vcs.go

     1  // Copyright 2012 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  package vcs
     6  
     7  import (
     8  	"bytes"
     9  	"errors"
    10  	"fmt"
    11  	"internal/godebug"
    12  	"internal/lazyregexp"
    13  	"internal/singleflight"
    14  	"io/fs"
    15  	"log"
    16  	urlpkg "net/url"
    17  	"os"
    18  	"os/exec"
    19  	"path/filepath"
    20  	"regexp"
    21  	"strconv"
    22  	"strings"
    23  	"sync"
    24  	"time"
    25  
    26  	"cmd/go/internal/base"
    27  	"cmd/go/internal/cfg"
    28  	"cmd/go/internal/search"
    29  	"cmd/go/internal/str"
    30  	"cmd/go/internal/web"
    31  	"cmd/internal/pathcache"
    32  
    33  	"golang.org/x/mod/module"
    34  )
    35  
    36  // A Cmd describes how to use a version control system
    37  // like Mercurial, Git, or Subversion.
    38  type Cmd struct {
    39  	Name      string
    40  	Cmd       string     // name of binary to invoke command
    41  	Env       []string   // any environment values to set/override
    42  	RootNames []rootName // filename and mode indicating the root of a checkout directory
    43  
    44  	CreateCmd   []string // commands to download a fresh copy of a repository
    45  	DownloadCmd []string // commands to download updates into an existing repository
    46  
    47  	TagCmd         []tagCmd // commands to list tags
    48  	TagLookupCmd   []tagCmd // commands to lookup tags before running tagSyncCmd
    49  	TagSyncCmd     []string // commands to sync to specific tag
    50  	TagSyncDefault []string // commands to sync to default tag
    51  
    52  	Scheme  []string
    53  	PingCmd string
    54  
    55  	RemoteRepo  func(v *Cmd, rootDir string) (remoteRepo string, err error)
    56  	ResolveRepo func(v *Cmd, rootDir, remoteRepo string) (realRepo string, err error)
    57  	Status      func(v *Cmd, rootDir string) (Status, error)
    58  }
    59  
    60  // Status is the current state of a local repository.
    61  type Status struct {
    62  	Revision    string    // Optional.
    63  	CommitTime  time.Time // Optional.
    64  	Uncommitted bool      // Required.
    65  }
    66  
    67  var (
    68  	// VCSTestRepoURL is the URL of the HTTP server that serves the repos for
    69  	// vcs-test.golang.org.
    70  	//
    71  	// In tests, this is set to the URL of an httptest.Server hosting a
    72  	// cmd/go/internal/vcweb.Server.
    73  	VCSTestRepoURL string
    74  
    75  	// VCSTestHosts is the set of hosts supported by the vcs-test server.
    76  	VCSTestHosts []string
    77  
    78  	// VCSTestIsLocalHost reports whether the given URL refers to a local
    79  	// (loopback) host, such as "localhost" or "127.0.0.1:8080".
    80  	VCSTestIsLocalHost func(*urlpkg.URL) bool
    81  )
    82  
    83  var defaultSecureScheme = map[string]bool{
    84  	"https":   true,
    85  	"git+ssh": true,
    86  	"bzr+ssh": true,
    87  	"svn+ssh": true,
    88  	"ssh":     true,
    89  }
    90  
    91  func (v *Cmd) IsSecure(repo string) bool {
    92  	u, err := urlpkg.Parse(repo)
    93  	if err != nil {
    94  		// If repo is not a URL, it's not secure.
    95  		return false
    96  	}
    97  	if VCSTestRepoURL != "" && web.IsLocalHost(u) {
    98  		// If the vcstest server is in use, it may redirect to other local ports for
    99  		// other protocols (such as svn). Assume that all loopback addresses are
   100  		// secure during testing.
   101  		return true
   102  	}
   103  	return v.isSecureScheme(u.Scheme)
   104  }
   105  
   106  func (v *Cmd) isSecureScheme(scheme string) bool {
   107  	switch v.Cmd {
   108  	case "git":
   109  		// GIT_ALLOW_PROTOCOL is an environment variable defined by Git. It is a
   110  		// colon-separated list of schemes that are allowed to be used with git
   111  		// fetch/clone. Any scheme not mentioned will be considered insecure.
   112  		if allow := os.Getenv("GIT_ALLOW_PROTOCOL"); allow != "" {
   113  			for _, s := range strings.Split(allow, ":") {
   114  				if s == scheme {
   115  					return true
   116  				}
   117  			}
   118  			return false
   119  		}
   120  	}
   121  	return defaultSecureScheme[scheme]
   122  }
   123  
   124  // A tagCmd describes a command to list available tags
   125  // that can be passed to tagSyncCmd.
   126  type tagCmd struct {
   127  	cmd     string // command to list tags
   128  	pattern string // regexp to extract tags from list
   129  }
   130  
   131  // vcsList lists the known version control systems
   132  var vcsList = []*Cmd{
   133  	vcsHg,
   134  	vcsGit,
   135  	vcsSvn,
   136  	vcsBzr,
   137  	vcsFossil,
   138  }
   139  
   140  // vcsMod is a stub for the "mod" scheme. It's returned by
   141  // repoRootForImportPathDynamic, but is otherwise not treated as a VCS command.
   142  var vcsMod = &Cmd{Name: "mod"}
   143  
   144  // vcsByCmd returns the version control system for the given
   145  // command name (hg, git, svn, bzr).
   146  func vcsByCmd(cmd string) *Cmd {
   147  	for _, vcs := range vcsList {
   148  		if vcs.Cmd == cmd {
   149  			return vcs
   150  		}
   151  	}
   152  	return nil
   153  }
   154  
   155  // vcsHg describes how to use Mercurial.
