Respect canonical import comments

[rtfb]

What does this do / why do we need it?

This adds capability to pkgtree to extract canonical import path comments from the packages. That will later be used as additional constraints when solving the dependencies (will come in a separate PR).

(And a couple unrelated typo fixes and code cleanups along the way)

What should your reviewer look out for in this PR?

Do you need help or clarification on anything?

I was wondering, at the very end of ListPackages, where the package gets added to the Packages map, should I also add a copy with a canonical path key like blow? So that solver could see both versions available?

if pkg.CommentPath != "" {
	ptree.Packages[pkg.CommentPath] = PackageOrErr{
		P: pkg,
	}
}

Also, is there a way to develop from my fork? Can't even get tests running:

$ go test $(go list ./internal/gps/pkgtree/...)
# github.com/rtfb/dep/internal/gps/pkgtree
internal/gps/pkgtree/pkgtree_test.go:20:2: use of internal package not allowed
FAIL	github.com/rtfb/dep/internal/gps/pkgtree [setup failed]

It works fine on the main golang/dep repo, but then transplanting pieces of code to another repo before committing is tedious.

Which issue(s) does this PR fix?

This is phase 1 for issue #902.

[googlebot]

Thanks for your pull request. It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please visit https://cla.developers.google.com/ to sign.

Once you've signed, please reply here (e.g. I signed it!) and we'll verify. Thanks.

---

• If you've already signed a CLA, it's possible we don't have your GitHub username or you're using a different email address. Check your existing CLA data and verify that your email is set on your git commits.
• If your company signed a CLA, they designated a Point of Contact who decides which employees are authorized to participate. You may need to contact the Point of Contact for your company and ask to be added to the group of authorized contributors. If you don't know who your Point of Contact is, direct the project maintainer to go/cla#troubleshoot.
• In order to pass this check, please resolve this problem and have the pull request author add another comment and the bot will run again.

[rtfb]

I signed it!

…

On Tue, Aug 15, 2017 at 10:47 PM, googlebot ***@***.***> wrote: Thanks for your pull request. It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). 📝 *Please visit https://cla.developers.google.com/ <https://cla.developers.google.com/> to sign.* Once you've signed, please reply here (e.g. I signed it!) and we'll verify. Thanks. ------------------------------ - If you've already signed a CLA, it's possible we don't have your GitHub username or you're using a different email address. Check your existing CLA data <https://cla.developers.google.com/clas> and verify that your email is set on your git commits <https://help.github.com/articles/setting-your-email-in-git/>. - If your company signed a CLA, they designated a Point of Contact who decides which employees are authorized to participate. You may need to contact the Point of Contact for your company and ask to be added to the group of authorized contributors. If you don't know who your Point of Contact is, direct the project maintainer to go/cla#troubleshoot. - In order to pass this check, please resolve this problem and have the pull request author add another comment and the bot will run again. — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#1017 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAaBZEBDCv9dJbAtma0GMaHgRCuZJznfks5sYfXSgaJpZM4O4BPx> .

-- Vytautas Šaltenis On the Web: http://rtfb.lt/

[googlebot]

CLAs look good, thanks!

[sdboyer]

woohoo! so glad we're making progress on this.

Also, is there a way to develop from my fork? Can't even get tests running:

yep, the way i do it is to develop directly in $GOPATH/src/github.com/golang/dep, but add a second remote that points to my fork. i use my fork as origin, and this repo as upstream.

should I also add a copy with a canonical path key like blow? So that solver could see both versions available?

nope, we don't want that. the goal of ListPackages() is to provide an accurate picture of what's actually on disk - a virtual representation of the filesystem. we rely on that design principle in a lot of places; adding an entry that undermines that rule would just confuse things.

i'll try to do a review in the next day or two 😄

[sdboyer]

sorry sorry it took me so long! the mechanics of this look pretty good, but we need to change a bit about how the return semantics work.

[sdboyer]

nit: s/paths/path/

[sdboyer]

nit: s/else that/other than/

[sdboyer]

this needs softening a bit, as right now, the only cases where we return an actual error from ListPackages() itself (which is what this would result in) are more physical than logical - e.g., we can't actually read the filesystem. the rest of the API is built around that kind of assumption, too.

so, instead of returning the error directly, let's make this an error that we put in the PackageOrErr.Err slot on each package where we encounter the problem.

[rtfb]

I presume an equivalent change should be made to prevent ConflictingImportComments from leaking as well?

[rtfb]

sorry sorry it took me so long!

No worries, I haven't been able to spend significant time on it either :-). Just enough to address your feedback...

AppVeyor tests are failing at something that doesn't seem to be related. Can this be due to my branch falling too far behind? Should I rebase?

[sdboyer]

it wasn't you, it was other problems we were having. appveyor's been whipped back into line, now 😄

[sdboyer]

back, after more delay! basically wording and comment nits, but the mechanics look good. lots more that we could add with this later.

[sdboyer]

ok so i was originally going to suggest that we just keep a single string, rather than a []string, and upon encountering later values, just compare against that one string and error out immediately if we find an error. i was thinking that it might escape, but i ran it through with the optimization profiler (-gcflags '-m -m'), and turns out, it doesn't.

so, this is fine. just thought you might be interested that i checked that through 😄

[sdboyer]

microoptimization nit: quoted := make([]string, 0, len(ps))

[sdboyer]

Because the provenance of these errors can be a little confusing, let's include comments explaining the intent of the information recorded in each of the struct fields here, analogous to Package.

[sdboyer]

For more clarity, let's name this ConflictingImportComments.

[sdboyer]

As with the above, let's include brief field-by-field comments on these to explain where they come from.

[sdboyer]

i think this phrasing may end up being a bit confusing, as it would come out:

importing via path "github.com/foo/Bar", but package insists on a canonical path "github.com/foo/bar/bleep/blorp/bopkins"

(case variation here used only to provide a clear example, this probably isn't how it'll be seen most of the time)

i don't have a specific wording suggestion, but we should tweak this a little bit to accommodate the fact that we're contrasting a root path with what could potentially be a subpackage path.

[sdboyer]

bump

[rtfb]

Yeah, I'm on it. I was travelling when you last commented, and came around to sit down with it couple days back, only to find out that I was locked out of my GH 2FA during phone transition. You know, little joys of life :-)

I'll try to push an update later today.

[rtfb]

The build failed only on 1.9.x, with a lint error, while on others it passed. Weird :-/

[sdboyer]

no worries - thanks for keeping at this! and yeah, we only run the linters on the 1.9 travis build. it should just be that one issue, then: https://travis-ci.org/golang/dep/jobs/284321611#L547 - the newline byte slice var wasn't used.

i've no idea why the CLA bot is misbehaving. it's been doing this for a week or so now :(

[gmlewis]

I apologize for the CLA problems - we are working on resolving the issues. I've rescanned this PR and it is now cleared.

[sdboyer]

@gmlewis oh, i appreciate the update - and i didn't even have to go looking for anybody to ping about it! 👍 😄

[sdboyer]

great! i think this is ready to go 🎉