Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

cmd/go: show why indirect dependencies are needed #26620

Closed
gregory-m opened this issue Jul 26, 2018 · 8 comments

Comments

Projects
None yet
7 participants
@gregory-m
Copy link
Contributor

commented Jul 26, 2018

What version of Go are you using (go version)?

go version go1.11beta2 darwin/amd64

What did you do?

⇢ $ cat main.go
package main

import "github.com/aws/aws-sdk-go/service/s3"

func main() {
}
⇢ $ go1.11beta2 mod -init && go1.11beta2 mod -sync
go: creating new go.mod: module github.com/gregory-m/mod-test
go: finding github.com/aws/aws-sdk-go/service/s3 latest
go: finding github.com/aws/aws-sdk-go/service latest
go: finding github.com/smartystreets/goconvey/convey latest
go: finding github.com/stretchr/testify/assert latest
go: finding github.com/smartystreets/goconvey latest
go: finding golang.org/x/net/http2 latest
go: finding golang.org/x/net latest
go: finding github.com/davecgh/go-spew/spew latest
go: finding github.com/pmezard/go-difflib/difflib latest
go: finding github.com/smartystreets/assertions latest
go: finding golang.org/x/text/unicode/bidi latest
go: finding golang.org/x/text/unicode/norm latest
go: finding golang.org/x/text/unicode latest
go: finding golang.org/x/text/secure/bidirule latest
go: finding golang.org/x/text/secure latest
go: finding github.com/gopherjs/gopherjs/js latest
go: finding github.com/gopherjs/gopherjs latest
⇢ $ cat go.mod
module github.com/gregory-m/mod-test

require (
	github.com/aws/aws-sdk-go v1.14.33
	github.com/davecgh/go-spew v1.1.0 // indirect
	github.com/gopherjs/gopherjs v0.0.0-20180628210949-0892b62f0d9f // indirect
	github.com/jtolds/gls v4.2.1+incompatible // indirect
	github.com/pmezard/go-difflib v1.0.0 // indirect
	github.com/smartystreets/assertions v0.0.0-20180725160413-e900ae048470 // indirect
	github.com/smartystreets/goconvey v0.0.0-20180222194500-ef6db91d284a // indirect
	github.com/stretchr/testify v1.2.2 // indirect
	golang.org/x/net v0.0.0-20180724234803-3673e40ba225 // indirect
	golang.org/x/text v0.3.0 // indirect
)
⇢ $ go1.11beta2 mod -graph
github.com/gregory-m/mod-test github.com/aws/aws-sdk-go@v1.14.33
github.com/gregory-m/mod-test github.com/davecgh/go-spew@v1.1.0
github.com/gregory-m/mod-test github.com/go-ini/ini@v1.25.4
github.com/gregory-m/mod-test github.com/gopherjs/gopherjs@v0.0.0-20180628210949-0892b62f0d9f
github.com/gregory-m/mod-test github.com/jmespath/go-jmespath@v0.0.0-20160202185014-0b12d6b521d8
github.com/gregory-m/mod-test github.com/jtolds/gls@v4.2.1+incompatible
github.com/gregory-m/mod-test github.com/pmezard/go-difflib@v1.0.0
github.com/gregory-m/mod-test github.com/smartystreets/assertions@v0.0.0-20180725160413-e900ae048470
github.com/gregory-m/mod-test github.com/smartystreets/goconvey@v0.0.0-20180222194500-ef6db91d284a
github.com/gregory-m/mod-test github.com/stretchr/testify@v1.2.2
github.com/gregory-m/mod-test golang.org/x/net@v0.0.0-20180724234803-3673e40ba225
github.com/gregory-m/mod-test golang.org/x/text@v0.3.0
github.com/aws/aws-sdk-go@v1.14.33 github.com/go-ini/ini@v1.25.4
github.com/aws/aws-sdk-go@v1.14.33 github.com/jmespath/go-jmespath@v0.0.0-20160202185014-0b12d6b521d8

What did you expect to see?

Reason why gopherjs or any other indirect dependency added to mod file.

What did you see instead?

No simple way to understand why indirect dependencies added to mod file.