   156  var vcsHg = &Cmd{
   157  	Name: "Mercurial",
   158  	Cmd:  "hg",
   159  
   160  	// HGPLAIN=1 turns off additional output that a user may have enabled via
   161  	// config options or certain extensions.
   162  	Env: []string{"HGPLAIN=1"},
   163  	RootNames: []rootName{
   164  		{filename: ".hg", isDir: true},
   165  	},
   166  
   167  	CreateCmd:   []string{"clone -U -- {repo} {dir}"},
   168  	DownloadCmd: []string{"pull"},
   169  
   170  	// We allow both tag and branch names as 'tags'
   171  	// for selecting a version. This lets people have
   172  	// a go.release.r60 branch and a go1 branch
   173  	// and make changes in both, without constantly
   174  	// editing .hgtags.
   175  	TagCmd: []tagCmd{
   176  		{"tags", `^(\S+)`},
   177  		{"branches", `^(\S+)`},
   178  	},
   179  	TagSyncCmd:     []string{"update -r {tag}"},
   180  	TagSyncDefault: []string{"update default"},
   181  
   182  	Scheme:     []string{"https", "http", "ssh"},
   183  	PingCmd:    "identify -- {scheme}://{repo}",
   184  	RemoteRepo: hgRemoteRepo,
   185  	Status:     hgStatus,
   186  }
   187  
   188  func hgRemoteRepo(vcsHg *Cmd, rootDir string) (remoteRepo string, err error) {
   189  	out, err := vcsHg.runOutput(rootDir, "paths default")
   190  	if err != nil {
   191  		return "", err
   192  	}
   193  	return strings.TrimSpace(string(out)), nil
   194  }
   195  
   196  func hgStatus(vcsHg *Cmd, rootDir string) (Status, error) {
   197  	// Output changeset ID and seconds since epoch.
   198  	out, err := vcsHg.runOutputVerboseOnly(rootDir, `log -r. -T {node}:{date|hgdate}`)
   199  	if err != nil {
   200  		return Status{}, err
   201  	}
   202  
   203  	var rev string
   204  	var commitTime time.Time
   205  	if len(out) > 0 {
   206  		// Strip trailing timezone offset.
   207  		if i := bytes.IndexByte(out, ' '); i > 0 {
   208  			out = out[:i]
   209  		}
   210  		rev, commitTime, err = parseRevTime(out)
   211  		if err != nil {
   212  			return Status{}, err
   213  		}
   214  	}
   215  
   216  	// Also look for untracked files.
   217  	out, err = vcsHg.runOutputVerboseOnly(rootDir, "status -S")
   218  	if err != nil {
   219  		return Status{}, err
   220  	}
   221  	uncommitted := len(out) > 0
   222  
   223  	return Status{
   224  		Revision:    rev,
   225  		CommitTime:  commitTime,
   226  		Uncommitted: uncommitted,
   227  	}, nil
   228  }
   229  
   230  // parseRevTime parses commit details in "revision:seconds" format.
   231  func parseRevTime(out []byte) (string, time.Time, error) {
   232  	buf := string(bytes.TrimSpace(out))
   233  
   234  	i := strings.IndexByte(buf, ':')
   235  	if i < 1 {
   236  		return "", time.Time{}, errors.New("unrecognized VCS tool output")
   237  	}
   238  	rev := buf[:i]
   239  
   240  	secs, err := strconv.ParseInt(string(buf[i+1:]), 10, 64)
   241  	if err != nil {
   242  		return "", time.Time{}, fmt.Errorf("unrecognized VCS tool output: %v", err)
   243  	}
   244  
   245  	return rev, time.Unix(secs, 0), nil
   246  }
   247  
   248  // vcsGit describes how to use Git.
   249  var vcsGit = &Cmd{
   250  	Name: "Git",
   251  	Cmd:  "git",
   252  	RootNames: []rootName{
   253  		{filename: ".git", isDir: true},
   254  	},
   255  
   256  	CreateCmd:   []string{"clone -- {repo} {dir}", "-go-internal-cd {dir} submodule update --init --recursive"},
   257  	DownloadCmd: []string{"pull --ff-only", "submodule update --init --recursive"},
   258  
   259  	TagCmd: []tagCmd{
   260  		// tags/xxx matches a git tag named xxx
   261  		// origin/xxx matches a git branch named xxx on the default remote repository
   262  		{"show-ref", `(?:tags|origin)/(\S+)$`},
   263  	},
   264  	TagLookupCmd: []tagCmd{
   265  		{"show-ref tags/{tag} origin/{tag}", `((?:tags|origin)/\S+)$`},
   266  	},
   267  	TagSyncCmd: []string{"checkout {tag}", "submodule update --init --recursive"},
   268  	// both createCmd and downloadCmd update the working dir.
   269  	// No need to do more here. We used to 'checkout master'
   270  	// but that doesn't work if the default branch is not named master.
   271  	// DO NOT add 'checkout master' here.
   272  	// See golang.org/issue/9032.
   273  	TagSyncDefault: []string{"submodule update --init --recursive"},
   274  
   275  	Scheme: []string{"git", "https", "http", "git+ssh", "ssh"},
   276  
   277  	// Leave out the '--' separator in the ls-remote command: git 2.7.4 does not
   278  	// support such a separator for that command, and this use should be safe
   279  	// without it because the {scheme} value comes from the predefined list above.
   280  	// See golang.org/issue/33836.
   281  	PingCmd: "ls-remote {scheme}://{repo}",
   282  
   283  	RemoteRepo: gitRemoteRepo,
   284  	Status:     gitStatus,
   285  }
   286  
   287  // scpSyntaxRe matches the SCP-like addresses used by Git to access
   288  // repositories by SSH.
   289  var scpSyntaxRe = lazyregexp.New(`^(\w+)@([\w.-]+):(.*)$`)
   290  
   291  func gitRemoteRepo(vcsGit *Cmd, rootDir string) (remoteRepo string, err error) {
   292  	const cmd = "config remote.origin.url"
   293  	outb, err := vcsGit.run1(rootDir, cmd, nil, false)
   294  	if err != nil {
   295  		// if it doesn't output any message, it means the config argument is correct,
   296  		// but the config value itself doesn't exist
   297  		if outb != nil && len(outb) == 0 {
   298  			return "", errors.New("remote origin not found")
   299  		}
   300  		return "", err
   301  	}
   302  	out := strings.TrimSpace(string(outb))
   303  
   304  	var repoURL *urlpkg.URL
   305  	if m := scpSyntaxRe.FindStringSubmatch(out); m != nil {
   306  		// Match SCP-like syntax and convert it to a URL.
   307  		// Eg, "git@github.com:user/repo" becomes
   308  		// "ssh://git@github.com/user/repo".
   309  		repoURL = &urlpkg.URL{
   310  			Scheme: "ssh",
   311  			User:   urlpkg.User(m[1]),
   312  			Host:   m[2],
   313  			Path:   m[3],
   314  		}
   315  	} else {
   316  		repoURL, err = urlpkg.Parse(out)
   317  		if err != nil {
   318  			return "", err
   319  		}
   320  	}
   321  
   322  	// Iterate over insecure schemes too, because this function simply
   323  	// reports the state of the repo. If we can't see insecure schemes then
   324  	// we can't report the actual repo URL.
   325  	for _, s := range vcsGit.Scheme {
   326  		if repoURL.Scheme == s {
   327  			return repoURL.String(), nil
   328  		}
   329  	}
   330  	return "", errors.New("unable to parse output of git " + cmd)
   331  }
   332  
   333  func gitStatus(vcsGit *Cmd, rootDir string) (Status, error) {
   334  	out, err := vcsGit.runOutputVerboseOnly(rootDir, "status --porcelain")
   335  	if err != nil {
   336  		return Status{}, err
   337  	}
   338  	uncommitted := len(out) > 0
   339  
   340  	// "git status" works for empty repositories, but "git log" does not.
   341  	// Assume there are no commits in the repo when "git log" fails with
   342  	// uncommitted files and skip tagging revision / committime.
   343  	var rev string
   344  	var commitTime time.Time
   345  	out, err = vcsGit.runOutputVerboseOnly(rootDir, "-c log.showsignature=false log -1 --format=%H:%ct")
   346  	if err != nil && !uncommitted {
   347  		return Status{}, err
   348  	} else if err == nil {
   349  		rev, commitTime, err = parseRevTime(out)
   350  		if err != nil {
   351  			return Status{}, err
   352  		}
   353  	}
   354  
   355  	return Status{
   356  		Revision:    rev,
   357  		CommitTime:  commitTime,
   358  		Uncommitted: uncommitted,
   359  	}, nil
   360  }
   361  
   362  // vcsBzr describes how to use Bazaar.
   363  var vcsBzr = &Cmd{
   364  	Name: "Bazaar",
   365  	Cmd:  "bzr",
   366  	RootNames: []rootName{
   367  		{filename: ".bzr", isDir: true},
   368  	},
   369  
   370  	CreateCmd: []string{"branch -- {repo} {dir}"},
   371  
   372  	// Without --overwrite bzr will not pull tags that changed.
   373  	// Replace by --overwrite-tags after http://pad.lv/681792 goes in.
   374  	DownloadCmd: []string{"pull --overwrite"},
   375  
   376  	TagCmd:         []tagCmd{{"tags", `^(\S+)`}},
   377  	TagSyncCmd:     []string{"update -r {tag}"},
   378  	TagSyncDefault: []string{"update -r revno:-1"},
   379  
   380  	Scheme:      []string{"https", "http", "bzr", "bzr+ssh"},
   381  	PingCmd:     "info -- {scheme}://{repo}",
   382  	RemoteRepo:  bzrRemoteRepo,
   383  	ResolveRepo: bzrResolveRepo,
   384  	Status:      bzrStatus,
   385  }
   386  
   387  func bzrRemoteRepo(vcsBzr *Cmd, rootDir string) (remoteRepo string, err error) {
   388  	outb, err := vcsBzr.runOutput(rootDir, "config parent_location")
   389  	if err != nil {
   390  		return "", err
   391  	}
   392  	return strings.TrimSpace(string(outb)), nil
   393  }
   394  
   395  func bzrResolveRepo(vcsBzr *Cmd, rootDir, remoteRepo string) (realRepo string, err error) {
   396  	outb, err := vcsBzr.runOutput(rootDir, "info "+remoteRepo)
   397  	if err != nil {
   398  		return "", err
   399  	}
   400  	out := string(outb)
   401  
   402  	// Expect:
   403  	// ...
   404  	//   (branch root|repository branch): <URL>
   405  	// ...
   406  
   407  	found := false
   408  	for _, prefix := range []string{"\n  branch root: ", "\n  repository branch: "} {
   409  		i := strings.Index(out, prefix)
   410  		if i >= 0 {
   411  			out = out[i+len(prefix):]
   412  			found = true
   413  			break
   414  		}
   415  	}
   416  	if !found {
   417  		return "", fmt.Errorf("unable to parse output of bzr info")
   418  	}
   419  
   420  	i := strings.Index(out, "\n")
   421  	if i < 0 {
   422  		return "", fmt.Errorf("unable to parse output of bzr info")
   423  	}
   424  	out = out[:i]
   425  	return strings.TrimSpace(out), nil
   426  }
   427  
   428  func bzrStatus(vcsBzr *Cmd, rootDir string) (Status, error) {
   429  	outb, err := vcsBzr.runOutputVerboseOnly(rootDir, "version-info")
   430  	if err != nil {
   431  		return Status{}, err
   432  	}
   433  	out := string(outb)
   434  
   435  	// Expect (non-empty repositories only):
   436  	//
   437  	// revision-id: gopher@gopher.net-20211021072330-qshok76wfypw9lpm
   438  	// date: 2021-09-21 12:00:00 +1000
   439  	// ...
