Google Git
Sign in
go / mod / c96bc1413d570acfb16c7db96b4380cb508ae205
commitc96bc1413d570acfb16c7db96b4380cb508ae205[log] [tgz]
authorJay Conrod <jayconrod@google.com>Wed Oct 13 10:39:31 2021 -0700
committerJay Conrod <jayconrod@google.com>Wed Oct 13 18:00:41 2021 +0000
tree9ffea5c2f6ed1e0211d38677ca6fcf8c7dc4fccc
parentecfafd6fa8469fef628a0c601fe67d27bd5cefab [diff]
x/mod: update requirement on x/crypto

x/mod does not seem to be affected by this CVE (which is for
x/crypto/ssh), but let's update anyway.

Fixes golang/go#48943

Change-Id: I13f957a354d6f0260ae9fd586b6218151182909c
Reviewed-on: https://go-review.googlesource.com/c/mod/+/355630
Trust: Jay Conrod <jayconrod@google.com>
Run-TryBot: Jay Conrod <jayconrod@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Bryan C. Mills <bcmills@google.com>
2 files changed
tree: 9ffea5c2f6ed1e0211d38677ca6fcf8c7dc4fccc
  1. gosumcheck/
  2. internal/
  3. modfile/
  4. module/
  5. semver/
  6. sumdb/
  7. zip/
  8. codereview.cfg
  9. go.mod
  10. go.sum
  11. LICENSE
  12. PATENTS
  13. README.md
README.md

mod

PkgGoDev

This repository holds packages for writing tools that work directly with Go module mechanics. That is, it is for direct manipulation of Go modules themselves.

It is NOT about supporting general development tools that need to do things like load packages in module mode. That use case, where modules are incidental rather than the focus, should remain in x/tools, specifically x/tools/go/packages.

The specific case of loading packages should still be done by invoking the go command, which remains the single point of truth for package loading algorithms.