std,cmd: add test to ensure that all bundled packages are in sync with go.mod version #41409
Comments
dmitshur
added
the
NeedsInvestigation
dmitshur
changed the title
|
#36852 is also related: ideally the |
|
Change https://golang.org/cl/255859 mentions this issue: |
|
Change https://golang.org/cl/256357 mentions this issue: |
Discussion so far suggests we do not want to keep this flexibility. That means we need a test that will detect automatically when a regression happens. I'll modify this issue to be about adding that test. The test should be skipped in -short test mode, so it will be executed on longtest builders (and via SlowBot requests). This is similar/related to #36852 (go.mod and vendor directory being in sync) and to #36907 (go.mod of different modules being in sync). A general approach to the test that I've discussed with @bcmills could look like this:
This approach can avoid needing to rely on |
dmitshur
added
the
Testing
dmitshur
changed the title
|
Managing backports can become much more expensive if skew is introduced in a new major Go release. This has happened in Go 1.15 (see #41375 (comment) and CL 258540), and I think it's important we have an automated measure so we can be confident it can't happen for future Go releases due to human error. I'm going to make this a release-blocker for Go 1.16: we should either resolve this issue by adding a test, or if there isn't enough time, we must manually verify that there is no skew introduced in Go 1.16 release candidates and the final release. CC @golang/release. |
toothrot
added
okay-after-beta1
We need to update dependencies vendored into the standard library at least two times during each major Go release cycle, which is tracked by the recurring release-blocker issue golang.org/issue/36905. Once we find agreement on the overall strategy to do this, it will be easier, more reliable, and more scalable to do with a program than by hand. This experimental program serves as a starting point to get there. It has been used to generate CL 255860 and CL 266898 so far, and more to explore the state of changes to vendored golang.org/x packages at tip. Code review has identified opportunities for improvement, which was filed as an issue. Upon further investigation, it was found that those improvements are not viable to use in the short term (see https://golang.org/issue/41589#issuecomment-712965746), but perhaps will be worth revisiting in the future. The scope of update performed at this time is to update golang.org/x modules dependencies inside the standard library, re-run go generate -run=bundle task, and update the Go language version in go.mod files. It's expected this will evolve over time based on experience and new findings. For golang/go#36905. For golang/go#41409. Change-Id: I0e9d42675f1d8300f661545625f3b20e3704cdca Reviewed-on: https://go-review.googlesource.com/c/build/+/256357 Run-TryBot: Dmitri Shuralyov <dmitshur@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Trust: Dmitri Shuralyov <dmitshur@golang.org> Trust: Alexander Rakoczy <alex@golang.org> Reviewed-by: Alexander Rakoczy <alex@golang.org>
|
Change https://golang.org/cl/283643 mentions this issue: |
dmitshur
added
NeedsFix
and others
We've had issues in the past where version skew could be introduced if people forgot to update one part of the distribution without also updating another (e.g., versions in src/go.mod and src/cmd/go.mod). A very effective solution was adding a test that fails when skew is detected.
I believe we still need to address this for net/http's bundled copies of
golang.org/x/net/http2andgolang.org/x/net/internal/socks. Right now, it's possible to update the bundled copy independently from the src/go.mod version, but it's not clear that flexibility is something we want to keep.See #41375 where this came up. Also relevant is #25285.
I plan to revisit my review of CL 189818 (which fixes issue #32031), the trade-offs have changed by now (especially given #41330).
/cc @toothrot @bcmills @FiloSottile
The text was updated successfully, but these errors were encountered: