diff options
| author | Dmitri Goutnik <dmgk@FreeBSD.org> | 2022-05-05 11:12:44 +0000 |
|---|---|---|
| committer | Dmitri Goutnik <dmgk@FreeBSD.org> | 2022-05-05 11:39:45 +0000 |
| commit | 4e29133174dbb05c197b8398edd3831da9e5994f (patch) | |
| tree | 3aaea8689443eef22e90422f0e63efbac62addb3 | |
| parent | d2ed2b98e264a7f2991c1283773f2e63394f3776 (diff) | |
| download | ports-4e29133174dbb05c197b8398edd3831da9e5994f.tar.gz ports-4e29133174dbb05c197b8398edd3831da9e5994f.zip | |
Mk/Uses/go.mk: Be more lenient about vendoring
Add flag to `go mod vendor` instructing it to proceed despite errors
encountered while loading packages. This will allow build to continue
(with warnings) when e.g. upstream ships outdated go.sum with missing
checksums for some packages. Invalid checksums are still security
errors [1].
While here, add additional module cache revalidation after fetching
dependencies.
[1] https://go.dev/ref/mod#authenticating
| -rw-r--r-- | Mk/Uses/go.mk | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/Mk/Uses/go.mk b/Mk/Uses/go.mk index d77c78c63b84..96c46ce30fbc 100644 --- a/Mk/Uses/go.mk +++ b/Mk/Uses/go.mk @@ -162,7 +162,8 @@ post-fetch: @${ECHO_MSG} "===> Fetching ${GO_MODNAME} dependencies"; @(cd ${DISTDIR}/${DIST_SUBDIR}; \ [ -e go.mod ] || ${RLN} ${GO_MODFILE} go.mod; \ - ${SETENV} ${GO_ENV} GOPROXY=${GO_GOPROXY} ${GO_CMD} mod download -x) + ${SETENV} ${GO_ENV} GOPROXY=${GO_GOPROXY} ${GO_CMD} mod download -x; \ + ${SETENV} ${GO_ENV} GOPROXY=${GO_GOPROXY} ${GO_CMD} mod verify) . endif . if !target(post-extract) @@ -172,7 +173,7 @@ post-extract: @${LN} -sf ${WRKSRC} ${GO_WRKSRC} . elif ${go_ARGS:Mmodules} && defined(GO_MODULE) post-extract: - @(cd ${GO_WRKSRC}; ${SETENV} ${GO_ENV} GOPROXY=off ${GO_CMD} mod vendor) + @(cd ${GO_WRKSRC}; ${SETENV} ${GO_ENV} GOPROXY=off ${GO_CMD} mod vendor -e) . endif . endif |