[release] prepare v0.35.0 release

d67af7f CHANGELOG.md: v0.35.0 changelog 6ce6b54 src/goToolsInformation: update hardcoded latest version of gopls for release 19f6e6b package.json: add markdown descriptions to inlay hints config d2f0f1c src/goTools: allow to install dlv for arm64 180bbce Substitute workspaceFolderBasename variable into extension settings e63f1ad add support for multi-file test suite 05edb9c package.json: clean up formatter setting b9472fc package.json: update gts (4.0.0), moment (2.29.4) 2de6d67 package.json: sync doc with [email protected] fdf5608 CHANGELOG.md: v0.34.1 changelog 99369b6 src/language/goLanguageServer: remove redundant error popups from custom error handler 4dd972e src/language/goLanguageServer: do not require gopls when language server is disabled ee683d7 vscode-go: add inlay hint settings to extension config 0848778 src/goVulncheck: add actions to upgrade modules 78149ef src/goVulncheck: report unaffecting vulnerabilities separately 445a42f tools/goplssetting: omit inlay hints from gopls settings 8dfd393 src/commands: catch errors when starting language server 16009b2 package.json: update dev version 7efa03c .vscode: remove accidentally added MOCHA_GREP Change-Id: Ibe77ea8285506f5d04d0ba6f6b6bb3252a3b61a9
golang · Jul 14, 2022 · daf6501 · daf6501
2 parents 65cef38 + d67af7f
commit daf6501
Show file tree

Hide file tree

Showing 18 changed files with 1,287 additions and 1,905 deletions.
diff --git a/.vscode/launch.json b/.vscode/launch.json
@@ -63,7 +63,6 @@
 			"env": {
 				"VSCODE_GO_IN_TEST": "1",  // Disable code that shouldn't be used in test
 				"MOCHA_TIMEOUT": "999999",
-				"MOCHA_GREP": "Error checking"
 			},
 			"stopOnEntry": false,
 			"sourceMaps": true,

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,19 @@
+## v0.35.0 - 13 July, 2022
+
+A list of all issues and changes can be found in the [v0.35.0 milestone](https://github.com/golang/vscode-go/milestone/47) and [commit history](https://github.com/golang/vscode-go/compare/v0.34.1...v0.35.0).
+
+### Features
+- This release adds support for inlay hints ([Issue 1631](https://github.com/golang/vscode-go/issues/1631)).
+- Add logic to support ${workspaceFolderBasename} substitution in extension settings ([Issue 2310](https://github.com/golang/vscode-go/issues/2310)).
+- Add support for multi-file test suite ([Issue 1130](https://github.com/golang/vscode-go/issues/1130)).
+- Add support for custom formatters.
+
+### Bug Fix
+- Fixed (Issue [2339](https://github.com/golang/vscode-go/issues/#2339)) that prevented updating delve on arm64 Macs.
+
+### Thanks
+Thank you for your contribution, @hyangah, @nirhaas, @bentekkie, @jamalc, and @suzmue.
+
 ## v0.34.1 - 30 June, 2022
 
 A list of all issues and changes can be found in the [v0.34.1 milestone](https://github.com/golang/vscode-go/milestone/48) and [commit history](https://github.com/golang/vscode-go/compare/v0.34.0...v0.34.1).

diff --git a/docs/settings.md b/docs/settings.md
@@ -223,16 +223,8 @@ Default:
 Flags to pass to format tool (e.g. ["-s"]). Not applicable when using the language server.
 ### `go.formatTool`
 
-Not applicable when using the language server. Choosing 'goimports', 'goreturns', or 'gofumports' will add missing imports and remove unused imports.<br/>
-Allowed Options:
-
-* `default`: If the language server is enabled, format via the language server, which already supports gofmt, goimports, goreturns, and gofumpt. Otherwise, goimports.
-* `gofmt`: Formats the file according to the standard Go style.
-* `goimports`: Organizes imports and formats the file with gofmt.
-* `goformat`: Configurable gofmt, see https://github.com/mbenkmann/goformat.
-* `gofumpt`: Stricter version of gofmt, see https://github.com/mvdan/gofumpt.
-* `gofumports`: Applies gofumpt formatting and organizes imports.
-
+When the language server is enabled and one of default/gofmt/goimports/gofumpt is chosen, the language server will handle formatting. Otherwise, the extension will use the specified tool for formatting.<br/>
+Allowed Options: `default`, `gofmt`, `goimports`, `goformat`, `gofumpt`
 
 Default: `"default"`
 ### `go.generateTestsFlags`
@@ -277,6 +269,90 @@ Default: `false`
 
 Infer GOPATH from the workspace root. This is ignored when using Go Modules.
 
