all: update standard-library dependencies at the start and end of each development cycle #36905

bcmills · 2020-01-30T20:02:59Z

The x dependencies vendored into the standard library (via src/go.mod and src/cmd/go.mod) should be updated for each code freeze, so that we can apply any needed fixes to those dependencies without also pulling in unnecessary changes or requiring significant backporting work (see, for example, #36851).

This task, like #11811, #12042, and the API audit (#36167, #32813), should occur regularly in each development cycle. Probably we should update the dependencies at the beginning of each code freeze, and again when we reopen the tree at the end of each code freeze.

CC @golang/osp-team

The text was updated successfully, but these errors were encountered:

gopherbot · 2020-02-03T16:42:53Z

Change https://golang.org/cl/217517 mentions this issue: all: update module dependencies

dmitshur · 2020-02-19T20:16:00Z

This issue is currently labeled as early-in-cycle for Go 1.15. That time is now, so friendly ping.

Updates #36905 Updates #36907 Change-Id: I293dcef67800d5c81ff3a254bbd49309c5880710 Reviewed-on: https://go-review.googlesource.com/c/go/+/217517 Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>

bcmills · 2020-02-19T21:52:46Z

Completed the early-in-cycle update for the 1.15 cycle. Removing the label so we remember to revisit at the close of the cycle.

gopherbot · 2020-05-01T22:06:01Z

Change https://golang.org/cl/231657 mentions this issue: all: update module dependencies

The Go 1.15 code freeze has just started. This is the time to update all golang.org/x/... module versions that contribute packages to the std and cmd modules in the standard library to latest master versions. Those versions have already gone through code review, and now they will undergo additional testing during the freeze period. If there are new issues in these dependencies discovered, we have the freeze period to deal with that. By the end of the freeze period, we will have confidence that the Go 1.15 release and the dependency versions it has selected are robust. If one of the Go 1.15.x minor releases requires changing code in one of the vendored packages, we'll be able to do so on top of the versions that are selected here, and not be forced to use versions that came from different time periods, or try to jump across multiple untested versions in a minor release. The dependency versions that are selected in this commit are: github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3 github.com/ianlancetaylor/demangle v0.0.0-20200414190113-039b1ae3a340 golang.org/x/arch v0.0.0-20200312215426-ff8b605520f4 golang.org/x/crypto v0.0.0-20200429183012-4b2356b1ed79 golang.org/x/mod v0.2.1-0.20200429172858-859b3ef565e2 golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5 golang.org/x/sys v0.0.0-20200501145240-bc7a7d42d5c3 golang.org/x/text v0.3.3-0.20200430171850-afb9336c4530 golang.org/x/tools v0.0.0-20200504152539-33427f1b0364 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 github.com/ianlancetaylor/demangle is considered in scope and updated. github.com/google/pprof is out of scope and was not updated. For #36905. Change-Id: Icb6996eb0df11f16edd9a42e04434012c0336354 Reviewed-on: https://go-review.googlesource.com/c/go/+/231657 Reviewed-by: Bryan C. Mills <bcmills@google.com> Run-TryBot: Dmitri Shuralyov <dmitshur@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org>

dmitshur · 2020-05-04T22:53:20Z

Completed the start-of-freeze update for the 1.15 cycle in CL 231657. Moving to 1.16 milestone and adding early-in-cycle.

gopherbot · 2020-05-14T18:55:49Z

Change https://golang.org/cl/234002 mentions this issue: cmd: update golang.org/x/mod to v0.3.0 (same commit)

v0.3.0 is a tag on 859b3ef565e2, the version that was already being used. This change is a no-op, except for letting us use a release version instead of a pseudo-version. For #36905 Change-Id: I70b8ce2a3f1451f5602c469501362d7a6a673b12 Reviewed-on: https://go-review.googlesource.com/c/go/+/234002 Run-TryBot: Jay Conrod <jayconrod@google.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Michael Matloob <matloob@golang.org>

