-
Notifications
You must be signed in to change notification settings - Fork 17.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
cmd/go/internal/modfetch: add GOINSECURE #35357
Conversation
Thanks for your pull request. It looks like this may be your first contribution to a Google open source project (if not, look below for help). Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). 📝 Please visit https://cla.developers.google.com/ to sign. Once you've signed (or fixed any issues), please reply here with What to do if you already signed the CLAIndividual signers
Corporate signers
ℹ️ Googlers: Go here for more info. |
I think I have signed the CLA now. Also, I was very confused about how the script tests work to actually test this - are there some pointers somewhere on how I would run a script test with a custom webserver (that isn't secure!)? |
@googlebot I signed it! |
CLAs look good, thanks! ℹ️ Googlers: Go here for more info. |
This PR (HEAD: e0f7e06) has been imported to Gerrit for code review. Please visit https://go-review.googlesource.com/c/go/+/205238 to see it. Tip: You can toggle comments from me using the |
Message from Gobot Gobot: Patch Set 1: Congratulations on opening your first change. Thank you for your contribution! Next steps: Most changes in the Go project go through a few rounds of revision. This can be During May-July and Nov-Jan the Go project is in a code freeze, during which Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
Message from Bryan C. Mills: Patch Set 1: The code change looks good, but this needs a regression test. cmd/go tests in general belong in src/cmd/go/testdata/script; see the README there for documentation. (You may be able to extend the existing Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
Message from witchard: Patch Set 1: Thanks, I was a bit confused about the script tests so thanks for pointing at an example. I’ll have a go at that when I next get a chance. Do you think it makes sense that if GOINSECURE is set that should automatically set GONOPROXY for that dependency? Also, just to check, should I just amend the commit when I modify things; or is it ok to push multiple commits? Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
Message from Jay Conrod: Patch Set 1:
Just so you know, the Go 1.14 freeze started yesterday. We'd like pending CLs (except documentation and bug fixes) to be submitted by the following Monday, November 11. So we may hold this for Go 1.15 if it's not ready by then.
Either should work. Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
Message from Bryan C. Mills: Patch Set 1:
No, I don't think GOINSECURE should imply GONOPROXY. Consider, for example, a certificate expiration on some host: it is possible that the proxy has already cached most versions from that host, in which case you would prefer to use the proxy for those versions, only falling back to the insecure host for the specific versions that are not in the proxy's cache.
I believe that GerritBot squashes all of the commits when pulling in a GitHub PR anyway, and we do the actual reviewing on the Gerrit side, so either approach should be fine. Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
Message from witchard: Patch Set 1:
ah yes fair point, and less code too 😊 Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
This PR (HEAD: c2eb8af) has been imported to Gerrit for code review. Please visit https://go-review.googlesource.com/c/go/+/205238 to see it. Tip: You can toggle comments from me using the |
Message from Bryan C. Mills: Patch Set 2: (2 comments) Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
Message from witchard: Patch Set 2: (1 comment)
Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
Message from Bryan C. Mills: Patch Set 2: (1 comment) Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
Message from witchard: Patch Set 2: (2 comments)
Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
Message from Bryan C. Mills: Patch Set 2: (1 comment) Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
This PR (HEAD: e8f485a) has been imported to Gerrit for code review. Please visit https://go-review.googlesource.com/c/go/+/205238 to see it. Tip: You can toggle comments from me using the |
Message from Bryan C. Mills: Patch Set 3: (2 comments) Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
Enables insecure fetching of dependencies whos path matches those specified in the enironment variable GOINSECURE. Fixes golang#32966
This PR (HEAD: 2c87b30) has been imported to Gerrit for code review. Please visit https://go-review.googlesource.com/c/go/+/205238 to see it. Tip: You can toggle comments from me using the |
Message from Bryan C. Mills: Patch Set 4: Run-TryBot+1 Code-Review+2 TRY=linux-386-longtest Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