+Default: `false`
+### `go.inlayHints.assignVariableTypes`
+
+Enable/disable inlay hints for variable types in assign statements.
+```go
+
+i /*int*/, j /*int*/ := 0, len(r)-1
+```
+
+Default: `false`
+### `go.inlayHints.compositeLiteralFields`
+
+Enable/disable inlay hints for composite literal field names.
+```go
+
+for _, c := range []struct {in, want string}{
+	{/*in:*/ "Hello, world", /*want:*/ "dlrow ,olleH"},
+	{/*in:*/ "Hello, 世界", /*want:*/ "界世 ,olleH"},
+	{/*in:*/ "", /*want:*/ ""},
+} {
+	...
+}
+```
+
+Default: `false`
+### `go.inlayHints.compositeLiteralTypes`
+
+Enable/disable inlay hints for composite literal types.
+```go
+
+for _, c := range []struct {in, want string}{
+	/*struct{ in, want string }*/{"Hello, world", "dlrow ,olleH"},
+	/*struct{ in, want string }*/{"Hello, 世界", "界世 ,olleH"},
+	/*struct{ in, want string }*/{"", ""},
+} {
+	...
+}
+```
+
+Default: `false`
+### `go.inlayHints.constantValues`
+
+Enable/disable inlay hints for constant values.
+```go
+
+const (
+	KindNone   = iota	/*= 0*/
+	KindPrint	/*= 1*/
+	KindPrintf	/*= 2*/
+	KindErrorf	/*= 3*/
+)
+```
+
+Default: `false`
+### `go.inlayHints.functionTypeParameters`
+
+Enable/disable inlay hints for implicit type parameters on generic functions.
+```go
+
+func myFunc[T any](a T) { ... }
+
+func main() {
+	myFunc/*[int]*/(1)
+}
+```
+
+Default: `false`
+### `go.inlayHints.parameterNames`
+
+Enable/disable inlay hints for parameter names.
+```go
+
+http.HandleFunc(/*pattern:*/ "/", /*handler:*/ indexHandler)
+```
+
+Default: `false`
+### `go.inlayHints.rangeVariableTypes`
+
+Enable/disable inlay hints for variable types in range statements.
+```go
+
+for k /*int*/, v /*string*/ := range []string{} { ... }
+```
+
 Default: `false`
 ### `go.installDependenciesWhenBuilding`
 