The Go 1.15 code freeze has just started. This is the time to update all golang.org/x/... module versions that contribute packages to the std and cmd modules in the standard library to latest master versions. Those versions have already gone through code review, and now they will undergo additional testing during the freeze period. If there are new issues in these dependencies discovered, we have the freeze period to deal with that. By the end of the freeze period, we will have confidence that the Go 1.15 release and the dependency versions it has selected are robust. If one of the Go 1.15.x minor releases requires changing code in one of the vendored packages, we'll be able to do so on top of the versions that are selected here, and not be forced to use versions that came from different time periods, or try to jump across multiple untested versions in a minor release. The dependency versions that are selected in this commit are: github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3 github.com/ianlancetaylor/demangle v0.0.0-20200414190113-039b1ae3a340 golang.org/x/arch v0.0.0-20200312215426-ff8b605520f4 golang.org/x/crypto v0.0.0-20200429183012-4b2356b1ed79 golang.org/x/mod v0.2.1-0.20200429172858-859b3ef565e2 golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5 golang.org/x/sys v0.0.0-20200501145240-bc7a7d42d5c3 golang.org/x/text v0.3.3-0.20200430171850-afb9336c4530 golang.org/x/tools v0.0.0-20200504152539-33427f1b0364 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 github.com/ianlancetaylor/demangle is considered in scope and updated. github.com/google/pprof is out of scope and was not updated. For golang#36905. Change-Id: Icb6996eb0df11f16edd9a42e04434012c0336354 Reviewed-on: https://go-review.googlesource.com/c/go/+/231657 Reviewed-by: Bryan C. Mills <bcmills@google.com> Run-TryBot: Dmitri Shuralyov <dmitshur@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org>

dmitshur · 2020-08-12T17:38:33Z

This issue is currently labeled as early-in-cycle for Go 1.16.
That time is now, so this is a friendly ping so the issue is looked at again.

dmitshur · 2020-09-17T17:46:49Z

I'm creating a short program that performs this task. Using a program makes it easier to precisely define our update policy, and adjust it over time as needed. It also makes this task less error prone and easier to review. Finally, this can help with #41409 and #36852.

The policy I'm implementing right now is informed by the strategy we used in past manual CLs (e.g., CL 231657), with small adjustments. The policy is for all modules in the GOROOT/src directory (currently, std and cmd), update all direct (not indirect) modules with the import path prefix "golang.org/x/" to their latest tip pseudo-version (which can later become tagged as a release version).

The small adjustment is that the github.com/ianlancetaylor/demangle module won't be automatically updated as part of this process. My rationale is that it's different enough that it probably warrants being updated on its own schedule, when there is an explicit need. /cc @ianlancetaylor

Indirect golang.org/x dependencies are not updated, although they could be. I'm going with the more conservative choice for now. I'm open to feedback on this, and can see pros/cons to both strategies.

I've also considered but left out other modules in the GOROOT tree (e.g., GOROOT/misc) for now.

dmitshur · 2020-09-17T17:57:12Z

Indirect golang.org/x dependencies are not updated, although they could be. I'm going with the more conservative choice for now. I'm open to feedback on this, and can see pros/cons to both strategies.

Looks like we did update indirect dependencies last time. If we don't, it leaves much fewer dependencies to update, because the go.mod files of golang.org/x modules aren't being updated very often.

Will think more about it and likely go with what we did last time as the next step here.

gopherbot · 2020-09-18T02:45:17Z

Change https://golang.org/cl/255859 mentions this issue: misc/update: add program to update golang.org/x dependencies

gopherbot · 2020-09-18T02:46:07Z

Change https://golang.org/cl/255860 mentions this issue: all: update vendored dependencies during Go 1.15 development

gopherbot · 2020-09-21T16:59:09Z

Change https://golang.org/cl/256357 mentions this issue: cmd/updatestd: add program to maintain standard library modules

