-
Notifications
You must be signed in to change notification settings - Fork 17.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
cmd/go: "go get" fails on import path patterns with wildcards ("...") #29241
Comments
Looking through the code, I saw the following mistakes that could have caused this error:Error 1 - Error 2 - the Suggested FixRemove the check listed in error 1. In addition to causing false positives, it is rendered unnecessary by the line mentioned in error 2. Leave the line in error 2 unchanged, but add a check that skips this validation for the last element if it exactly matches |
Is someone currently working on this? If not, I can try to create a fix. |
In absence of a response, I have started fixing this. |
Ok. Thank you for letting me know. |
I'd submit this, but I'm sure someone else can do it faster as I haven't yet made a Go contribution :) |
Change https://golang.org/cl/154121 mentions this issue: |
@gopherbot, please backport to 1.11 and 1.10 immediately: this is a major regression. |
Backport issue(s) opened: #29247 (for 1.10), #29248 (for 1.11). Remember to create the cherry-pick CL(s) as soon as the patch is submitted to master, according to https://golang.org/wiki/MinorReleases. |
Change https://golang.org/cl/154108 mentions this issue: |
@thaJeztah, |
@bcmills ah, makes sense, thanks for confirming it's nothing to worry about 👍 |
Go 1.11.3 has a bug: golang/go#29241 This is fixed/workarounded in containerd: containerd/containerd@52de371 Until that commit has made it into a tagged version, we will use containerd at head. PiperOrigin-RevId: 225636987 Change-Id: I7e32beb7751f566f5b41682a29a14442c1aa56c2
Is there any workaround or does anyone know when the planned fix for this is released? |
The release is already done since 2 days: go1.11.4 and go1.10.7 Note: the docker images are not up-to-date https://hub.docker.com/_/golang?tab=tags |
Ah thanks! I was looking at the docker images. Do those follow a different release schedule? |
Go 1.11.3's CVE fix for 'remote command execution during "go get -u"' broke getting wildcard paths, which Gitea's makefile uses to fetch go-bindata and swagger. The error is: 'package github.com/jteeuwen/go-bindata/...: github.com/jteeuwen/go-bindata/...: invalid import path: malformed import path "github.com/jteeuwen/go-bindata/...": double dot' If the source already exists (get without the ...) then it works. This should be fixed in go 1.11.4. See golang/go#29241
@johan-lejdung docker-library/golang#255 - the docker tags are currently in progress |
Go 1.11.3 has a bug: golang/go#29241 This is fixed/workarounded in containerd: containerd/containerd@52de371 Until that commit has made it into a tagged version, we will use containerd at head. PiperOrigin-RevId: 225636987 Change-Id: I7e32beb7751f566f5b41682a29a14442c1aa56c2 Upstream-commit: 13e4930
The fix for
cmd/go: remote command execution during "go get -u"
(#29230) as released in Go 1.10.6 and 1.11.3 introduced a regression causing commands likego get example.com/...
to fail withinvalid import path: malformed import path "example.com/...": double dot
when fetching packages not already present in GOPATH.See #29236 (comment)
The text was updated successfully, but these errors were encountered: