From a44a24b633d438cfb8eb756265a676586edee7b1 Mon Sep 17 00:00:00 2001 From: Dominic Evans <8060970+dnwe@users.noreply.github.com> Date: Thu, 9 Jan 2025 13:48:58 +0000 Subject: [PATCH] fix: Relax go directive in go.mod to 1.22.0 (#3423) Fixes: #3422. --- .github/workflows/tests.yml | 2 +- README.md | 19 ++++++++++++------- example/go.mod | 7 +++---- example/go.sum | 14 ++++++-------- example/newreposecretwithlibsodium/go.mod | 2 +- example/verifyartifact/main.go | 4 ++-- go.mod | 4 ++-- scrape/go.mod | 4 ++-- scrape/go.sum | 4 ++-- tools/go.mod | 3 ++- tools/go.sum | 4 ++-- 11 files changed, 35 insertions(+), 32 deletions(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 00298a5aa95..945c07d2956 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -24,7 +24,7 @@ jobs: shell: bash strategy: matrix: - go-version: [1.x, 1.22.x] + go-version: [1.x, 1.22.0] # test with N and the .0 release of N-1 platform: [ubuntu-latest] include: # include windows, but only with the latest Go version, since there diff --git a/README.md b/README.md index 5f6d5ab3ff0..5914581b6f0 100644 --- a/README.md +++ b/README.md @@ -9,11 +9,18 @@ go-github is a Go client library for accessing the [GitHub API v3][]. -**go-github requires Go version 1.17 and greater** and -the library is tested against Go version 1.22 and greater. go-github tracks -[Go's version support policy][support-policy]. We do our best not to break -older versions of Go if we don't have to, but due to tooling constraints, we -don't always test older versions. +go-github tracks [Go's version support policy][support-policy] supporting any +minor version of the latest two major releases of Go and the go directive in +go.mod reflects that. +We do our best not to break older versions of Go if we don't have to, but we +don't explicitly test older versions and as of Go 1.21 the go directive in +go.mod declares a hard required _minimum_ version of Go to use with this module +and this _must_ be greater than or equal to the go line of all dependencies so +go-github will require the N-1 major release of Go by default. + +[support-policy]: https://golang.org/doc/devel/release.html#policy + +## Development Go version 1.22 introduced significant changes to the pattern syntax and matching behavior of `http.ServerMux` which causes a large number of legacy unit tests to break. @@ -28,8 +35,6 @@ An issue has been created (#3409) requesting assistance in updating all breaking tests when this `GODEBUG` environment variable is not set and Go 1.23.4 or later is used to perform unit tests. -[support-policy]: https://golang.org/doc/devel/release.html#policy - If you're interested in using the [GraphQL API v4][], the recommended library is [shurcooL/githubv4][]. diff --git a/example/go.mod b/example/go.mod index 314b6c93ee5..bd784bf5921 100644 --- a/example/go.mod +++ b/example/go.mod @@ -1,13 +1,13 @@ module github.com/google/go-github/v68/example -go 1.22.10 +go 1.22.0 require ( github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371 github.com/bradleyfalzon/ghinstallation/v2 v2.0.4 github.com/gofri/go-github-ratelimit v1.0.3 github.com/google/go-github/v68 v68.0.0 - github.com/sigstore/sigstore-go v0.6.2 + github.com/sigstore/sigstore-go v0.5.1 golang.org/x/crypto v0.31.0 golang.org/x/term v0.27.0 google.golang.org/appengine v1.6.8 @@ -45,7 +45,6 @@ require ( github.com/hashicorp/go-cleanhttp v0.5.2 // indirect github.com/hashicorp/go-retryablehttp v0.7.7 // indirect github.com/hashicorp/hcl v1.0.0 // indirect - github.com/in-toto/attestation v1.1.0 // indirect github.com/in-toto/in-toto-golang v0.9.0 