@oiooj oiooj added the modules label Jul 26, 2018

@bcmills

This comment has been minimized.

Copy link
Member

commented Jul 26, 2018

The -pgraph flag that @rsc mentioned in #26581 (comment) should address this, I think.

@bcmills bcmills added the NeedsFix label Jul 26, 2018

@bcmills bcmills added this to the Go1.11 milestone Jul 26, 2018

@bcmills bcmills changed the title cmd/go mod -graph does not show why indirect dependencies introduced cmd/go: show why indirect dependencies are needed Jul 26, 2018

@flibustenet

This comment has been minimized.

Copy link

commented Jul 26, 2018

Since go.mod is versioned it could be fine to record the origin of the indirect dependencies directly in the comments

// indirect from ... (and ... and ...)
@bcmills

This comment has been minimized.

Copy link
Member

commented Jul 26, 2018

For builds involving a lot of packages that could get pretty ungainly, and it would potentially add a lot of unnecessary diffs as the set of packages changes over time.

@pwaller

This comment has been minimized.

Copy link
Contributor

commented Aug 2, 2018

Hm. The current behaviour looks quite broken to me, I can't explain the output of this. Is it because the vast majority of the packages don't have their own concrete mod files yet?

It's confusing that it shows all of these as hanoverd imports - in reality hanoverd only imports a couple of packages, including docker, which results in quite a large tree.

But then, gopkg.in/yaml.v2@v2.2.1 gets its own line presumably because it is the only one with a mod file?