   440  	var rev string
   441  	var commitTime time.Time
   442  
   443  	for _, line := range strings.Split(out, "\n") {
   444  		i := strings.IndexByte(line, ':')
   445  		if i < 0 {
   446  			continue
   447  		}
   448  		key := line[:i]
   449  		value := strings.TrimSpace(line[i+1:])
   450  
   451  		switch key {
   452  		case "revision-id":
   453  			rev = value
   454  		case "date":
   455  			var err error
   456  			commitTime, err = time.Parse("2006-01-02 15:04:05 -0700", value)
   457  			if err != nil {
   458  				return Status{}, errors.New("unable to parse output of bzr version-info")
   459  			}
   460  		}
   461  	}
   462  
   463  	outb, err = vcsBzr.runOutputVerboseOnly(rootDir, "status")
   464  	if err != nil {
   465  		return Status{}, err
   466  	}
   467  
   468  	// Skip warning when working directory is set to an older revision.
   469  	if bytes.HasPrefix(outb, []byte("working tree is out of date")) {
   470  		i := bytes.IndexByte(outb, '\n')
   471  		if i < 0 {
   472  			i = len(outb)
   473  		}
   474  		outb = outb[:i]
   475  	}
   476  	uncommitted := len(outb) > 0
   477  
   478  	return Status{
   479  		Revision:    rev,
   480  		CommitTime:  commitTime,
   481  		Uncommitted: uncommitted,
   482  	}, nil
   483  }
   484  
   485  // vcsSvn describes how to use Subversion.
   486  var vcsSvn = &Cmd{
   487  	Name: "Subversion",
   488  	Cmd:  "svn",
   489  	RootNames: []rootName{
   490  		{filename: ".svn", isDir: true},
   491  	},
   492  
   493  	CreateCmd:   []string{"checkout -- {repo} {dir}"},
   494  	DownloadCmd: []string{"update"},
   495  
   496  	// There is no tag command in subversion.
   497  	// The branch information is all in the path names.
   498  
   499  	Scheme:     []string{"https", "http", "svn", "svn+ssh"},
   500  	PingCmd:    "info -- {scheme}://{repo}",
   501  	RemoteRepo: svnRemoteRepo,
   502  	Status:     svnStatus,
   503  }
   504  
   505  func svnRemoteRepo(vcsSvn *Cmd, rootDir string) (remoteRepo string, err error) {
   506  	outb, err := vcsSvn.runOutput(rootDir, "info")
   507  	if err != nil {
   508  		return "", err
   509  	}
   510  	out := string(outb)
   511  
   512  	// Expect:
   513  	//
   514  	//	 ...
   515  	// 	URL: <URL>
   516  	// 	...
   517  	//
   518  	// Note that we're not using the Repository Root line,
   519  	// because svn allows checking out subtrees.
   520  	// The URL will be the URL of the subtree (what we used with 'svn co')
   521  	// while the Repository Root may be a much higher parent.
   522  	i := strings.Index(out, "\nURL: ")
   523  	if i < 0 {
   524  		return "", fmt.Errorf("unable to parse output of svn info")
   525  	}
   526  	out = out[i+len("\nURL: "):]
   527  	i = strings.Index(out, "\n")
   528  	if i < 0 {
   529  		return "", fmt.Errorf("unable to parse output of svn info")
   530  	}
   531  	out = out[:i]
   532  	return strings.TrimSpace(out), nil
   533  }
   534  
   535  func svnStatus(vcsSvn *Cmd, rootDir string) (Status, error) {
   536  	out, err := vcsSvn.runOutputVerboseOnly(rootDir, "info --show-item last-changed-revision")
   537  	if err != nil {
   538  		return Status{}, err
   539  	}
   540  	rev := strings.TrimSpace(string(out))
   541  
   542  	out, err = vcsSvn.runOutputVerboseOnly(rootDir, "info --show-item last-changed-date")
   543  	if err != nil {
   544  		return Status{}, err
   545  	}
   546  	commitTime, err := time.Parse(time.RFC3339, strings.TrimSpace(string(out)))
   547  	if err != nil {
   548  		return Status{}, fmt.Errorf("unable to parse output of svn info: %v", err)
   549  	}
   550  
   551  	out, err = vcsSvn.runOutputVerboseOnly(rootDir, "status")
   552  	if err != nil {
   553  		return Status{}, err
   554  	}
   555  	uncommitted := len(out) > 0
   556  
   557  	return Status{
   558  		Revision:    rev,
   559  		CommitTime:  commitTime,
   560  		Uncommitted: uncommitted,
   561  	}, nil
   562  }
   563  
   564  // fossilRepoName is the name go get associates with a fossil repository. In the
   565  // real world the file can be named anything.
   566  const fossilRepoName = ".fossil"
   567  
   568  // vcsFossil describes how to use Fossil (fossil-scm.org)
   569  var vcsFossil = &Cmd{
   570  	Name: "Fossil",
   571  	Cmd:  "fossil",
   572  	RootNames: []rootName{
   573  		{filename: ".fslckout", isDir: false},
   574  		{filename: "_FOSSIL_", isDir: false},
   575  	},
   576  
   577  	CreateCmd:   []string{"-go-internal-mkdir {dir} clone -- {repo} " + filepath.Join("{dir}", fossilRepoName), "-go-internal-cd {dir} open .fossil"},
   578  	DownloadCmd: []string{"up"},
   579  
   580  	TagCmd:         []tagCmd{{"tag ls", `(.*)`}},
   581  	TagSyncCmd:     []string{"up tag:{tag}"},
   582  	TagSyncDefault: []string{"up trunk"},
   583  
   584  	Scheme:     []string{"https", "http"},
   585  	RemoteRepo: fossilRemoteRepo,
   586  	Status:     fossilStatus,
   587  }
   588  
   589  func fossilRemoteRepo(vcsFossil *Cmd, rootDir string) (remoteRepo string, err error) {
   590  	out, err := vcsFossil.runOutput(rootDir, "remote-url")
   591  	if err != nil {
   592  		return "", err
   593  	}
   594  	return strings.TrimSpace(string(out)), nil
   595  }
   596  
   597  var errFossilInfo = errors.New("unable to parse output of fossil info")
   598  
   599  func fossilStatus(vcsFossil *Cmd, rootDir string) (Status, error) {
   600  	outb, err := vcsFossil.runOutputVerboseOnly(rootDir, "info")
   601  	if err != nil {
   602  		return Status{}, err
   603  	}
   604  	out := string(outb)
   605  
   606  	// Expect:
   607  	// ...
