Open
Description
CL 172972 added a dependency on golang.org/x/sync
in golang.org/x/tools
. The go.mod and go.sum files were not updated.
There's nothing wrong with this dependency, but it should have been more noticeable during code review. If unexpected requirement were added to go.mod, human reviewers would see it.
TryBots should report an error if go.mod and go.sum change with go mod tidy
. This will make sure dependency changes are explicit, and it will keep builds deterministic.