@@ -736,7 +812,7 @@ Example Usage:
 | `deepequalerrors` | check for calls of reflect.DeepEqual on error values <br/> The deepequalerrors checker looks for calls of the form: <br/>     reflect.DeepEqual(err1, err2) <br/> where err1 and err2 are errors. Using reflect.DeepEqual to compare errors is discouraged. <br/> Default: `true` |
 | `embed` | check for //go:embed directive import <br/> This analyzer checks that the embed package is imported when source code contains //go:embed comment directives. The embed package must be imported for //go:embed directives to function.import _ "embed". <br/> Default: `true` |
 | `errorsas` | report passing non-pointer or non-error values to errors.As <br/> The errorsas analysis reports calls to errors.As where the type of the second argument is not a pointer to a type implementing error. <br/> Default: `true` |
-| `fieldalignment` | find structs that would use less memory if their fields were sorted <br/> This analyzer find structs that can be rearranged to use less memory, and provides a suggested edit with the optimal order. <br/> Note that there are two different diagnostics reported. One checks struct size, and the other reports "pointer bytes" used. Pointer bytes is how many bytes of the object that the garbage collector has to potentially scan for pointers, for example: <br/> <pre>struct { uint32; string }</pre><br/> have 16 pointer bytes because the garbage collector has to scan up through the string's inner pointer. <br/> <pre>struct { string; *uint32 }</pre><br/> has 24 pointer bytes because it has to scan further through the *uint32. <br/> <pre>struct { string; uint32 }</pre><br/> has 8 because it can stop immediately after the string pointer. <br/> <br/> Default: `false` |
+| `fieldalignment` | find structs that would use less memory if their fields were sorted <br/> This analyzer find structs that can be rearranged to use less memory, and provides a suggested edit with the most compact order. <br/> Note that there are two different diagnostics reported. One checks struct size, and the other reports "pointer bytes" used. Pointer bytes is how many bytes of the object that the garbage collector has to potentially scan for pointers, for example: <br/> <pre>struct { uint32; string }</pre><br/> have 16 pointer bytes because the garbage collector has to scan up through the string's inner pointer. <br/> <pre>struct { string; *uint32 }</pre><br/> has 24 pointer bytes because it has to scan further through the *uint32. <br/> <pre>struct { string; uint32 }</pre><br/> has 8 because it can stop immediately after the string pointer. <br/> Be aware that the most compact order is not always the most efficient. In rare cases it may cause two variables each updated by its own goroutine to occupy the same CPU cache line, inducing a form of memory contention known as "false sharing" that slows down both goroutines. <br/> <br/> Default: `false` |
 | `fillreturns` | suggest fixes for errors due to an incorrect number of return values <br/> This checker provides suggested fixes for type errors of the type "wrong number of return values (want %d, got %d)". For example: <pre>func m() (int, string, *bool, error) {<br/>	return<br/>}</pre>will turn into <pre>func m() (int, string, *bool, error) {<br/>	return 0, "", nil, nil<br/>}</pre><br/> This functionality is similar to https://github.com/sqs/goreturns. <br/> <br/> Default: `true` |
 | `fillstruct` | note incomplete struct initializations <br/> This analyzer provides diagnostics for any struct literals that do not have any fields initialized. Because the suggested fix for this analysis is expensive to compute, callers should compute it separately, using the SuggestedFix function below. <br/> <br/> Default: `true` |
 | `httpresponse` | check for mistakes using HTTP responses <br/> A common mistake when using the net/http package is to defer a function call to close the http.Response Body before checking the error that determines whether the response is valid: <br/> <pre>resp, err := http.Head(url)<br/>defer resp.Body.Close()<br/>if err != nil {<br/>	log.Fatal(err)<br/>}<br/>// (defer statement belongs here)</pre><br/> This checker helps uncover latent nil dereference bugs by reporting a diagnostic for such mistakes. <br/> Default: `true` |

diff --git a/media/vulncheckView.css b/media/vulncheckView.css
@@ -21,6 +21,16 @@
 	padding-bottom: 0.5em;
 }
 
+.vuln-fix:hover,
+.vuln-fix:active {
+	color: var(--vscode-textLink-activeForeground);
+}
+.vuln-fix {
+	cursor:pointer;
+	color: var(--vscode-textLink-foreground);
+	text-decoration:underline;
+}
+
 details summary {
 	cursor: pointer;
 	position: relative;

diff --git a/media/vulncheckView.js b/media/vulncheckView.js
@@ -12,15 +12,22 @@
 
 	const logContainer = /** @type {HTMLElement} */ (document.querySelector('.log'));
 	const vulnsContainer = /** @type {HTMLElement} */ (document.querySelector('.vulns'));
+	const unaffectingContainer = /** @type {HTMLElement} */ (document.querySelector('.unaffecting'));
 
 	vulnsContainer.addEventListener('click', (event) => {
 		let node = event && event.target;
+		let handled = false;
+		console.log(`${node.type} ${node.tagName} ${node.className} ${node.id} data:${node.dataset?.target} dir:${node.dataset?.dir}`);
 		if (node?.tagName === 'A' && node.href) {
 			// Ask vscode to handle link opening.
 			vscode.postMessage({ type: 'open', target: node.href });
+		} else if (node?.tagName === 'SPAN' && node.className === 'vuln-fix' && node.dataset?.target && node.dataset?.dir) {
+			vscode.postMessage({ type: 'fix', target: node.dataset?.target, dir: node.dataset?.dir });
+		}
+
+		if (handled) {
 			event.preventDefault();
 			event.stopPropagation();
-			return;
 		}
 	});
 