   608  	// checkout:     91ed71f22c77be0c3e250920f47bfd4e1f9024d2 2021-09-21 12:00:00 UTC
   609  	// ...
   610  
   611  	// Extract revision and commit time.
   612  	// Ensure line ends with UTC (known timezone offset).
   613  	const prefix = "\ncheckout:"
   614  	const suffix = " UTC"
   615  	i := strings.Index(out, prefix)
   616  	if i < 0 {
   617  		return Status{}, errFossilInfo
   618  	}
   619  	checkout := out[i+len(prefix):]
   620  	i = strings.Index(checkout, suffix)
   621  	if i < 0 {
   622  		return Status{}, errFossilInfo
   623  	}
   624  	checkout = strings.TrimSpace(checkout[:i])
   625  
   626  	i = strings.IndexByte(checkout, ' ')
   627  	if i < 0 {
   628  		return Status{}, errFossilInfo
   629  	}
   630  	rev := checkout[:i]
   631  
   632  	commitTime, err := time.ParseInLocation(time.DateTime, checkout[i+1:], time.UTC)
   633  	if err != nil {
   634  		return Status{}, fmt.Errorf("%v: %v", errFossilInfo, err)
   635  	}
   636  
   637  	// Also look for untracked changes.
   638  	outb, err = vcsFossil.runOutputVerboseOnly(rootDir, "changes --differ")
   639  	if err != nil {
   640  		return Status{}, err
   641  	}
   642  	uncommitted := len(outb) > 0
   643  
   644  	return Status{
   645  		Revision:    rev,
   646  		CommitTime:  commitTime,
   647  		Uncommitted: uncommitted,
   648  	}, nil
   649  }
   650  
   651  func (v *Cmd) String() string {
   652  	return v.Name
   653  }
   654  
   655  // run runs the command line cmd in the given directory.
   656  // keyval is a list of key, value pairs. run expands
   657  // instances of {key} in cmd into value, but only after
   658  // splitting cmd into individual arguments.
   659  // If an error occurs, run prints the command line and the
   660  // command's combined stdout+stderr to standard error.
   661  // Otherwise run discards the command's output.
   662  func (v *Cmd) run(dir string, cmd string, keyval ...string) error {
   663  	_, err := v.run1(dir, cmd, keyval, true)
   664  	return err
   665  }
   666  
   667  // runVerboseOnly is like run but only generates error output to standard error in verbose mode.
   668  func (v *Cmd) runVerboseOnly(dir string, cmd string, keyval ...string) error {
   669  	_, err := v.run1(dir, cmd, keyval, false)
   670  	return err
   671  }
   672  
   673  // runOutput is like run but returns the output of the command.
   674  func (v *Cmd) runOutput(dir string, cmd string, keyval ...string) ([]byte, error) {
   675  	return v.run1(dir, cmd, keyval, true)
   676  }
   677  
   678  // runOutputVerboseOnly is like runOutput but only generates error output to
   679  // standard error in verbose mode.
   680  func (v *Cmd) runOutputVerboseOnly(dir string, cmd string, keyval ...string) ([]byte, error) {
   681  	return v.run1(dir, cmd, keyval, false)
   682  }
   683  
   684  // run1 is the generalized implementation of run and runOutput.
   685  func (v *Cmd) run1(dir string, cmdline string, keyval []string, verbose bool) ([]byte, error) {
   686  	m := make(map[string]string)
   687  	for i := 0; i < len(keyval); i += 2 {
   688  		m[keyval[i]] = keyval[i+1]
   689  	}
   690  	args := strings.Fields(cmdline)
   691  	for i, arg := range args {
   692  		args[i] = expand(m, arg)
   693  	}
   694  
   695  	if len(args) >= 2 && args[0] == "-go-internal-mkdir" {
   696  		var err error
   697  		if filepath.IsAbs(args[1]) {
   698  			err = os.Mkdir(args[1], fs.ModePerm)
   699  		} else {
   700  			err = os.Mkdir(filepath.Join(dir, args[1]), fs.ModePerm)
   701  		}
   702  		if err != nil {
   703  			return nil, err
   704  		}
   705  		args = args[2:]
   706  	}
   707  
   708  	if len(args) >= 2 && args[0] == "-go-internal-cd" {
   709  		if filepath.IsAbs(args[1]) {
   710  			dir = args[1]
   711  		} else {
   712  			dir = filepath.Join(dir, args[1])
   713  		}
   714  		args = args[2:]
   715  	}
   716  
   717  	_, err := pathcache.LookPath(v.Cmd)
   718  	if err != nil {
   719  		fmt.Fprintf(os.Stderr,
   720  			"go: missing %s command. See https://golang.org/s/gogetcmd\n",
   721  			v.Name)
   722  		return nil, err
   723  	}
   724  
   725  	cmd := exec.Command(v.Cmd, args...)
   726  	cmd.Dir = dir
   727  	if v.Env != nil {
   728  		cmd.Env = append(cmd.Environ(), v.Env...)