Output of `go mod graph`
github.com/sensiblecodeio/hanoverd github.com/Azure/go-ansiterm@v0.0.0-20170929234023-d6e3b3328b78
github.com/sensiblecodeio/hanoverd github.com/Microsoft/go-winio@v0.4.9
github.com/sensiblecodeio/hanoverd github.com/Nvveen/Gotty@v0.0.0-20120604004816-cd527374f1e5
github.com/sensiblecodeio/hanoverd github.com/codegangsta/cli@v1.20.0
github.com/sensiblecodeio/hanoverd github.com/containerd/continuity@v0.0.0-20180712174259-0377f7d76720
github.com/sensiblecodeio/hanoverd github.com/davecgh/go-spew@v1.1.0
github.com/sensiblecodeio/hanoverd github.com/docker/distribution@v0.0.0-20180720172123-0dae0957e5fe
github.com/sensiblecodeio/hanoverd github.com/docker/docker@v0.0.0-20180802135125-75fe41444009
github.com/sensiblecodeio/hanoverd github.com/docker/go-connections@v0.4.0
github.com/sensiblecodeio/hanoverd github.com/docker/go-units@v0.3.3
github.com/sensiblecodeio/hanoverd github.com/fsnotify/fsnotify@v1.4.7
github.com/sensiblecodeio/hanoverd github.com/gogo/protobuf@v1.1.1
github.com/sensiblecodeio/hanoverd github.com/golang/glog@v0.0.0-20160126235308-23def4e6c14b
github.com/sensiblecodeio/hanoverd github.com/golang/protobuf@v1.1.0
github.com/sensiblecodeio/hanoverd github.com/google/go-cmp@v0.2.0
github.com/sensiblecodeio/hanoverd github.com/gorilla/context@v1.1.1
github.com/sensiblecodeio/hanoverd github.com/gorilla/mux@v1.6.2
github.com/sensiblecodeio/hanoverd github.com/gorilla/websocket@v1.2.0
github.com/sensiblecodeio/hanoverd github.com/hpcloud/tail@v1.0.0
github.com/sensiblecodeio/hanoverd github.com/onsi/ginkgo@v1.6.0
github.com/sensiblecodeio/hanoverd github.com/onsi/gomega@v1.4.1
github.com/sensiblecodeio/hanoverd github.com/opencontainers/go-digest@v1.0.0-rc1
github.com/sensiblecodeio/hanoverd github.com/opencontainers/image-spec@v1.0.1
github.com/sensiblecodeio/hanoverd github.com/opencontainers/runc@v0.1.1
github.com/sensiblecodeio/hanoverd github.com/pkg/errors@v0.8.0
github.com/sensiblecodeio/hanoverd github.com/pmezard/go-difflib@v1.0.0
github.com/sensiblecodeio/hanoverd github.com/pwaller/barrier@v0.0.0-20161028091350-01ce0af009bb
github.com/sensiblecodeio/hanoverd github.com/sensiblecodeio/git-prep-directory@v0.0.0-20180712161016-0daf5738b16c
github.com/sensiblecodeio/hanoverd github.com/sensiblecodeio/hookbot@v0.0.0-20180702152317-dc721930501d
github.com/sensiblecodeio/hanoverd github.com/sirupsen/logrus@v1.0.6
github.com/sensiblecodeio/hanoverd github.com/stretchr/testify@v1.2.2
github.com/sensiblecodeio/hanoverd github.com/vaughan0/go-ini@v0.0.0-20130923145212-a98ad7ee00ec
github.com/sensiblecodeio/hanoverd golang.org/x/crypto@v0.0.0-20180723164146-c126467f60eb
github.com/sensiblecodeio/hanoverd golang.org/x/net@v0.0.0-20180801234040-f4c29de78a2a
github.com/sensiblecodeio/hanoverd golang.org/x/sync@v0.0.0-20180314180146-1d60e4601c6f
github.com/sensiblecodeio/hanoverd golang.org/x/sys@v0.0.0-20180801221139-3dc4335d56c7
github.com/sensiblecodeio/hanoverd golang.org/x/text@v0.3.0
github.com/sensiblecodeio/hanoverd golang.org/x/time@v0.0.0-20180412165947-fbb02b2291d2
github.com/sensiblecodeio/hanoverd google.golang.org/genproto@v0.0.0-20180731170733-daca94659cb5
github.com/sensiblecodeio/hanoverd google.golang.org/grpc@v1.14.0
github.com/sensiblecodeio/hanoverd gopkg.in/airbrake/gobrake.v2@v2.0.9
github.com/sensiblecodeio/hanoverd gopkg.in/fsnotify.v1@v1.4.7
github.com/sensiblecodeio/hanoverd gopkg.in/gemnasium/logrus-airbrake-hook.v2@v2.1.2
github.com/sensiblecodeio/hanoverd gopkg.in/tomb.v1@v1.0.0-20141024135613-dd632973f1e7
github.com/sensiblecodeio/hanoverd gopkg.in/yaml.v2@v2.2.1
github.com/sensiblecodeio/hanoverd gotest.tools@v2.1.0+incompatible
gopkg.in/yaml.v2@v2.2.1 gopkg.in/check.v1@v0.0.0-20161208181325-20d25e280405
@bcmills

This comment has been minimized.

Copy link
Member

commented Aug 2, 2018

Is it because the vast majority of the packages don't have their own concrete mod files yet?

I think so, yes. Was github.com/sensiblecodeio/hanoverd the main module in that invocation?

@pwaller

This comment has been minimized.

Copy link
Contributor

commented Aug 2, 2018

Yes.

@gopherbot

This comment has been minimized.

Copy link

commented Aug 7, 2018

Change https://golang.org/cl/128359 mentions this issue: cmd/go: add go mod why

@pwaller

This comment has been minimized.

Copy link
Contributor

commented Aug 8, 2018

@rsc: I'm concerned that the above CL might not actually fix the issue presented.

I understand there are two things going on, (1) you are addressing, and (2) not obviously?

  1. That there is the module+package graph, which go mod why is intended to explore.

  2. If I understand the outputs and my experience above correctly, -graph is not reporting edges in the module graph.

It's perhaps not explicitly clear, but in the outputs of -graph presented by the original issue and in my comment, -graph is attributing a huge swathe of dependencies to github.com/gregory-m/mod-test (OP) and github.com/sensiblecodeio/hanoverd (mine), when actually they are indirect dependencies. The only other edges shown appear to be for repositories which have physical .mod files.

I'd expect this is intended to be shown in -graph, but understand it is not currently?

@gopherbot gopherbot closed this in 7aa9855 Aug 10, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.