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/jedisct1/go-minisign v0.0.0-20211028175153-1c139d1cc84b // indirect @@ -66,7 +65,7 @@ require ( github.com/shibumi/go-pathspec v1.3.0 // indirect github.com/sigstore/protobuf-specs v0.3.2 // indirect github.com/sigstore/rekor v1.3.6 // indirect - github.com/sigstore/sigstore v1.8.9 // indirect + github.com/sigstore/sigstore v1.8.11 // indirect github.com/sigstore/timestamp-authority v1.2.2 // indirect github.com/sourcegraph/conc v0.3.0 // indirect github.com/spf13/afero v1.11.0 // indirect diff --git a/example/go.sum b/example/go.sum index 5fe8fd12e51..9fc9663b67c 100644 --- a/example/go.sum +++ b/example/go.sum @@ -203,8 +203,6 @@ github.com/hashicorp/vault/api v1.12.2 h1:7YkCTE5Ni90TcmYHDBExdt4WGJxhpzaHqR6uGb github.com/hashicorp/vault/api v1.12.2/go.mod h1:LSGf1NGT1BnvFFnKVtnvcaLBM2Lz+gJdpL6HUYed8KE= github.com/howeyc/gopass v0.0.0-20210920133722-c8aef6fb66ef h1:A9HsByNhogrvm9cWb28sjiS3i7tcKCkflWFEkHfuAgM= github.com/howeyc/gopass v0.0.0-20210920133722-c8aef6fb66ef/go.mod h1:lADxMC39cJJqL93Duh1xhAs4I2Zs8mKS89XWXFGp9cs= -github.com/in-toto/attestation v1.1.0 h1:oRWzfmZPDSctChD0VaQV7MJrywKOzyNrtpENQFq//2Q= -github.com/in-toto/attestation v1.1.0/go.mod h1:DB59ytd3z7cIHgXxwpSX2SABrU6WJUKg/grpdgHVgVs= github.com/in-toto/in-toto-golang v0.9.0 h1:tHny7ac4KgtsfrG6ybU8gVOZux2H8jN05AXJ9EBM1XU= github.com/in-toto/in-toto-golang v0.9.0/go.mod h1:xsBVrVsHNsB61++S6Dy2vWosKhuA3lUTQd+eF9HdeMo= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= @@ -285,10 +283,10 @@ github.com/sigstore/protobuf-specs v0.3.2 h1:nCVARCN+fHjlNCk3ThNXwrZRqIommIeNKWw github.com/sigstore/protobuf-specs v0.3.2/go.mod h1:RZ0uOdJR4OB3tLQeAyWoJFbNCBFrPQdcokntde4zRBA= github.com/sigstore/rekor v1.3.6 h1:QvpMMJVWAp69a3CHzdrLelqEqpTM3ByQRt5B5Kspbi8= github.com/sigstore/rekor v1.3.6/go.mod h1:JDTSNNMdQ/PxdsS49DJkJ+pRJCO/83nbR5p3aZQteXc= -github.com/sigstore/sigstore v1.8.9 h1:NiUZIVWywgYuVTxXmRoTT4O4QAGiTEKup4N1wdxFadk= -github.com/sigstore/sigstore v1.8.9/go.mod h1:d9ZAbNDs8JJfxJrYmulaTazU3Pwr8uLL9+mii4BNR3w= -github.com/sigstore/sigstore-go v0.6.2 h1:8uiywjt73vzfrGfWYVwVsiB1E1Qmwmpgr1kVpl4fs6A= -github.com/sigstore/sigstore-go v0.6.2/go.mod h1:pOIUH7Jx+ctwMICo+2zNrViOJJN5sGaQgwX4yAVJkA0= +github.com/sigstore/sigstore v1.8.11 h1:tEqeQqbT+awtM87ec9KEeSUxT/AFvJNawneYJyAkFrQ= +github.com/sigstore/sigstore v1.8.11/go.mod h1:fdrFQosxCQ4wTL5H1NrZcQkqQ72AQbPjtpcL2QOGKV0= +github.com/sigstore/sigstore-go v0.5.1 h1:5IhKvtjlQBeLnjKkzMELNG4tIBf+xXQkDzhLV77+/8Y= +github.com/sigstore/sigstore-go v0.5.1/go.mod h1:TuOfV7THHqiDaUHuJ5+QN23RP/YoKmsbwJpY+aaYPN0= github.com/sigstore/sigstore/pkg/signature/kms/aws v1.8.3 h1:LTfPadUAo+PDRUbbdqbeSl2OuoFQwUFTnJ4stu+nwWw= github.com/sigstore/sigstore/pkg/signature/kms/aws v1.8.3/go.mod h1:QV/Lxlxm0POyhfyBtIbTWxNeF18clMlkkyL9mu45y18= github.com/sigstore/sigstore/pkg/signature/kms/azure v1.8.3 h1:xgbPRCr2npmmsuVVteJqi/ERw9+I13Wou7kq0Yk4D8g= @@ -380,8 +378,8 @@ golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.22.0 h1:BzDx2FehcG7jJwgWLELCdmLuxk2i+x9UDpSiss2u0ZA= -golang.org/x/oauth2 v0.22.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/oauth2 v0.24.0 h1:KTBBxWqUa0ykRPLtV69rRto9TLXcqYkeswu48x/gvNE= +golang.org/x/oauth2 v0.24.