Generated by: go install golang.org/x/tools/cmd/bundle@latest go install golang.org/x/build/cmd/updatestd@latest updatestd -goroot=$GOROOT -branch=master For golang#36905. For golang#55079. Fixes golang#61174 (vet checkers understanding Go language version). Fixes golang#61200 (slog InfoCtx -> InfoContext etc). Change-Id: I4f2c86960ce72d6df06e23da1b1297ab3ff2eecf Reviewed-on: https://go-review.googlesource.com/c/go/+/509099 Reviewed-by: Ian Lance Taylor <iant@google.com> Reviewed-by: Jonathan Amsterdam <jba@google.com> Reviewed-by: Alan Donovan <adonovan@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Heschi Kreinick <heschi@google.com> Reviewed-by: Bryan Mills <bcmills@google.com> Reviewed-by: Damien Neil <dneil@google.com>

gopherbot · 2024-02-16T05:09:05Z

Change https://go.dev/cl/564636 mentions this issue: cmd/pprof: update vendored github.com/google/pprof

Pull in the latest published version of github.com/google/pprof as part of the continuous process of keeping Go's dependencies up to date. Done with: go get github.com/google/pprof go mod tidy go mod vendor For #36905. Fixes #65741. Change-Id: Ice7b085c03ff69be97929cbe47bfd91954907529 Cq-Include-Trybots: luci.golang.try:gotip-linux-amd64-longtest Reviewed-on: https://go-review.googlesource.com/c/go/+/564636 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com>

The Go 1.23 development tree has opened. This is a time to update all golang.org/x/... module versions that contribute packages to the std and cmd modules in the standard library to latest master versions. Generated with: go install golang.org/x/build/cmd/updatestd@latest go install golang.org/x/tools/cmd/bundle@latest updatestd -goroot=$(pwd) -branch=master For golang#36905. Change-Id: I46a68f27a54f1e3f9e1aa5af4de6ee0b26388f3f Reviewed-on: https://go-review.googlesource.com/c/go/+/557457 Reviewed-by: Carlos Amedee <carlos@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>

Pull in the latest published version of github.com/google/pprof as part of the continuous process of keeping Go's dependencies up to date. Done with: go get github.com/google/pprof go mod tidy go mod vendor For golang#36905. Fixes golang#65741. Change-Id: Ice7b085c03ff69be97929cbe47bfd91954907529 Cq-Include-Trybots: luci.golang.try:gotip-linux-amd64-longtest Reviewed-on: https://go-review.googlesource.com/c/go/+/564636 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com>

gopherbot · 2024-06-03T17:23:10Z

Change https://go.dev/cl/589935 mentions this issue: all: update vendored dependencies

The Go 1.23 code freeze has recently started. This is a time to update all golang.org/x/... module versions that contribute packages to the std and cmd modules in the standard library to latest master versions. For #36905. [git-generate] go install golang.org/x/build/cmd/updatestd@latest go install golang.org/x/tools/cmd/bundle@latest updatestd -goroot=$(pwd) -branch=master Change-Id: I9162f547c148809d6fb1e4157f6f504634cef3b7 Reviewed-on: https://go-review.googlesource.com/c/go/+/589935 Auto-Submit: Michael Knyszek <mknyszek@google.com> Reviewed-by: Matthew Dempsky <mdempsky@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>

mknyszek · 2024-06-04T16:37:00Z

CL 589935 did the start-of-freeze update for the 1.23 cycle.
Moving to the Go 1.24 milestone and adding early-in-cycle.

gopherbot · 2024-07-23T19:05:36Z

This issue is currently labeled as early-in-cycle for Go 1.24.
That time is now, so a friendly reminder to look at it again.

gopherbot · 2024-07-23T19:38:54Z

Change https://go.dev/cl/600535 mentions this issue: all: update vendored dependencies