Message from Gobot Gobot: Patch Set 4: SlowBots beginning. Status page: https://farmer.golang.org/try?commit=c61ec5e1 Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
Message from Gobot Gobot: Patch Set 4: TryBot-Result-1 1 of 21 SlowBots failed: Consult https://build.golang.org/ to see whether they are new failures. Keep in mind that TryBots currently test exactly your git commit, without rebasing. If your commit's git parent is old, the failure might've already been fixed.Extra slowbot builds that ran:
Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
Message from Bryan C. Mills: Patch Set 5: Patch Set 4 was rebased Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
Message from Bryan C. Mills: Patch Set 5: Run-TryBot+1 Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
Message from Gobot Gobot: Patch Set 5: SlowBots beginning. Status page: https://farmer.golang.org/try?commit=3be39a28 Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
Message from witchard: Patch Set 5:
Out of interest - would it have been sensible for me to keep my branch rebased on master as I was working on it? Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
Message from Bryan C. Mills: Patch Set 5:
Normally, absolutely yes. This week? I'm not sure. (We've been dealing with a lot of runtime regressions this week. 😩) Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
Message from Gobot Gobot: Patch Set 5: TryBot-Result-1 1 of 21 SlowBots failed: Consult https://build.golang.org/ to see whether they are new failures. Keep in mind that TryBots currently test exactly your git commit, without rebasing. If your commit's git parent is old, the failure might've already been fixed.Extra slowbot builds that ran:
Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
Message from Bryan C. Mills: Patch Set 5: Code-Review+1
That's a known issue, https://golang.org/issue/35461. From a cmd/go perspective, I think this is good to go, but I'd like to get a second look from Jay before we merge it. Thanks for the quick turnaround! Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
Message from witchard: Patch Set 5:
No worries, thanks for you help 😊 Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
Enables insecure fetching of dependencies whos path matches those specified in the enironment variable GOINSECURE. Fixes #32966 Change-Id: I378920fbd5a4436df0b5af3fb5533e663e2cc758 GitHub-Last-Rev: 2c87b30 GitHub-Pull-Request: #35357 Reviewed-on: https://go-review.googlesource.com/c/go/+/205238 Run-TryBot: Bryan C. Mills <[email protected]> Reviewed-by: Bryan C. Mills <[email protected]> Reviewed-by: Jay Conrod <[email protected]>
Message from Jay Conrod: Patch Set 5: Code-Review+2 Looks good, thanks for working on this! Please don’t reply on this GitHub thread. Visit golang.org/cl/205238. |
This PR is being closed because golang.org/cl/205238 has been merged. |
Enables insecure fetching of dependencies whos path matches those specified in the enironment variable GOINSECURE. Fixes #32966 Change-Id: I378920fbd5a4436df0b5af3fb5533e663e2cc758 GitHub-Last-Rev: 2c87b303acbe86e273bd0b8514e338d34794b0d6 GitHub-Pull-Request: golang/go#35357 Reviewed-on: https://go-review.googlesource.com/c/go/+/205238 Run-TryBot: Bryan C. Mills <[email protected]> Reviewed-by: Bryan C. Mills <[email protected]> Reviewed-by: Jay Conrod <[email protected]>
Enables insecure fetching of dependencies whos path matches those specified in the enironment variable GOINSECURE. Fixes #32966 Change-Id: I378920fbd5a4436df0b5af3fb5533e663e2cc758 GitHub-Last-Rev: 2c87b303acbe86e273bd0b8514e338d34794b0d6 GitHub-Pull-Request: golang/go#35357 Reviewed-on: https://go-review.googlesource.com/c/go/+/205238 Run-TryBot: Bryan C. Mills <[email protected]> Reviewed-by: Bryan C. Mills <[email protected]> Reviewed-by: Jay Conrod <[email protected]>
Enables insecure fetching of dependencies whos path matches those specified in the enironment variable GOINSECURE. Fixes #32966 Change-Id: I378920fbd5a4436df0b5af3fb5533e663e2cc758 GitHub-Last-Rev: 2c87b303acbe86e273bd0b8514e338d34794b0d6 GitHub-Pull-Request: golang/go#35357 Reviewed-on: https://go-review.googlesource.com/c/go/+/205238 Run-TryBot: Bryan C. Mills <[email protected]> Reviewed-by: Bryan C. Mills <[email protected]> Reviewed-by: Jay Conrod <[email protected]>
Enables insecure fetching of dependencies whos path matches those specified in the enironment variable GOINSECURE. Fixes #32966 Change-Id: I378920fbd5a4436df0b5af3fb5533e663e2cc758 GitHub-Last-Rev: 2c87b303acbe86e273bd0b8514e338d34794b0d6 GitHub-Pull-Request: golang/go#35357 Reviewed-on: https://go-review.googlesource.com/c/go/+/205238 Run-TryBot: Bryan C. Mills <[email protected]> Reviewed-by: Bryan C. Mills <[email protected]> Reviewed-by: Jay Conrod <[email protected]>
Enables insecure fetching of dependencies whos path matches those specified in
the enironment variable GOINSECURE.
Fixes #32966