@@ -36,8 +43,20 @@
 		return 'N/A'
 	}
 
+	function offerUpgrade(/** @type {string} */dir, /** @type {string} */mod, /** @type {string|undefined} */ver) {
+		if (dir && mod && ver) {
+			return ` [<span class="vuln-fix" data-target="${mod}@${ver}" data-dir="${dir}">go get</span> | <span class="vuln-fix" data-target="${mod}@latest" data-dir="${dir}">go get latest</span>]`
+		}
+		return '';
+	}
+
 	function snapshotContent() {
-		return vulnsContainer.innerHTML;
+		const res = {
+			'log': logContainer.innerHTML,
+			'vulns': vulnsContainer.innerHTML,
+			'unaffecting': unaffectingContainer.innerHTML
+		};
+		return JSON.stringify(res);
 	}
 
 	/**
@@ -61,16 +80,19 @@
 			return durationMillisec ? `${startDate} (took ${durationMillisec} msec)` : `${startDate}`;
 		}
 
+		const vulns = json.Vuln || [];
+		const affecting = vulns.filter((v) => v.CallStackSummaries?.length);
+		const unaffecting = vulns.filter((v) => !v.CallStackSummaries?.length);
+
 		runLog.innerHTML = `
 <tr><td>Dir:</td><td>${json.Dir || ''}</td></tr>
 <tr><td>Pattern:</td><td>${json.Pattern || ''}</td></tr>
-<tr><td>Analyzed at:</td><td>${timeinfo(json.Start, json.Duration)}</td></tr>`;
+<tr><td>Analyzed at:</td><td>${timeinfo(json.Start, json.Duration)}</td></tr>
+<tr><td>Found ${affecting?.length || 0} known vulnerabilities</td></tr>`;
 		logContainer.appendChild(runLog);
 
-		const vulns = json.Vuln || [];
 		vulnsContainer.innerHTML = '';
-
-		vulns.forEach((vuln) => {
+		affecting.forEach((vuln) => {
 			const element = document.createElement('div');
 			element.className = 'vuln';
 			vulnsContainer.appendChild(element);
@@ -92,8 +114,8 @@
 			details.className = 'vuln-details'
 			details.innerHTML = `
 			<tr><td>Package</td><td>${vuln.PkgPath}</td></tr>
-			<tr><td>Current Version</td><td>${moduleVersion(vuln.ModPath, vuln.CurrentVersion)}</td></tr>
-			<tr><td>Fixed Version</td><td>${moduleVersion(vuln.ModPath, vuln.FixedVersion)}</td></tr>
+			<tr><td>Found in Version</td><td>${moduleVersion(vuln.ModPath, vuln.CurrentVersion)}</td></tr>
+			<tr><td>Fixed Version</td><td>${moduleVersion(vuln.ModPath, vuln.FixedVersion)} ${offerUpgrade(json.Dir, vuln.ModPath, vuln.FixedVersion)}</td></tr>
 			<tr><td>Affecting</td><td>${vuln.AffectedPkgs?.join('<br>')}</td></tr>
 			`;
 			element.appendChild(details);
@@ -131,6 +153,20 @@
 			examples.appendChild(callstacksContainer);
 			element.appendChild(examples);
 		});
+
+		unaffectingContainer.innerText = '';
+		if (unaffecting.length > 0) {
+			unaffectingContainer.innerHTML = '<hr></hr><p>These vulnerabilities exist in required modules, but no vulnerable symbols are used.<br>No action is required. For more information, visit <a href="https://pkg.go.dev/vuln">https://pkg.go.dev/vuln</a></p>';
+
+			const details = document.createElement('table');
+			unaffecting.forEach((vuln) => {
+				const row = document.createElement('tr');
+				row.className = 'vuln-details'
+				row.innerHTML = `<tr><td>${vuln.ModPath}</td><td><a href="${vuln.URL}">${vuln.ID}</a></td></tr>`;
+				details.appendChild(row);
+			});
+			unaffectingContainer.appendChild(details);
+		}
 	}
 
 	// Message Passing between Extension and Webview