The Go 1.24 development tree has opened. This is a time to update all golang.org/x/... module versions that contribute packages to the std and cmd modules in the standard library to latest master versions. For #36905. [git-generate] go install golang.org/x/build/cmd/updatestd@latest go install golang.org/x/tools/cmd/bundle@latest updatestd -goroot=$(pwd) -branch=master Change-Id: I5a012af9f041f79ab4d5b30569a154e0c2d1617e Reviewed-on: https://go-review.googlesource.com/c/go/+/600535 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Cherry Mui <cherryyz@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>

gopherbot · 2024-07-23T22:16:27Z

Change https://go.dev/cl/600596 mentions this issue: cmd/pprof: update vendored github.com/google/pprof

dmitshur · 2024-07-23T22:18:02Z

CL 600535 did the early-in-cycle update for Go 1.24.
(Also sent CL 600596 to update a pprof dependency.)
Removing that label to revisit this when the freeze starts.

Pull in the latest published version of github.com/google/pprof as part of the continuous process of keeping Go's dependencies up to date. For #36905. [git-generate] cd src/cmd go get github.com/google/pprof@v0.0.0-20240722153945-304e4f0156b8 go mod tidy go mod vendor Change-Id: If009cff7f2d99ec58315102963cbe07b6739c09a Reviewed-on: https://go-review.googlesource.com/c/go/+/600596 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Cherry Mui <cherryyz@google.com> Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>

gopherbot · 2024-11-01T16:26:19Z

Change https://go.dev/cl/623821 mentions this issue: all: update golang.org/x/sys to pull in CL 614082 [generated]

A part of the keeping Go's vendored dependencies and generated code up to date. For #36905. [git-generate] cd src go get golang.org/x/sys@v0.26.1-0.20241105152852-e0753d469443 go mod tidy go mod vendor cd cmd go get golang.org/x/sys@v0.26.1-0.20241105152852-e0753d469443 go mod tidy go mod vendor go generate syscall internal/syscall/... Change-Id: Ia84505f8934399f7c4518c6218892b81d30e5c17 Cq-Include-Trybots: luci.golang.try:gotip-linux-amd64-longtest Reviewed-on: https://go-review.googlesource.com/c/go/+/623821 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> TryBot-Bypass: Dmitri Shuralyov <dmitshur@golang.org> Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Ian Lance Taylor <iant@google.com>

gopherbot · 2024-11-22T01:02:30Z

Change https://go.dev/cl/631035 mentions this issue: all: update golang.org/x/net [generated]

A part of the keeping Go's vendored dependencies and generated code up to date. This updates h2_bundle.go with unencrypted HTTP/2 support. For #36905. For #67816. [git-generate] cd src go get golang.org/x/net@v0.31.0 go mod tidy go mod vendor cd cmd go get golang.org/x/net@v0.31.0 go mod tidy go mod vendor go generate -run=bundle std Change-Id: I2b77f651b990f260fbe7d551c7a819518f1c983f Reviewed-on: https://go-review.googlesource.com/c/go/+/631035 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Damien Neil <dneil@google.com> Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>

gopherbot · 2024-11-22T21:25:58Z

Change https://go.dev/cl/631336 mentions this issue: all: update vendored dependencies [generated]

The Go 1.24 code freeze has recently started. This is a time to update all golang.org/x/... module versions that contribute packages to the std and cmd modules in the standard library to latest master versions. For #36905. [git-generate] go install golang.org/x/build/cmd/updatestd@latest go install golang.org/x/tools/cmd/bundle@latest updatestd -goroot=$(pwd) -branch=master Change-Id: I1b2e3b63ccc1137256d80c882b99ed26a66cbf6b Reviewed-on: https://go-review.googlesource.com/c/go/+/631336 Reviewed-by: Cherry Mui <cherryyz@google.com> Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> TryBot-Bypass: Dmitri Shuralyov <dmitshur@golang.org>

bcmills added the release-blocker label Jan 30, 2020

bcmills added this to the Go1.15 milestone Jan 30, 2020

bcmills added NeedsFix The path to resolution is known, but the work has not been done. early-in-cycle A change that should be done early in the 3 month dev cycle. labels Jan 30, 2020