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= diff --git a/example/newreposecretwithlibsodium/go.mod b/example/newreposecretwithlibsodium/go.mod index 281feb1a542..b7b85f22b40 100644 --- a/example/newreposecretwithlibsodium/go.mod +++ b/example/newreposecretwithlibsodium/go.mod @@ -1,6 +1,6 @@ module newreposecretwithlibsodium -go 1.22.10 +go 1.22.0 require ( github.com/GoKillers/libsodium-go v0.0.0-20171022220152-dd733721c3cb diff --git a/example/verifyartifact/main.go b/example/verifyartifact/main.go index f68d36aaa41..7409bade079 100644 --- a/example/verifyartifact/main.go +++ b/example/verifyartifact/main.go @@ -102,7 +102,7 @@ func main() { log.Fatal(err) } - var b *bundle.Bundle + var b *bundle.ProtobufBundle for _, attestation := range attestations.Attestations { if err := json.Unmarshal(attestation.Bundle, &b); err != nil { log.Fatal(err) @@ -180,7 +180,7 @@ func getPolicyBuilder() (*verify.PolicyBuilder, error) { return &pb, nil } -func runVerification(sev *verify.SignedEntityVerifier, pb *verify.PolicyBuilder, b *bundle.Bundle) error { +func runVerification(sev *verify.SignedEntityVerifier, pb *verify.PolicyBuilder, b *bundle.ProtobufBundle) error { res, err := sev.Verify(b, *pb) if err != nil { return err diff --git a/go.mod b/go.mod index 6e7d38a639a..e367366bdc7 100644 --- a/go.mod +++ b/go.mod @@ -1,8 +1,8 @@ module github.com/google/go-github/v68 +go 1.22.0 + require ( github.com/google/go-cmp v0.6.0 github.com/google/go-querystring v1.1.0 ) - -go 1.22.10 diff --git a/scrape/go.mod b/scrape/go.mod index aa681f89a34..e0d91574d21 100644 --- a/scrape/go.mod +++ b/scrape/go.mod @@ -1,9 +1,9 @@ module github.com/google/go-github/scrape -go 1.23.4 +go 1.22.0 require ( - github.com/PuerkitoBio/goquery v1.10.1 + github.com/PuerkitoBio/goquery v1.9.3 github.com/google/go-cmp v0.6.0 github.com/google/go-github/v68 v68.0.0 github.com/xlzd/gotp v0.1.0 diff --git a/scrape/go.sum b/scrape/go.sum index c596dce4b40..9e164640eaa 100644 --- a/scrape/go.sum +++ b/scrape/go.sum @@ -1,5 +1,5 @@ -github.com/PuerkitoBio/goquery v1.10.1 h1:Y8JGYUkXWTGRB6Ars3+j3kN0xg1YqqlwvdTV8WTFQcU= -github.com/PuerkitoBio/goquery v1.10.1/go.mod h1:IYiHrOMps66ag56LEH7QYDDupKXyo5A8qrjIx3ZtujY= +github.com/PuerkitoBio/goquery v1.9.3 h1:mpJr/ikUA9/GNJB/DBZcGeFDXUtosHRyRrwh7KGdTG0= +github.com/PuerkitoBio/goquery v1.9.3/go.mod h1:1ndLHPdTz+DyQPICCWYlYQMPl0oXZj0G6D4LCYA6u4U= github.com/andybalholm/cascadia v1.3.3 h1:AG2YHrzJIm4BZ19iwJ/DAua6Btl3IwJX+VI4kktS1LM= github.com/andybalholm/cascadia v1.3.3/go.mod h1:xNd9bqTn98Ln4DwST8/nG+H0yuB8Hmgu1YHNnWw0GeA= github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= diff --git a/tools/go.mod b/tools/go.mod index f5ca69b70d1..188a79ce51f 100644 --- a/tools/go.mod +++ b/tools/go.mod @@ -1,6 +1,6 @@ module tools -go 1.23.4 +go 1.22.0 require ( github.com/alecthomas/kong v1.6.0 @@ -14,6 +14,7 @@ require ( require ( github.com/go-openapi/jsonpointer v0.21.0 // indirect github.com/go-openapi/swag v0.23.0 // indirect + github.com/go-test/deep v1.1.1 // indirect github.com/google/go-querystring v1.1.0 // indirect github.com/invopop/yaml v0.3.1 // indirect github.com/josharian/intern v1.0.0 // indirect diff --git a/tools/go.sum b/tools/go.sum index 74e159fa447..3073cf11c8f 100644 --- a/tools/go.sum +++ b/tools/go.sum @@ -12,8 +12,8 @@ github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1 github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY= github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE= github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ= -github.com/go-test/deep v1.0.8 h1:TDsG77qcSprGbC6vTN8OuXp5g+J+b5Pcguhf7Zt61VM= -github.com/go-test/deep v1.0.8/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE= +github.com/go-test/deep v1.1.1 h1:0r/53hagsehfO4bzD2Pgr/+RgHqhmf+k1Bpse2cTu1U= +github.com/go-test/deep v1.1.1/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE= github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=