   729  	}
   730  	if cfg.BuildX {
   731  		fmt.Fprintf(os.Stderr, "cd %s\n", dir)
   732  		fmt.Fprintf(os.Stderr, "%s %s\n", v.Cmd, strings.Join(args, " "))
   733  	}
   734  	out, err := cmd.Output()
   735  	if err != nil {
   736  		if verbose || cfg.BuildV {
   737  			fmt.Fprintf(os.Stderr, "# cd %s; %s %s\n", dir, v.Cmd, strings.Join(args, " "))
   738  			if ee, ok := err.(*exec.ExitError); ok && len(ee.Stderr) > 0 {
   739  				os.Stderr.Write(ee.Stderr)
   740  			} else {
   741  				fmt.Fprintln(os.Stderr, err.Error())
   742  			}
   743  		}
   744  	}
   745  	return out, err
   746  }
   747  
   748  // Ping pings to determine scheme to use.
   749  func (v *Cmd) Ping(scheme, repo string) error {
   750  	// Run the ping command in an arbitrary working directory,
   751  	// but don't let the current working directory pollute the results.
   752  	// In module mode, we expect GOMODCACHE to exist and be a safe place for
   753  	// commands; in GOPATH mode, we expect that to be true of GOPATH/src.
   754  	dir := cfg.GOMODCACHE
   755  	if !cfg.ModulesEnabled {
   756  		dir = filepath.Join(cfg.BuildContext.GOPATH, "src")
   757  	}
   758  	os.MkdirAll(dir, 0777) // Ignore errors — if unsuccessful, the command will likely fail.
   759  
   760  	release, err := base.AcquireNet()
   761  	if err != nil {
   762  		return err
   763  	}
   764  	defer release()
   765  
   766  	return v.runVerboseOnly(dir, v.PingCmd, "scheme", scheme, "repo", repo)
   767  }
   768  
   769  // Create creates a new copy of repo in dir.
   770  // The parent of dir must exist; dir must not.
   771  func (v *Cmd) Create(dir, repo string) error {
   772  	release, err := base.AcquireNet()
   773  	if err != nil {
   774  		return err
   775  	}
   776  	defer release()
   777  
   778  	for _, cmd := range v.CreateCmd {
   779  		if err := v.run(filepath.Dir(dir), cmd, "dir", dir, "repo", repo); err != nil {
   780  			return err
   781  		}
   782  	}
   783  	return nil
   784  }
   785  
   786  // Download downloads any new changes for the repo in dir.
   787  func (v *Cmd) Download(dir string) error {
   788  	release, err := base.AcquireNet()
   789  	if err != nil {
   790  		return err
   791  	}
   792  	defer release()
   793  
   794  	for _, cmd := range v.DownloadCmd {
   795  		if err := v.run(dir, cmd); err != nil {
   796  			return err
   797  		}
   798  	}
   799  	return nil
   800  }
   801  
   802  // Tags returns the list of available tags for the repo in dir.
   803  func (v *Cmd) Tags(dir string) ([]string, error) {
   804  	var tags []string
   805  	for _, tc := range v.TagCmd {
   806  		out, err := v.runOutput(dir, tc.cmd)
   807  		if err != nil {
   808  			return nil, err
   809  		}
   810  		re := regexp.MustCompile(`(?m-s)` + tc.pattern)
   811  		for _, m := range re.FindAllStringSubmatch(string(out), -1) {
   812  			tags = append(tags, m[1])
   813  		}
   814  	}
   815  	return tags, nil
   816  }
   817  
   818  // TagSync syncs the repo in dir to the named tag,
   819  // which either is a tag returned by tags or is v.tagDefault.
   820  func (v *Cmd) TagSync(dir, tag string) error {
   821  	if v.TagSyncCmd == nil {
   822  		return nil
   823  	}
   824  	if tag != "" {
   825  		for _, tc := range v.TagLookupCmd {
   826  			out, err := v.runOutput(dir, tc.cmd, "tag", tag)
   827  			if err != nil {
   828  				return err
   829  			}
   830  			re := regexp.MustCompile(`(?m-s)` + tc.pattern)
   831  			m := re.FindStringSubmatch(string(out))
   832  			if len(m) > 1 {
   833  				tag = m[1]
   834  				break
   835  			}
   836  		}
   837  	}
   838  
   839  	release, err := base.AcquireNet()
   840  	if err != nil {
   841  		return err
   842  	}
   843  	defer release()
   844  
   845  	if tag == "" && v.TagSyncDefault != nil {
   846  		for _, cmd := range v.TagSyncDefault {
   847  			if err := v.run(dir, cmd); err != nil {
   848  				return err
   849  			}
   850  		}
   851  		return nil
   852  	}
   853  
   854  	for _, cmd := range v.TagSyncCmd {
   855  		if err := v.run(dir, cmd, "tag", tag); err != nil {
   856  			return err
   857  		}
   858  	}
   859  	return nil
   860  }
   861  
   862  // A vcsPath describes how to convert an import path into a
   863  // version control system and repository name.
   864  type vcsPath struct {
   865  	pathPrefix     string                              // prefix this description applies to
   866  	regexp         *lazyregexp.Regexp                  // compiled pattern for import path
   867  	repo           string                              // repository to use (expand with match of re)
   868  	vcs            string                              // version control system to use (expand with match of re)
   869  	check          func(match map[string]string) error // additional checks
   870  	schemelessRepo bool                                // if true, the repo pattern lacks a scheme
   871  }
   872  
   873  var allowmultiplevcs = godebug.New("allowmultiplevcs")
   874  
   875  // FromDir inspects dir and its parents to determine the
   876  // version control system and code repository to use.
   877  // If no repository is found, FromDir returns an error
   878  // equivalent to os.ErrNotExist.
