|author||Jay Conrod <firstname.lastname@example.org>||Wed Oct 13 10:39:31 2021 -0700|
|committer||Jay Conrod <email@example.com>||Wed Oct 13 18:00:41 2021 +0000|
x/mod: update requirement on x/crypto x/mod does not seem to be affected by this CVE (which is for x/crypto/ssh), but let's update anyway. Fixes golang/go#48943 Change-Id: I13f957a354d6f0260ae9fd586b6218151182909c Reviewed-on: https://go-review.googlesource.com/c/mod/+/355630 Trust: Jay Conrod <firstname.lastname@example.org> Run-TryBot: Jay Conrod <email@example.com> TryBot-Result: Go Bot <firstname.lastname@example.org> Reviewed-by: Bryan C. Mills <email@example.com>
This repository holds packages for writing tools that work directly with Go module mechanics. That is, it is for direct manipulation of Go modules themselves.
It is NOT about supporting general development tools that need to do things like load packages in module mode. That use case, where modules are incidental rather than the focus, should remain in x/tools, specifically x/tools/go/packages.
The specific case of loading packages should still be done by invoking the go command, which remains the single point of truth for package loading algorithms.