com/sensiblecodeio/hanoverd github.com/codegangsta/cli@v1.20.0
github.com/sensiblecodeio/hanoverd github.com/containerd/continuity@v0.0.0-20180712174259-0377f7d76720
github.com/sensiblecodeio/hanoverd github.com/davecgh/go-spew@v1.1.0
github.com/sensiblecodeio/hanoverd github.com/docker/distribution@v0.0.0-20180720172123-0dae0957e5fe
github.com/sensiblecodeio/hanoverd github.com/docker/docker@v0.0.0-20180802135125-75fe41444009
github.com/sensiblecodeio/hanoverd github.com/docker/go-connections@v0.4.0
github.com/sensiblecodeio/hanoverd github.com/docker/go-units@v0.3.3
github.com/sensiblecodeio/hanoverd github.com/fsnotify/fsnotify@v1.4.7
github.com/sensiblecodeio/hanoverd github.com/gogo/protobuf@v1.1.1
github.com/sensiblecodeio/hanoverd github.com/golang/glog@v0.0.0-20160126235308-23def4e6c14b
github.com/sensiblecodeio/hanoverd github.com/golang/protobuf@v1.1.0
github.com/sensiblecodeio/hanoverd github.com/google/go-cmp@v0.2.0
github.com/sensiblecodeio/hanoverd github.com/gorilla/context@v1.1.1
github.com/sensiblecodeio/hanoverd github.com/gorilla/mux@v1.6.2
github.com/sensiblecodeio/hanoverd github.com/gorilla/websocket@v1.2.0
github.com/sensiblecodeio/hanoverd github.com/hpcloud/tail@v1.0.0
github.com/sensiblecodeio/hanoverd github.com/onsi/ginkgo@v1.6.0
github.com/sensiblecodeio/hanoverd github.com/onsi/gomega@v1.4.1
github.com/sensiblecodeio/hanoverd github.com/opencontainers/go-digest@v1.0.0-rc1
github.com/sensiblecodeio/hanoverd github.com/opencontainers/image-spec@v1.0.1
github.com/sensiblecodeio/hanoverd github.com/opencontainers/runc@v0.1.1
github.com/sensiblecodeio/hanoverd github.com/pkg/errors@v0.8.0
github.com/sensiblecodeio/hanoverd github.com/pmezard/go-difflib@v1.0.0
github.com/sensiblecodeio/hanoverd github.com/pwaller/barrier@v0.0.0-20161028091350-01ce0af009bb
github.com/sensiblecodeio/hanoverd github.com/sensiblecodeio/git-prep-directory@v0.0.0-20180712161016-0daf5738b16c
github.com/sensiblecodeio/hanoverd github.com/sensiblecodeio/hookbot@v0.0.0-20180702152317-dc721930501d
github.com/sensiblecodeio/hanoverd github.com/sirupsen/logrus@v1.0.6
github.com/sensiblecodeio/hanoverd github.com/stretchr/testify@v1.2.2
github.com/sensiblecodeio/hanoverd github.com/vaughan0/go-ini@v0.0.0-20130923145212-a98ad7ee00ec
github.com/sensiblecodeio/hanoverd golang.org/x/crypto@v0.0.0-20180723164146-c126467f60eb
github.com/sensiblecodeio/hanoverd golang.org/x/net@v0.0.0-20180801234040-f4c29de78a2a
github.com/sensiblecodeio/hanoverd golang.org/x/sync@v0.0.0-20180314180146-1d60e4601c6f
github.com/sensiblecodeio/hanoverd golang.org/x/sys@v0.0.0-20180801221139-3dc4335d56c7
github.com/sensiblecodeio/hanoverd golang.org/x/text@v0.3.0
github.com/sensiblecodeio/hanoverd golang.org/x/time@v0.0.0-20180412165947-fbb02b2291d2
github.com/sensiblecodeio/hanoverd google.golang.org/genproto@v0.0.0-20180731170733-daca94659cb5
github.com/sensiblecodeio/hanoverd google.golang.org/grpc@v1.14.0
github.com/sensiblecodeio/hanoverd gopkg.in/airbrake/gobrake.v2@v2.0.9
github.com/sensiblecodeio/hanoverd gopkg.in/fsnotify.v1@v1.4.7
github.com/sensiblecodeio/hanoverd gopkg.in/gemnasium/logrus-airbrake-hook.v2@v2.1.2
github.com/sensiblecodeio/hanoverd gopkg.in/tomb.v1@v1.0.0-20141024135613-dd632973f1e7
github.com/sensiblecodeio/hanoverd gopkg.in/yaml.v2@v2.2.1
github.com/sensiblecodeio/hanoverd gotest.tools@v2.1.0+incompatible
gopkg.in/yaml.v2@v2.2.1 gopkg.in/check.v1@v0.0.0-20161208181325-20d25e280405

@bcmills
Copy link
Contributor

bcmills commented Aug 2, 2018

Is it because the vast majority of the packages don't have their own concrete mod files yet?

I think so, yes. Was github.com/sensiblecodeio/hanoverd the main module in that invocation?

@pwaller
Copy link
Contributor

pwaller commented Aug 2, 2018

Yes.

@gopherbot
Copy link

Change https://golang.org/cl/128359 mentions this issue: cmd/go: add go mod why

@pwaller
Copy link
Contributor

pwaller commented Aug 8, 2018

@rsc: I'm concerned that the above CL might not actually fix the issue presented.

I understand there are two things going on, (1) you are addressing, and (2) not obviously?

  1. That there is the module+package graph, which go mod why is intended to explore.

  2. If I understand the outputs and my experience above correctly, -graph is not reporting edges in the module graph.

It's perhaps not explicitly clear, but in the outputs of -graph presented by the original issue and in my comment, -graph is attributing a huge swathe of dependencies to github.com/gregory-m/mod-test (OP) and github.com/sensiblecodeio/hanoverd (mine), when actually they are indirect dependencies. The only other edges shown appear to be for repositories which have physical .mod files.

I'd expect this is intended to be shown in -graph, but understand it is not currently?

@golang golang locked and limited conversation to collaborators Aug 10, 2019
@rsc rsc removed their assignment Jun 23, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge modules NeedsFix The path to resolution is known, but the work has not been done.
Projects
None yet
Milestone
Go1.11
Development

No branches or pull requests
7 participants
@rsc @gregory-m @pwaller @oiooj @bcmills @flibustenet @gopherbot