   879  func FromDir(dir, srcRoot string) (repoDir string, vcsCmd *Cmd, err error) {
   880  	// Clean and double-check that dir is in (a subdirectory of) srcRoot.
   881  	dir = filepath.Clean(dir)
   882  	if srcRoot != "" {
   883  		srcRoot = filepath.Clean(srcRoot)
   884  		if len(dir) <= len(srcRoot) || dir[len(srcRoot)] != filepath.Separator {
   885  			return "", nil, fmt.Errorf("directory %q is outside source root %q", dir, srcRoot)
   886  		}
   887  	}
   888  
   889  	origDir := dir
   890  	for len(dir) > len(srcRoot) {
   891  		for _, vcs := range vcsList {
   892  			if isVCSRoot(dir, vcs.RootNames) {
   893  				if vcsCmd == nil {
   894  					// Record first VCS we find.
   895  					vcsCmd = vcs
   896  					repoDir = dir
   897  					if allowmultiplevcs.Value() == "1" {
   898  						allowmultiplevcs.IncNonDefault()
   899  						return repoDir, vcsCmd, nil
   900  					}
   901  					// If allowmultiplevcs is not set, keep looking for
   902  					// repositories in current and parent directories and report
   903  					// an error if one is found to mitigate VCS injection
   904  					// attacks.
   905  					continue
   906  				}
   907  				if vcsCmd == vcsGit && vcs == vcsGit {
   908  					// Nested Git is allowed, as this is how things like
   909  					// submodules work. Git explicitly protects against
   910  					// injection against itself.
   911  					continue
   912  				}
   913  				return "", nil, fmt.Errorf("multiple VCS detected: %s in %q, and %s in %q",
   914  					vcsCmd.Cmd, repoDir, vcs.Cmd, dir)
   915  			}
   916  		}
   917  
   918  		// Move to parent.
   919  		ndir := filepath.Dir(dir)
   920  		if len(ndir) >= len(dir) {
   921  			break
   922  		}
   923  		dir = ndir
   924  	}
   925  	if vcsCmd == nil {
   926  		return "", nil, &vcsNotFoundError{dir: origDir}
   927  	}
   928  	return repoDir, vcsCmd, nil
   929  }
   930  
   931  // isVCSRoot identifies a VCS root by checking whether the directory contains
   932  // any of the listed root names.
   933  func isVCSRoot(dir string, rootNames []rootName) bool {
   934  	for _, root := range rootNames {
   935  		fi, err := os.Stat(filepath.Join(dir, root.filename))
   936  		if err == nil && fi.IsDir() == root.isDir {
   937  			return true
   938  		}
   939  	}
   940  
   941  	return false
   942  }
   943  
   944  type rootName struct {
   945  	filename string
   946  	isDir    bool
   947  }
   948  
   949  type vcsNotFoundError struct {
   950  	dir string
   951  }
   952  
   953  func (e *vcsNotFoundError) Error() string {
   954  	return fmt.Sprintf("directory %q is not using a known version control system", e.dir)
   955  }
   956  
   957  func (e *vcsNotFoundError) Is(err error) bool {
   958  	return err == os.ErrNotExist
   959  }
   960  
   961  // A govcsRule is a single GOVCS rule like private:hg|svn.
   962  type govcsRule struct {
   963  	pattern string
   964  	allowed []string
   965  }
   966  
   967  // A govcsConfig is a full GOVCS configuration.
   968  type govcsConfig []govcsRule
   969  
   970  func parseGOVCS(s string) (govcsConfig, error) {
   971  	s = strings.TrimSpace(s)
   972  	if s == "" {
   973  		return nil, nil
   974  	}
   975  	var cfg govcsConfig
   976  	have := make(map[string]string)
   977  	for _, item := range strings.Split(s, ",") {
   978  		item = strings.TrimSpace(item)
   979  		if item == "" {
   980  			return nil, fmt.Errorf("empty entry in GOVCS")
   981  		}
   982  		pattern, list, found := strings.Cut(item, ":")
   983  		if !found {
   984  			return nil, fmt.Errorf("malformed entry in GOVCS (missing colon): %q", item)
   985  		}
   986  		pattern, list = strings.TrimSpace(pattern), strings.TrimSpace(list)
   987  		if pattern == "" {
   988  			return nil, fmt.Errorf("empty pattern in GOVCS: %q", item)
   989  		}
   990  		if list == "" {
   991  			return nil, fmt.Errorf("empty VCS list in GOVCS: %q", item)
   992  		}
   993  		if search.IsRelativePath(pattern) {
   994  			return nil, fmt.Errorf("relative pattern not allowed in GOVCS: %q", pattern)
   995  		}
   996  		if old := have[pattern]; old != "" {
   997  			return nil, fmt.Errorf("unreachable pattern in GOVCS: %q after %q", item, old)
   998  		}
   999  		have[pattern] = item
  1000  		allowed := strings.Split(list, "|")
  1001  		for i, a := range allowed {
  1002  			a = strings.TrimSpace(a)
  1003  			if a == "" {
  1004  				return nil, fmt.Errorf("empty VCS name in GOVCS: %q", item)
  1005  			}
  1006  			allowed[i] = a
  1007  		}
  1008  		cfg = append(cfg, govcsRule{pattern, allowed})
  1009  	}
  1010  	return cfg, nil
  1011  }
  1012  
  1013  func (c *govcsConfig) allow(path string, private bool, vcs string) bool {
  1014  	for _, rule := range *c {
  1015  		match := false
  1016  		switch rule.pattern {
  1017  		case "private":
  1018  			match = private
  1019  		case "public":
  1020  			match = !private
  1021  		default:
  1022  			// Note: rule.pattern is known to be comma-free,
  1023  			// so MatchPrefixPatterns is only matching a single pattern for us.
