cmd/go: don't error out due to inconsistent requirements in -mod=readonly mode if the 'go' version is higher than the toolchain in use #46137
Comments
bcmills
added
NeedsFix
|
@gopherbot, please backport to Go 1.15 and 1.16. This change should be relatively uninvasive, and will allow users on those releases to more smoothly interoperate with users on Go 1.17. |
|
Backport issue(s) opened: #46138 (for 1.15), #46139 (for 1.16), #46140 (for 1.17). Remember to create the cherry-pick CL(s) as soon as the patch is submitted to master, according to https://golang.org/wiki/MinorReleases. |
|
In the meantime, note that users on The first step will convert the module back to Go 1.16, incorporating any otherwise-pruned-out dependencies, and the second step will add back the indirect dependencies needed to maintain Go 1.17 completeness invariants. |
bcmills
added
the
NeedsInvestigation
gopherbot
removed
the
NeedsFix
|
I'm not 100% certain that we should actually do this. #46141 will make it so that the sequence produces a set of module requirements that are consistent with Go 1.16, retains checksums needed by Go 1.16, and also maintains the invariants needed by Go 1.17 (enabling module graph pruning and lazy loading). Given that, maybe it's better for Go 1.16 to explicit error out if it would use requirements that are different from those explicitly listed in the 1.17 |
bcmills
added
the
NeedsDecision
gopherbot
removed
the
NeedsInvestigation
|
On further consideration, I think we should not do this. The choice to use a different set of versions from what is clearly intended by the Instead, we should provide some command in |
There is an interesting wrinkle in the upgrade path to lazy module loading in Go 1.17 (#36460), illustrated in this example:
gotip run .shows that the program is successfully built against the declared version ofgolang.org/x/text(v0.3.0):$ gotip run .{ "Path": "example.com/m", "Main": { "Path": "example.com/m", "Version": "(devel)", "Sum": "", "Replace": null }, "Deps": [ { "Path": "golang.org/x/text", "Version": "v0.3.0", "Sum": "h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=", "Replace": null }, { "Path": "golang.org/x/tools", "Version": "v0.1.1", "Sum": "h1:wGiQel/hW0NnEkJUk8lbzkX2gFJU6PFxf1v5OlCfuOs=", "Replace": null } ] }go1.16.4 run .with Go 1.16.4, on the other hand, errors out:$ go1.16.4 run .go: example.com/m: package golang.org/x/text/number imported from implicitly required module; to add missing requirements, run: go get golang.org/x/text/number@v0.3.3And
go1.15.12 run .successfully builds, but against a different version ofx/text(v0.3.3instead ofv0.3.0):$ go1.15.12 run .{ "Path": "example.com/m", "Main": { "Path": "example.com/m", "Version": "(devel)", "Sum": "", "Replace": null }, "Deps": [ { "Path": "golang.org/x/text", "Version": "v0.3.3", "Sum": "h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=", "Replace": null }, { "Path": "golang.org/x/tools", "Version": "v0.1.1", "Sum": "h1:wGiQel/hW0NnEkJUk8lbzkX2gFJU6PFxf1v5OlCfuOs=", "Replace": null } ] }These differences are because:
Go 1.17 prunes out the dependencies of
golang.org/x/net, which is required indirectly bygolang.org/x/tools, because no package relevant to the main module imports anything fromgolang.org/x/net.Go 1.16.4 includes the dependencies of
golang.org/x/net, and notices that the selected version ofgolang.org/x/textis different from what is listed in thego.modfile. Since Go 1.16 defaults to-mod=readonly(cmd/go: default to & improve -mod=readonly #40728), it cannot change thego.modfile to restore consistency, and so it errors out.Go 1.15.12 includes the dependencies of
golang.org/x/net, but defaults to-mod=mod, so it happily overwrites thego.modfile to restore what it sees as “consistent”, and then builds using the updated requirements.$ gotip mod graph$ go1.16.4 mod graphTo some extent this is working as intended: part of the point of lazy loading is to allow users to more easily upgrade away from transitive dependencies on cyclic, retracted, irretrievable, or otherwise broken module versions that are not otherwise relevant to the main module, so it should not be surprising that the transitive dependencies change between
go1.16.4andgotip.We would like Go users who are actively developing with a mix of Go 1.16 and Go 1.17 to be able to continue to do so, as long as they only run
go mod tidyusing the version listed in the module'sgodirective or higher.To make that work, we plan to change the
gocommand so that inconsistent requirements in the main module'sgo.modfile are not treated as an error in-mod=readonlymode if thegoversion in thatgo.modfile is higher than the version of thegocommand in use.We can then backport (really, reimplement) that change in upcoming minor releases of Go 1.15 and Go 1.16, so that users still on those versions can continue to use them in
go 1.17modules inreadonlymode.The text was updated successfully, but these errors were encountered: