diff options
author | Cherry Zhang <cherryyz@google.com> | 2020-10-28 09:12:20 -0400 |
---|---|---|
committer | Cherry Zhang <cherryyz@google.com> | 2020-10-28 09:12:20 -0400 |
commit | a16e30d162c1c7408db7821e7b9513cefa09c6ca (patch) | |
tree | af752ba9ba44c547df39bb0af9bff79f610ba9d5 /src/cmd/go/internal/modget/get.go | |
parent | 91e4d2d57bc341dd82c98247117114c851380aef (diff) | |
parent | cf6cfba4d5358404dd890f6025e573a4b2156543 (diff) | |
download | go-a16e30d162c1c7408db7821e7b9513cefa09c6ca.tar.gz go-a16e30d162c1c7408db7821e7b9513cefa09c6ca.zip |
[dev.link] all: merge branch 'master' into dev.linkdev.link
Clean merge.
Change-Id: Ia7b2808bc649790198d34c226a61d9e569084dc5
Diffstat (limited to 'src/cmd/go/internal/modget/get.go')
-rw-r--r-- | src/cmd/go/internal/modget/get.go | 30 |
1 files changed, 23 insertions, 7 deletions
diff --git a/src/cmd/go/internal/modget/get.go b/src/cmd/go/internal/modget/get.go index f1cf8b17a8..171c070ab3 100644 --- a/src/cmd/go/internal/modget/get.go +++ b/src/cmd/go/internal/modget/get.go @@ -115,13 +115,12 @@ require downgrading other dependencies, and 'go get' does this automatically as well. The -insecure flag permits fetching from repositories and resolving -custom domains using insecure schemes such as HTTP. Use with caution. +custom domains using insecure schemes such as HTTP, and also bypassess +module sum validation using the checksum database. Use with caution. This flag is deprecated and will be removed in a future version of go. -The GOINSECURE environment variable is usually a better alternative, since -it provides control over which modules may be retrieved using an insecure -scheme. It should be noted that the -insecure flag also turns the module -checksum validation off. GOINSECURE does not do that, use GONOSUMDB. -See 'go help environment' for details. +To permit the use of insecure schemes, use the GOINSECURE environment +variable instead. To bypass module sum validation, use GOPRIVATE or +GONOSUMDB. See 'go help environment' for details. The second step is to download (if needed), build, and install the named packages. @@ -875,6 +874,8 @@ func getQuery(ctx context.Context, path, vers string, prevM module.Version, forc allowed := modload.CheckAllowed if modload.IsRevisionQuery(vers) { allowed = modload.CheckExclusions + } else if vers == "upgrade" || vers == "patch" { + allowed = checkAllowedOrCurrent(prevM.Version) } // If the query must be a module path, try only that module path. @@ -911,7 +912,7 @@ func getQuery(ctx context.Context, path, vers string, prevM module.Version, forc // If it turns out to only exist as a module, we can detect the resulting // PackageNotInModuleError and avoid a second round-trip through (potentially) // all of the configured proxies. - results, err := modload.QueryPattern(ctx, path, vers, allowed) + results, err := modload.QueryPattern(ctx, path, vers, modload.Selected, allowed) if err != nil { // If the path doesn't contain a wildcard, check whether it was actually a // module path instead. If so, return that. @@ -982,3 +983,18 @@ func logOncef(format string, args ...interface{}) { fmt.Fprintln(os.Stderr, msg) } } + +// checkAllowedOrCurrent is like modload.CheckAllowed, but always allows the +// current version (even if it is retracted or otherwise excluded). +func checkAllowedOrCurrent(current string) modload.AllowedFunc { + if current == "" { + return modload.CheckAllowed + } + + return func(ctx context.Context, m module.Version) error { + if m.Version == current { + return nil + } + return modload.CheckAllowed(ctx, m) + } +} |