bcmills removed the early-in-cycle A change that should be done early in the 3 month dev cycle. label Feb 19, 2020

dmitshur self-assigned this May 1, 2020

dmitshur mentioned this issue May 1, 2020

cmd/pprof: update for driver.ObjTool interface change #38802

Closed

dmitshur modified the milestones: Go1.15, Go1.16 May 4, 2020

dmitshur added the early-in-cycle A change that should be done early in the 3 month dev cycle. label May 4, 2020

dmitshur removed their assignment May 4, 2020

andybons added the recurring Issues that should never be closed, but moved to the next milestone once fixed in the current one. label Jul 30, 2020

cagedmantis assigned dmitshur Aug 27, 2020

dmitshur changed the title ~~all: update standard-library dependencies at the start and end of each code freeze~~ all: update standard-library dependencies at the start and end of each development cycle Sep 18, 2020

This was referenced May 23, 2024

cmd/pprof: panics if profile is not found #67626

Closed

cmd/go: revendor x/telemetry prior to go1.23.0 #67617

Closed

mknyszek modified the milestones: Go1.23, Go1.24 Jun 4, 2024

mknyszek added the early-in-cycle A change that should be done early in the 3 month dev cycle. label Jun 4, 2024

dmitshur mentioned this issue Jul 23, 2024

all: reopen tree for Go 1.24 development #67586

Closed

5 tasks

dmitshur self-assigned this Jul 23, 2024

dmitshur removed the early-in-cycle A change that should be done early in the 3 month dev cycle. label Jul 23, 2024

dmitshur removed their assignment Jul 23, 2024

dmitshur mentioned this issue Nov 26, 2024

cmd/vet: printf analyzer fails with generics #70572

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

all: update standard-library dependencies at the start and end of each development cycle #36905

all: update standard-library dependencies at the start and end of each development cycle #36905

bcmills commented Jan 30, 2020 •

edited

Loading

gopherbot commented Feb 3, 2020

dmitshur commented Feb 19, 2020

bcmills commented Feb 19, 2020

gopherbot commented May 1, 2020

dmitshur commented May 4, 2020

gopherbot commented May 14, 2020

dmitshur commented Aug 12, 2020

dmitshur commented Sep 17, 2020

dmitshur commented Sep 17, 2020

gopherbot commented Sep 18, 2020

gopherbot commented Sep 18, 2020

gopherbot commented Sep 21, 2020

gopherbot commented Feb 16, 2024

gopherbot commented Jun 3, 2024

mknyszek commented Jun 4, 2024

gopherbot commented Jul 23, 2024

gopherbot commented Jul 23, 2024

gopherbot commented Jul 23, 2024

dmitshur commented Jul 23, 2024

gopherbot commented Nov 1, 2024

gopherbot commented Nov 22, 2024

gopherbot commented Nov 22, 2024

all: update standard-library dependencies at the start and end of each development cycle #36905

all: update standard-library dependencies at the start and end of each development cycle #36905

Comments

bcmills commented Jan 30, 2020 • edited Loading

gopherbot commented Feb 3, 2020

dmitshur commented Feb 19, 2020

bcmills commented Feb 19, 2020

gopherbot commented May 1, 2020

dmitshur commented May 4, 2020

gopherbot commented May 14, 2020

dmitshur commented Aug 12, 2020

dmitshur commented Sep 17, 2020

dmitshur commented Sep 17, 2020

gopherbot commented Sep 18, 2020

gopherbot commented Sep 18, 2020

gopherbot commented Sep 21, 2020

gopherbot commented Feb 16, 2024

gopherbot commented Jun 3, 2024

mknyszek commented Jun 4, 2024

gopherbot commented Jul 23, 2024

gopherbot commented Jul 23, 2024

gopherbot commented Jul 23, 2024

dmitshur commented Jul 23, 2024

gopherbot commented Nov 1, 2024

gopherbot commented Nov 22, 2024

gopherbot commented Nov 22, 2024

bcmills commented Jan 30, 2020 •

edited

Loading