The github.com/iost-official/go-iost uses Go modules and the current release version is v3. And it’s module path is "github.com/iost-official/go-iost", instead of "github.com/iost-official/go-iost/v3". It must comply with the specification of "Releasing Modules for v2 or higher" available in the Modules documentation. Quoting the specification:
A package that has opted in to modules must include the major version in the import path to import any v2+ modules
To preserve import compatibility, the go command requires that modules with major version v2 or later use a module path with that major version as the final element. For example, version v2.0.0 of example.com/m must instead use module path example.com/m/v2.
https://github.com/golang/go/wiki/Modules#releasing-modules-v2-or-higher
Steps to Reproduce
GO111MODULE=on, run go get targeting any version >= v3.3.2 of the iost-official/go-iost:
$ go get github.com/iost-official/go-iost@v3.3.3
go: finding github.com/iost-official/go-iost v3.3.3
go: finding github.com/iost-official/go-iost v3.3.3
go get github.com/iost-official/go-iost@v3.3.3: github.com/iost-official/go-iost@v3.3.3: invalid version: module contains a go.mod file, so major version must be compatible: should be v0 or v1, not v3
run go get github.com/iost-official/go-iost, the version will stuck in v3.3.1:
SO anyone using Go modules will not be able to easily use any newer version of iost-official/go-iost.
Solution
1. Kill the go.mod files, rolling back to GOPATH.
This would push them back to not being managed by Go modules (instead of incorrectly using Go modules).
Ensure compatibility for downstream module-aware projects and module-unaware projects projects
2. Fix module path to strictly follow SIV rules.
Patch the go.mod file to declare the module path as github.com/iost-official/go-iost/v3 as per the specs. And adjust all internal imports.
The downstream projects might be negatively affected in their building if they are module-unaware (Go versions older than 1.9.7 and 1.10.3; Or use third-party dependency management tools, such as: Dep, glide,govendor…).
If you don't want to break the above repos. This method can provides better backwards-compatibility.
Release a v2 or higher module through the major subdirectory strategy: Create a new v3 subdirectory (github.com/iost-official/go-iost/v3) and place a new go.mod file in that subdirectory. The module path must end with /v3. Copy or move the code into the v3 subdirectory. Update import statements within the module to also use /v3 (import "github.com/iost-official/go-iost/v3/…"). Tag the release with v3.x.y.
3. Suggest your downstream module users use hash instead of a version tag.
If the standard rule of go modules conflicts with your development mode. Or not intended to be used as a library and does not make any guarantees about the API. So you can’t comply with the specification of "Releasing Modules for v2 or higher" available in the Modules documentation.
Regardless, since it's against one of the design choices of Go, it'll be a bit of a hack. Instead of go get github.com/iost-official/go-iost@version-tag, module users need to use this following way to get the iost-official/go-iost:
(1) Search for the tag you want (in browser)
(2) Get the commit hash for the tag you want
(3) Run go get github.com/iost-official/go-iost@commit-hash
(4) Edit the go.mod file to put a comment about which version you actually used
This will make it difficult for module users to get and upgrade iost-official/go-iost.
Background
The
github.com/iost-official/go-iost
uses Go modules and the current release version isv3
. And it’s module path is"github.com/iost-official/go-iost"
, instead of"github.com/iost-official/go-iost/v3"
. It must comply with the specification of "Releasing Modules for v2 or higher" available in the Modules documentation. Quoting the specification:Steps to Reproduce
GO111MODULE=on, run
go get
targeting any version >= v3.3.2 of theiost-official/go-iost
:run
go get github.com/iost-official/go-iost
, the version will stuck in v3.3.1:SO anyone using Go modules will not be able to easily use any newer version of
iost-official/go-iost
.Solution
1. Kill the go.mod files, rolling back to GOPATH.
This would push them back to not being managed by Go modules (instead of incorrectly using Go modules). Ensure compatibility for downstream module-aware projects and module-unaware projects projects
2. Fix module path to strictly follow SIV rules.
Patch the
go.mod
file to declare the module path asgithub.com/iost-official/go-iost/v3
as per the specs. And adjust all internal imports. The downstream projects might be negatively affected in their building if they are module-unaware (Go versions older than 1.9.7 and 1.10.3; Or use third-party dependency management tools, such as: Dep, glide,govendor…).*[]** You can see who will be affected here: [8 module-unaware user, i.e., iost-official/contracts, fatal0/poc, icloudland/go-iost-sdk] https://github.com/search?l=Go&p=25&q=iost-official%2Fgo-iost&type=Code
If you don't want to break the above repos. This method can provides better backwards-compatibility. Release a v2 or higher module through the major subdirectory strategy: Create a new v3
subdirectory
(github.com/iost-official/go-iost/v3) and place a new go.mod file in that subdirectory. Themodule path
must end with/v3
. Copy or move the code into the v3 subdirectory. Updateimport statements
within the module to also use/v3
(import "github.com/iost-official/go-iost/v3/…"). Tag the release withv3.x.y
.3. Suggest your downstream module users use hash instead of a version tag.
If the standard rule of go modules conflicts with your development mode. Or not intended to be used as a library and does not make any guarantees about the API. So you can’t comply with the specification of "Releasing Modules for v2 or higher" available in the Modules documentation. Regardless, since it's against one of the design choices of Go, it'll be a bit of a hack. Instead of
go get github.com/iost-official/go-iost@version-tag
, module users need to use this following way to get theiost-official/go-iost
: (1) Search for thetag
you want (in browser) (2) Get thecommit hash
for thetag
you want (3) Rungo get github.com/iost-official/go-iost@commit-hash
(4) Edit the go.mod file to put a comment about which version you actually used This will make it difficult for module users to get and upgradeiost-official/go-iost
.*[]** You can see who will be affected here: [1 module user, e.g., go-chain/go-hdwallet] https://github.com/go-chain/go-hdwallet/blob/master/go.mod#L14
Summary
You can make a choice to fix DM issues by balancing your own development schedules/mode against the affects on the downstream projects.
For this issue,
Solution 2
can maximize your benefits and with minimal impacts to your downstream projects the ecosystem.References