Closed
Description
What did you do?
Consider this simple test app:
package main
import (
"fmt"
"time"
"github.com/jinzhu/gorm"
_ "github.com/lib/pq"
)
var db *gorm.DB
func init() {
var err error
db, err = gorm.Open("postgres", "postgres://gorm:gorm@127.0.0.1/gorm?sslmode=disable")
if err != nil {
panic(err)
}
}
func main() {
t := time.Time{}
db.Debug().Raw("SELECT NOW()").Row().Scan(&t)
fmt.Println(t)
}go.mod is also pretty simple:
module SomeDBTest
go 1.12
require (
github.com/jinzhu/gorm v1.9.9
github.com/lib/pq v1.1.1
)
Lets try to update this app dependencies by running go get -u -d, resulting go.mod will look as follows:
module SomeDBTest
go 1.12
require (
cloud.google.com/go v0.41.0 // indirect
github.com/DataDog/zstd v1.4.0 // indirect
github.com/Shopify/sarama v1.23.0 // indirect
github.com/denisenkom/go-mssqldb v0.0.0-20190710001350-29e7b2419f38 // indirect
github.com/eapache/go-resiliency v1.2.0 // indirect
github.com/go-kit/kit v0.9.0 // indirect
github.com/gogo/protobuf v1.2.1 // indirect
github.com/golang/protobuf v1.3.2 // indirect
github.com/gorilla/mux v1.7.3 // indirect
github.com/jcmturner/gofork v1.0.0 // indirect
github.com/jinzhu/gorm v1.9.10
github.com/kisielk/errcheck v1.2.0 // indirect
github.com/konsorten/go-windows-terminal-sequences v1.0.2 // indirect
github.com/lib/pq v1.1.1
github.com/onsi/ginkgo v1.8.0 // indirect
github.com/onsi/gomega v1.5.0 // indirect
github.com/openzipkin/zipkin-go v0.2.0 // indirect
github.com/pkg/errors v0.8.1 // indirect
github.com/prometheus/common v0.6.0 // indirect
github.com/prometheus/procfs v0.0.3 // indirect
github.com/rcrowley/go-metrics v0.0.0-20190706150252-9beb055b7962 // indirect
github.com/sirupsen/logrus v1.4.2 // indirect
github.com/stretchr/objx v0.2.0 // indirect
golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4 // indirect
golang.org/x/exp v0.0.0-20190627132806-fd42eb6b336f // indirect
golang.org/x/image v0.0.0-20190703141733-d6a02ce849c9 // indirect
golang.org/x/mobile v0.0.0-20190711165009-e47acb2ca7f9 // indirect
golang.org/x/net v0.0.0-20190628185345-da137c7871d7 // indirect
golang.org/x/sys v0.0.0-20190712062909-fae7ac547cb7 // indirect
golang.org/x/tools v0.0.0-20190712213246-8b927904ee0d // indirect
google.golang.org/genproto v0.0.0-20190708153700-3bdd9d9f5532 // indirect
google.golang.org/grpc v1.22.0 // indirect
gopkg.in/jcmturner/gokrb5.v7 v7.3.0 // indirect
)
Now let's try go mod tidy if it's possible to remove some redundant dependencies:
module SomeDBTest
go 1.12
require (
cloud.google.com/go v0.41.0 // indirect
github.com/denisenkom/go-mssqldb v0.0.0-20190710001350-29e7b2419f38 // indirect
github.com/jinzhu/gorm v1.9.10
github.com/lib/pq v1.1.1
golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4 // indirect
)
What did you expect to see?
Result of running go get -u -d should match corresponding go mod tidy on updated dependencies in go.mod, or match those lines in go.mod being updated according to documented behavior of go get -u without adding any additional indirect dependencies.
What did you see instead?
go.mod is bloated with indirect dependencies, forcing user to run go mod tidy additionally, or edit it manually.
System details
go version go1.12.7 windows/amd64
GOARCH="amd64"
GOBIN=""
GOCACHE="C:\Users\***\AppData\Local\go-build"
GOEXE=".exe"
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="windows"
GOOS="windows"
GOPATH="C:\Users\***\go"
GOPROXY=""
GORACE=""
GOROOT="c:\go"
GOTMPDIR=""
GOTOOLDIR="c:\go\pkg\tool\windows_amd64"
GCCGO="gccgo"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD="NUL"
GOROOT/bin/go version: go version go1.12.7 windows/amd64
GOROOT/bin/go tool compile -V: compile version go1.12.7