Bring back support for non go modules projects to v1.1+ #128
Comments
Bobgy
changed the title
|
JFYI, you can keep using go-licenses v1.0.0 before any further actions are taken. |
|
@Bobgy this is impacting our GH actions using the following config: jobs:
golicense-pr-scan:
runs-on: ubuntu-latest
steps:
- name: install-git
run: sudo apt-get install -y git
- name: install-golicenses
run: GOBIN=/usr/local/bin go install github.com/google/go-licenses@latest
- name: checkout
uses: actions/checkout@v3
- name: Configure git for private modules
env:
TOKEN: ${{ secrets.TOKEN }}
USER: ${{ secrets.USER }}
run: git config --global url."https://${USER}:${TOKEN}@github.com".insteadOf "https://github.com"
- name: Set up Go
uses: actions/setup-go@v3
with:
go-version: 1.21
- name: golicense-scan
run: |
go-licenses check ./... --ignore github.com/myorgWe can't downgrade to v1.0.0 as we require |
TylerGillson
added a commit
to validator-labs/validator-plugin-aws
that referenced
this issue
Nov 8, 2023
Signed-off-by: Tyler Gillson <[email protected]>
TylerGillson
added a commit
to validator-labs/validator-plugin-aws
that referenced
this issue
Nov 9, 2023
* test: add security checks Signed-off-by: Tyler Gillson <[email protected]> * fix: downgrade golicenses per google/go-licenses#128 Signed-off-by: Tyler Gillson <[email protected]> * fix: debug bulwark Signed-off-by: Tyler Gillson <[email protected]> * fix: add org flag for bulwark Signed-off-by: Tyler Gillson <[email protected]> * fix: use dev image for gitleaks Signed-off-by: Tyler Gillson <[email protected]> * fix: apply all gosec rules Signed-off-by: Tyler Gillson <[email protected]> * chore: switch back to public bulwark images Signed-off-by: Tyler Gillson <[email protected]> --------- Signed-off-by: Tyler Gillson <[email protected]>
robbkidd
added a commit
to honeycombio/refinery
that referenced
this issue
Feb 1, 2024
v1.1.0 dropped support for packages that aren't Go modules. That or any later version run against our current repo state will error with: > Package <package> does not have module info. Non go modules projects > are no longer supported. For feedback, refer to > google/go-licenses#128. Pinning our install to v1.0.0 seems to produce the LICENSES output consistent with what the project has been tracking so far.
robbkidd
added a commit
to honeycombio/refinery
that referenced
this issue
Feb 2, 2024
## Which problem is this PR solving? [go-licenses v1.1.0 dropped support for packages that aren't Go modules](https://github.com/google/go-licenses/releases/tag/v1.1.0). That or any later version run against our current repo state will result in many dozens of this error: > Package •thingie• does not have module info. Non go modules projects are no longer supported. For feedback, refer to google/go-licenses#128. ## Short description of the changes Pinning our install to v1.0.0 seems to produce the LICENSES output consistent with what the project has been tracking so far.
|
Simply changing |
mmontes11
added a commit
to mariadb-operator/mariadb-operator
that referenced
this issue
Mar 18, 2024
mmontes11
added a commit
to mariadb-operator/mariadb-operator
that referenced
this issue
Mar 18, 2024
mmontes11
added a commit
to mariadb-operator/mariadb-operator
that referenced
this issue
Mar 18, 2024
vdemeester
added a commit
to vdemeester/tektoncd-plumbing
that referenced
this issue
Jun 18, 2024
This should fixes issues we are getting with `go.mod` files containing the `toolchain` directive. See google/go-licenses#128. Signed-off-by: Vincent Demeester <[email protected]>
2 tasks
vdemeester
added a commit
to vdemeester/tektoncd-plumbing
that referenced
this issue
Jun 18, 2024
This should fixes issues we are getting with `go.mod` files containing the `toolchain` directive. See google/go-licenses#128. Signed-off-by: Vincent Demeester <[email protected]>
tekton-robot
pushed a commit
to tektoncd/plumbing
that referenced
this issue
Jun 19, 2024
This should fixes issues we are getting with `go.mod` files containing the `toolchain` directive. See google/go-licenses#128. Signed-off-by: Vincent Demeester <[email protected]>
matzew
added a commit
to matzew/knative-hack
that referenced
this issue
Sep 3, 2024
This should fixes issues we are getting with `go.mod` files containing the `toolchain` directive. See google/go-licenses#128. Signed-off-by: Matthias Wessendorf <[email protected]>
|
I ran into this today when trying to do a license scan of the https://github.com/crossplane/crossplane project. That shows many error messages like the following in the output: Looks like it's mostly the standard library. I was able to get some license scan output after running |
Legend, that same fix worked for me too EDIT: Sorry, the opposite is true for me lol (I had ./... last, now I have it first)- I am at least unblocked now though. |
|
I have the same issue as reported by @jbw976 above. I have a go.mod-backed proprietary project, and running go-licenses on it spits out a bunch of errors for the stdlib imports. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In v1.1, we made a breaking change of no longer supporting non go modules managed projects per discussions in #70. However, #125 seems to show that some users are still using GOPATH.
Creating this issue to track users who are still using GOPATH mode.
Please thumbs up if this affected you or comment about your scenario.
The text was updated successfully, but these errors were encountered: