Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cmd/go: symbolic links not dropped from repo #27093

Closed
rogpeppe opened this issue Aug 20, 2018 · 8 comments
Closed

cmd/go: symbolic links not dropped from repo #27093

rogpeppe opened this issue Aug 20, 2018 · 8 comments
Labels
FrozenDueToAge modules NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
Go1.12

Comments

@rogpeppe
Copy link
Contributor 

go version go1.11rc1 linux/amd64

The zip unarchiving used by cmd/go/internal/modfetch does not respect
symbolic links or file modes. This means that if there's a test directory that
contains symlinks or executable files (e.g. shell scripts) and there are
tests that rely on those properties, they will fail when the module is
a dependency and tests are run on it (for example with go test all).

Currently a symbolic link is treated as a plain file - it is unarchived as a normal
file with the symbolic link as its contents, which seems wrong even if we
decide not to support symlinks in modules. Similarly, the module
content hash check will treat a symbolic link identically to a regular file.
@dsnet
Copy link
Member

dsnet commented Aug 20, 2018

Per #24057 (comment), I think this is working as intended.

@rogpeppe
Copy link
Contributor Author

@dsnet Thanks a lot for that link - I hadn't seen that. Given that's a deliberate decision, I'm fine with it (very happy actually), but I do think that somewhere you should at least get some error or warning that your symbolic link has been silently turned into a plain file.

@rogpeppe rogpeppe changed the title cmd/go: symbolic links and executable files are not preserved in modules cmd/go: symbolic links in modules are silently turned into plain files Aug 20, 2018
@rsc
Copy link
Contributor

rsc commented Aug 21, 2018

Can you please give an example? Symbolic links are supposed to be silently elided from the underlying version control repo. It sounds like one of the converters is including them in the archive incorrectly.

@rsc rsc changed the title cmd/go: symbolic links in modules are silently turned into plain files cmd/go: symbolic links not dropped from repo Aug 21, 2018
@rsc rsc added this to the Go1.12 milestone Aug 21, 2018
@rogpeppe
Copy link
Contributor Author

See this repo: https://github.com/rogpeppe/test2
The tests directory in the top-level module has a symlink in it which is not elided on import.

@bcmills bcmills added the NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. label Nov 15, 2018
@bcmills bcmills self-assigned this Nov 15, 2018
@rsc
Copy link
Contributor

rsc commented Nov 20, 2018

Good candidate for backport once we fix it. Probably git archive is putting symlinks into the zip and I didn't realize that was a thing that would need to be filtered out.

@gopherbot
Copy link
Contributor

Change https://golang.org/cl/153819 mentions this issue: cmd/go/internal/modfetch: skip symlinks in (*coderepo).Zip

@bcmills
Copy link
Contributor

bcmills commented Dec 12, 2018

@gopherbot, please backport to Go 1.11: incorrect module contents produce incorrect go.sum entries, and the fix is tiny.

@gopherbot gopherbot mentioned this issue Dec 12, 2018
Closed
@gopherbot
Copy link
Contributor

Backport issue(s) opened: #29191 (for 1.11).

Remember to create the cherry-pick CL(s) as soon as the patch is submitted to master, according to https://golang.org/wiki/MinorReleases.

@bcmills bcmills mentioned this issue Dec 15, 2018
Closed
@ALTree ALTree mentioned this issue Dec 15, 2018
Closed
@calmh calmh mentioned this issue Dec 18, 2018
Closed
@nat-henderson nat-henderson mentioned this issue Jan 25, 2019
Merged
@sagikazarmark sagikazarmark mentioned this issue Jan 25, 2019
Merged
@zheng1 zheng1 mentioned this issue Jan 25, 2019
Closed
bep pushed a commit to spf13/viper that referenced this issue Jan 27, 2019
@sagikazarmark @bep
Update go.sum with go1.11.4
d104d25 
In Go 1.11.4 a bug was fixed related to checksum calculation.
As a result, some packages might end up with a different checksum
from this version. The solution is upgrading, cleaning the mod cache
and recalculating the go.sum file.

See golang/go#27093
@radeksimko radeksimko mentioned this issue Jan 29, 2019
Merged
@d-kuro d-kuro mentioned this issue Jan 29, 2019
Closed
@pawanrawal pawanrawal mentioned this issue Jan 31, 2019
Open
@schroederc schroederc mentioned this issue Feb 7, 2019
Merged
Rafiot added a commit to Rafiot/phishdetect that referenced this issue Feb 12, 2019
@Rafiot
fix: Checksum error with docker dep
0936d82 
See: golang/go#27093
@Rafiot Rafiot mentioned this issue Feb 12, 2019
Closed
@ChrisHines ChrisHines mentioned this issue Feb 16, 2019
Closed
@bcmills bcmills mentioned this issue Feb 23, 2019
Closed
josephtfrank pushed a commit to SpectraLogic/viper that referenced this issue Feb 26, 2019
@sagikazarmark @bep
Update go.sum with go1.11.4
d58b73e 
In Go 1.11.4 a bug was fixed related to checksum calculation.
As a result, some packages might end up with a different checksum
from this version. The solution is upgrading, cleaning the mod cache
and recalculating the go.sum file.

See golang/go#27093
@dlespiau dlespiau mentioned this issue Mar 22, 2019
Merged
fho added a commit to simplesurance/baur that referenced this issue Mar 27, 2019
@fho
vendor: update go-dockerclient to v1.3.6
cb85a6d 
A checksum in the go.sum file of go-dockerclient was corrupt because of
golang/go#27093.
Update to go-dockerclient 1.3.6.

This fixes:
	go: downloading github.com/docker/docker v0.7.3-0.20180827131323-0c5f8d2b9b23
	verifying github.com/docker/docker@v0.7.3-0.20180827131323-0c5f8d2b9b23: checksum mismatch
		downloaded: h1:mJtkfC9RUrUWHMk0cFDNhVoc9U3k2FRAzEZ+5pqSIHo=
		go.sum:     h1:Zl/9mUfPbYbnv895OXx9WfxPjwqSZHohuZzVcjJ5QPQ=

Thanks to Daniel Rossbach for reporting the issue.
fho added a commit to simplesurance/baur that referenced this issue Mar 27, 2019
@fho
vendor: update go-dockerclient to v1.3.6
c391a46 
A checksum in the go.sum file of go-dockerclient was corrupt because of
golang/go#27093.
Update to go-dockerclient 1.3.6.

This fixes:
	go: downloading github.com/docker/docker v0.7.3-0.20180827131323-0c5f8d2b9b23
	verifying github.com/docker/docker@v0.7.3-0.20180827131323-0c5f8d2b9b23: checksum mismatch
		downloaded: h1:mJtkfC9RUrUWHMk0cFDNhVoc9U3k2FRAzEZ+5pqSIHo=
		go.sum:     h1:Zl/9mUfPbYbnv895OXx9WfxPjwqSZHohuZzVcjJ5QPQ=

Thanks to Daniel Rossbach for reporting the issue.
@creachadair creachadair mentioned this issue Apr 3, 2019
Merged
@bcmills bcmills mentioned this issue May 15, 2019
Closed
@golang golang locked and limited conversation to collaborators Dec 12, 2019
@rsc rsc unassigned bcmills Jun 23, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge modules NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Projects
None yet
Milestone
Go1.12
Development

No branches or pull requests
5 participants
@rogpeppe @rsc @bcmills @dsnet @gopherbot