Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the extractor-dependencies group across 1 directory with 2 updates #97

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the extractor-dependencies group across 1 directory with 2 updates #97

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Jun 5, 2024
edited
Loading

Bumps the extractor-dependencies group with 2 updates in the /go/extractor directory: golang.org/x/mod and golang.org/x/tools.

Updates golang.org/x/mod from 0.14.0 to 0.18.0

Commits
  • c0bdc7b modfile: add API for godebug lines
  • 6686f41 module: add COM0 and LPT0 to badWindowsNames
  • aa51b25 modfile: do not collapse if there are unattached comments within blocks
  • 87140ec sumdb/tlog: make NewTiles only generate strictly necessary tiles
  • 18d3f56 modfile: fix crash on AddGoStmt in empty File
  • 766dc5d modfile: use new go version string format in WorkFile.add error
  • fa1ba42 sumdb: replace globsMatchPath with module.MatchPrefixPatterns
  • See full diff in compare view

Updates golang.org/x/tools from 0.15.0 to 0.22.0

Release notes

Sourced from golang.org/x/tools's releases.

gopls/v0.15.3

This release fixes the following regressions in gopls@v0.15.0+:

  • golang/go#66490: occasional crashes when the imports cache is refreshed.
  • golang/go#66425: spurious import errors in multi-root workspaces that have go.work replace directives.
  • golang/go#66636: a crash in analysis when the go.mod contains a patch version and gopls was built with Go 1.20 or earlier.
  • golang/go#66677: silent breakage when the go.mod file contains Go 1.22.x, and gopls was built with Go 1.21.x.
  • golang/go#66731: a rare crash when diagnostics are erroneously positioned outside the file due to malformed syntax.
  • golang/go#66647: a performance regression due to unnecessary reloading following "workspace/didChangeConfiguration" notifications. Under some not-yet-understood conditions, an apparent VS Code bug causes didChangeConfiguration notifications on every keystroke. With the zero-config logic of gopls@v0.15.0+, any didChangeConfiguration notification causes gopls to re-evaluate (and reload) the set of builds it tracks. With the v0.15.3 release, gopls verifies that configuration actually changed. Special thanks to @​gordallott for working with us to track down this bug.

gopls/v0.15.2

This release fixes the following regressions in gopls@v0.15.0+.

  • golang/go#66109: a crash when encountering a test file excluded via build tags, which also contained an invalid import of a main package. This could occur in a tools_test.go file implementing the common pattern for tool dependencies.
  • golang/go#66145: spurious import errors in multi-root workspaces. In some scenarios, the new zero-config logic added in gopls@v0.15.0 resulted in inaccurate errors about missing imports. This could occur when module A has a local replace of module B, and A and B are open as a separate workspace folders.
  • golang/go#66195: a crash when working on modules with a go directive of the form go a.b.c, when gopls was compiled with Go 1.20 or earlier.
  • golang/go#66090: a crash when SignatureHelp is cancelled (found via telemetry)
  • golang/go#66250: a crash in references when one of the package files is missing a package declaration (found via telemetry)

These last two crashes are worth highlighting. Both were found via the (off by default) automated crash reporting added in gopls@v0.15.0. Both were unlikely to get reported via GitHub issues, because they won't happen frequently enough for most LSP clients to notify the user. This is a perfect example of how telemetry can help us deliver a more reliable product than would be possible without automated reporting.

gopls/v0.15.1

This release fixes golang/go#65952, a crash in document highlighting when the cursor is in a return value for a function that has no results, such as the following example:

func f() { // <-- no results
   return 0| // <-- cursor at '|'
}

Thanks very much to @​patrickpichler who both reported and fixed this bug!

We're hopeful that once Go 1.23 is released, the opt-in automated crash reporting added in gopls v0.15.0 will increase the likelihood that these types of crashes are caught before they are released.

Commits
  • bc6931d go.mod: update golang.org/x dependencies
  • 1767b14 go/ssa: remove code with no effect
  • 2088083 internal/gocommand: add more debug info for hanging go commands
  • f1a3b12 internal/imports: FixImports should be cancellable
  • 4478db0 go/analysis/passes/copylock: suppress error in ill-typed code
  • 018d3b2 gopls: warn about Go 1.19 and Go 1.20
  • 58cc8a4 gopls/internal/filecache: suppress gc in tests
  • b623539 gopls/internal/cache: suppress "internal" import check on Bazel
  • 1e9d12d go/packages: pass -overlay to all 'go list' invocations
  • 3c293ad internal/cache: invalidate broken imports when package files change
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the extractor-dependencies group across 1 directory with 2 updates
41f837a 
Bumps the extractor-dependencies group with 2 updates in the /go/extractor directory: [golang.org/x/mod](https://github.com/golang/mod) and [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/mod` from 0.14.0 to 0.18.0
- [Commits](golang/mod@v0.14.0...v0.18.0)

Updates `golang.org/x/tools` from 0.15.0 to 0.22.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](golang/tools@v0.15.0...v0.22.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
- dependency-name: golang.org/x/tools
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jun 5, 2024
@dependabot Dependabot
Copy link
Author

dependabot bot commented on behalf of github Jun 5, 2024

Dependabot tried to add @jorgectf/codeql-go as a reviewer to this PR, but received the following error from GitHub:

POST https://api.github.com/repos/jorgectf/codeql/pulls/97/requested_reviewers: 422 - Reviews may only be requested from collaborators. One or more of the teams you specified is not a collaborator of the jorgectf/codeql repository. // See: https://docs.github.com/rest/pulls/review-requests#request-reviewers-for-a-pull-request

@dependabot dependabot bot mentioned this pull request Jun 5, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants