From 2f57270232c2da03fc5fbd810738cd19d76ae4a2 Mon Sep 17 00:00:00 2001 From: "Hana (Hyang-Ah) Kim" Date: Tue, 4 Oct 2022 20:20:36 -0400 Subject: [PATCH] gopls: update golang.org/x/vuln This is to pick up the fix for the file-scheme url handling bug cd gopls GOPROXY=direct go get golang.org/x/vuln@2aa0553d353b go mod tidy -compat=1.16 Also updates the tests to use span.URIFromPath to generate correct test database file uris. Change-Id: I6de296cd21f3b98d72700ea57d1aa867658e7ac3 Reviewed-on: https://go-review.googlesource.com/c/tools/+/438756 Run-TryBot: Hyang-Ah Hana Kim Reviewed-by: Robert Findley gopls-CI: kokoro TryBot-Result: Gopher Robot --- gopls/go.mod | 4 ++-- gopls/go.sum | 8 +++----- gopls/internal/regtest/misc/vuln_test.go | 8 +++++--- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/gopls/go.mod b/gopls/go.mod index 6cd8643cc4..27f8d44e6a 100644 --- a/gopls/go.mod +++ b/gopls/go.mod @@ -11,8 +11,8 @@ require ( golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 golang.org/x/sys v0.0.0-20220808155132-1c4a2a72c664 golang.org/x/text v0.3.7 - golang.org/x/tools v0.1.13-0.20220810174125-0ad49fdeb955 - golang.org/x/vuln v0.0.0-20220919155316-41b1fc70d0a6 + golang.org/x/tools v0.1.13-0.20220928184430-f80e98464e27 + golang.org/x/vuln v0.0.0-20221004232641-2aa0553d353b honnef.co/go/tools v0.3.3 mvdan.cc/gofumpt v0.3.1 mvdan.cc/xurls/v2 v2.4.0 diff --git a/gopls/go.sum b/gopls/go.sum index c26382551c..b7a866c8b1 100644 --- a/gopls/go.sum +++ b/gopls/go.sum @@ -10,7 +10,7 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/frankban/quicktest v1.14.2 h1:SPb1KFFmM+ybpEjPUhCCkZOM5xlovT5UbrMvWnXyBns= github.com/frankban/quicktest v1.14.2/go.mod h1:mgiwOwqx65TmIk1wJ6Q7wvnVMocbUorkibMOrVTHZps= -github.com/google/go-cmdtest v0.4.0/go.mod h1:apVn/GCasLZUVpAJ6oWAuyP7Ne7CEsQbTnc0plM3m+o= +github.com/google/go-cmdtest v0.4.1-0.20220921163831-55ab3332a786/go.mod h1:apVn/GCasLZUVpAJ6oWAuyP7Ne7CEsQbTnc0plM3m+o= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE= github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg= @@ -69,10 +69,8 @@ golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuX golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/vuln v0.0.0-20220901221904-62b0186a1058 h1:YnB27EXBD8XxB0JcaOeluuvhF2kS4DrH0k+lpopG2xc= -golang.org/x/vuln v0.0.0-20220901221904-62b0186a1058/go.mod h1:7tDfEDtOLlzHQRi4Yzfg5seVBSvouUIjyPzBx4q5CxQ= -golang.org/x/vuln v0.0.0-20220919155316-41b1fc70d0a6 h1:tQFrcJZ95V1wiLLPoAIaEuEVXJ7JkhbZI4Hws7Fx69c= -golang.org/x/vuln v0.0.0-20220919155316-41b1fc70d0a6/go.mod h1:7tDfEDtOLlzHQRi4Yzfg5seVBSvouUIjyPzBx4q5CxQ= +golang.org/x/vuln v0.0.0-20221004232641-2aa0553d353b h1:8Tu9pgIV7kt8ulNtzidzpLl9E9l1i+U4QLdKG0ZzHyE= +golang.org/x/vuln v0.0.0-20221004232641-2aa0553d353b/go.mod h1:F12iebNzxRMpJsm4W7ape+r/KdnXiSy3VC94WsyCG68= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/gopls/internal/regtest/misc/vuln_test.go b/gopls/internal/regtest/misc/vuln_test.go index 180431c8ab..5ba545454e 100644 --- a/gopls/internal/regtest/misc/vuln_test.go +++ b/gopls/internal/regtest/misc/vuln_test.go @@ -6,7 +6,6 @@ package misc import ( "os" - "path" "path/filepath" "testing" @@ -14,6 +13,7 @@ import ( "golang.org/x/tools/gopls/internal/lsp/protocol" . "golang.org/x/tools/gopls/internal/lsp/regtest" "golang.org/x/tools/gopls/internal/lsp/tests/compare" + "golang.org/x/tools/internal/span" "golang.org/x/tools/internal/testenv" ) @@ -69,10 +69,11 @@ func main() { ` cwd, _ := os.Getwd() + uri := span.URIFromPath(filepath.Join(cwd, "testdata", "vulndb")) WithOptions( EnvVars{ // Let the analyzer read vulnerabilities data from the testdata/vulndb. - "GOVULNDB": "file://" + path.Join(filepath.ToSlash(cwd), "testdata", "vulndb"), + "GOVULNDB": string(uri), // When fetchinging stdlib package vulnerability info, // behave as if our go version is go1.18 for this testing. // The default behavior is to run `go env GOVERSION` (which isn't mutable env var). @@ -226,11 +227,12 @@ func TestRunVulncheckExp(t *testing.T) { testenv.NeedsGo1Point(t, 18) cwd, _ := os.Getwd() + uri := span.URIFromPath(filepath.Join(cwd, "testdata", "vulndb")) WithOptions( ProxyFiles(proxy1), EnvVars{ // Let the analyzer read vulnerabilities data from the testdata/vulndb. - "GOVULNDB": "file://" + path.Join(filepath.ToSlash(cwd), "testdata", "vulndb"), + "GOVULNDB": string(uri), // When fetching stdlib package vulnerability info, // behave as if our go version is go1.18 for this testing. // The default behavior is to run `go env GOVERSION` (which isn't mutable env var).