Skip to content

Bug fixes in go dependencies #97

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Apr 12, 2022
Merged

Bug fixes in go dependencies #97

merged 3 commits into from
Apr 12, 2022

Conversation

puerco
Copy link
Member

@puerco puerco commented Apr 12, 2022
edited
Loading

What type of PR is this?

/kind bug

What this PR does / why we need it:

This PR fixes three bugs in the go dependency code:

  1. It fixes a bug in the dependency generator where var scope was handled wrong and errors were not being surfaced correctly
  2. It makes the go module parser more permissive preventing a fatal error when a dependency cannot be converted to a SPDX package
  3. Finally, it fixes a bug where the go module being analyzed was listed as a dependency

Which issue(s) this PR fixes:

Fixes #61

Special notes for your reviewer:

/assign @cpanato @justaugustus @saschagrunert
/cc @kubernetes-sigs/release-engineering

Does this PR introduce a user-facing change?

- Fixes a bug in the go dependency generator where var scope was handled wrong and errors were not being surfaced correctly
- The go module parser is now more permissive preventing a fatal error when a dependency cannot be converted to a SPDX package
- Fixed a bug where the go module being analyzed was incorrectly listed as a dependency of itself

puerco added 3 commits April 12, 2022 14:39
@puerco
FIx error scope bug when reading go modules
8f31e8b 
Signed-off-by: Adolfo García Veytia (Puerco) <[email protected]>
@puerco
Avoid dying when failing to convert go deps
27afe4a 
This commit modifies the go dependency tracker to
avoid the generator exiting when a go package cannot
be converted to a go dependency.

This is the case with internal go packages that are
not fetchable in a public repo.

Signed-off-by: Adolfo García Veytia (Puerco) <[email protected]>
@puerco
Do not add module when building deps list
ee1be44 
This commit prevents the go module being scanned to be added as a
dependency when building the go deps.

Signed-off-by: Adolfo García Veytia (Puerco) <[email protected]>
@k8s-ci-robot k8s-ci-robot added kind/bug Categorizes issue or PR as related to a bug. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels Apr 12, 2022
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: puerco

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Apr 12, 2022
@jeremyrickard
Copy link
Member

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Apr 12, 2022
@k8s-ci-robot k8s-ci-robot merged commit 28e3e2e into kubernetes-sigs:main Apr 12, 2022
@puerco
Copy link
Member Author

puerco commented Apr 12, 2022

thanks jeremy !!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cpanato cpanato Awaiting requested review from cpanato

@jeremyrickard jeremyrickard Awaiting requested review from jeremyrickard

Assignees

@justaugustus justaugustus

@saschagrunert saschagrunert

@cpanato cpanato

@jeremyrickard jeremyrickard

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/bug Categorizes issue or PR as related to a bug. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Go module list incorrectly lists main project's go module as dep
6 participants
@puerco @k8s-ci-robot @jeremyrickard @justaugustus @saschagrunert @cpanato