Require specific version of golang.org/x/oauth2 due to compatibility issue with Vault #14
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This PR adds a specific version requirement for the
golang.org/x/oauth2
dependency in order to prevent an incompatibility with Vault. The cause of the incompatibility is that Vault depends ongo.etcd.io/etcd
and the current version ofgolang.org/x/oauth2
in this library depends ongoogle.golang.org/grpc v1.30.0
. Those two libraries are currently incompatible. More details on the issue are available at etcd-io/etcd#12124.Testing
I've tested that using this library with
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d
works as expected when integrated into vault-plugin-auth-jwt. I've also tested that there are no longer compile-time issues when integrating the plugin into Vault.