  1024  			match = module.MatchPrefixPatterns(rule.pattern, path)
  1025  		}
  1026  		if !match {
  1027  			continue
  1028  		}
  1029  		for _, allow := range rule.allowed {
  1030  			if allow == vcs || allow == "all" {
  1031  				return true
  1032  			}
  1033  		}
  1034  		return false
  1035  	}
  1036  
  1037  	// By default, nothing is allowed.
  1038  	return false
  1039  }
  1040  
  1041  var (
  1042  	govcs     govcsConfig
  1043  	govcsErr  error
  1044  	govcsOnce sync.Once
  1045  )
  1046  
  1047  // defaultGOVCS is the default setting for GOVCS.
  1048  // Setting GOVCS adds entries ahead of these but does not remove them.
  1049  // (They are appended to the parsed GOVCS setting.)
  1050  //
  1051  // The rationale behind allowing only Git and Mercurial is that
  1052  // these two systems have had the most attention to issues
  1053  // of being run as clients of untrusted servers. In contrast,
  1054  // Bazaar, Fossil, and Subversion have primarily been used
  1055  // in trusted, authenticated environments and are not as well
  1056  // scrutinized as attack surfaces.
  1057  //
  1058  // See golang.org/issue/41730 for details.
  1059  var defaultGOVCS = govcsConfig{
  1060  	{"private", []string{"all"}},
  1061  	{"public", []string{"git", "hg"}},
  1062  }
  1063  
  1064  // checkGOVCS checks whether the policy defined by the environment variable
  1065  // GOVCS allows the given vcs command to be used with the given repository
  1066  // root path. Note that root may not be a real package or module path; it's
  1067  // the same as the root path in the go-import meta tag.
  1068  func checkGOVCS(vcs *Cmd, root string) error {
  1069  	if vcs == vcsMod {
  1070  		// Direct module (proxy protocol) fetches don't
  1071  		// involve an external version control system
  1072  		// and are always allowed.
  1073  		return nil
  1074  	}
  1075  
  1076  	govcsOnce.Do(func() {
  1077  		govcs, govcsErr = parseGOVCS(os.Getenv("GOVCS"))
  1078  		govcs = append(govcs, defaultGOVCS...)
  1079  	})
  1080  	if govcsErr != nil {
  1081  		return govcsErr
  1082  	}
  1083  
  1084  	private := module.MatchPrefixPatterns(cfg.GOPRIVATE, root)
  1085  	if !govcs.allow(root, private, vcs.Cmd) {
  1086  		what := "public"
  1087  		if private {
  1088  			what = "private"
  1089  		}
  1090  		return fmt.Errorf("GOVCS disallows using %s for %s %s; see 'go help vcs'", vcs.Cmd, what, root)
  1091  	}
  1092  
  1093  	return nil
  1094  }
  1095  
  1096  // RepoRoot describes the repository root for a tree of source code.
  1097  type RepoRoot struct {
  1098  	Repo     string // repository URL, including scheme
  1099  	Root     string // import path corresponding to the SubDir
  1100  	SubDir   string // subdirectory within the repo (empty for root)
  1101  	IsCustom bool   // defined by served <meta> tags (as opposed to hard-coded pattern)
  1102  	VCS      *Cmd
  1103  }
  1104  
  1105  func httpPrefix(s string) string {
  1106  	for _, prefix := range [...]string{"http:", "https:"} {
  1107  		if strings.HasPrefix(s, prefix) {
  1108  			return prefix
  1109  		}
  1110  	}
  1111  	return ""
  1112  }
  1113  
  1114  // ModuleMode specifies whether to prefer modules when looking up code sources.
  1115  type ModuleMode int
  1116  
  1117  const (
  1118  	IgnoreMod ModuleMode = iota
  1119  	PreferMod
  1120  )
  1121  
  1122  // RepoRootForImportPath analyzes importPath to determine the
  1123  // version control system, and code repository to use.
  1124  func RepoRootForImportPath(importPath string, mod ModuleMode, security web.SecurityMode) (*RepoRoot, error) {
  1125  	rr, err := repoRootFromVCSPaths(importPath, security, vcsPaths)
  1126  	if err == errUnknownSite {
  1127  		rr, err = repoRootForImportDynamic(importPath, mod, security)
  1128  		if err != nil {
  1129  			err = importErrorf(importPath, "unrecognized import path %q: %v", importPath, err)
  1130  		}
  1131  	}
  1132  	if err != nil {
  1133  		rr1, err1 := repoRootFromVCSPaths(importPath, security, vcsPathsAfterDynamic)
  1134  		if err1 == nil {
  1135  			rr = rr1
  1136  			err = nil
  1137  		}
  1138  	}
  1139  
  1140  	// Should have been taken care of above, but make sure.
  1141  	if err == nil && strings.Contains(importPath, "...") && strings.Contains(rr.Root, "...") {
  1142  		// Do not allow wildcards in the repo root.
  1143  		rr = nil
  1144  		err = importErrorf(importPath, "cannot expand ... in %q", importPath)
  1145  	}
  1146  	return rr, err
  1147  }
  1148  
  1149  var errUnknownSite = errors.New("dynamic lookup required to find mapping")
  1150  
  1151  // repoRootFromVCSPaths attempts to map importPath to a repoRoot
  1152  // using the mappings defined in vcsPaths.
  1153  func repoRootFromVCSPaths(importPath string, security web.SecurityMode, vcsPaths []*vcsPath) (*RepoRoot, error) {
  1154  	if str.HasPathPrefix(importPath, "example.net") {
  1155  		// TODO(rsc): This should not be necessary, but it's required to keep
  1156  		// tests like ../../testdata/script/mod_get_extra.txt from using the network.
  1157  		// That script has everything it needs in the replacement set, but it is still
  1158  		// doing network calls.
  1159  		return nil, fmt.Errorf("no modules on example.net")
  1160  	}
  1161  	if importPath == "rsc.io" {
  1162  		// This special case allows tests like ../../testdata/script/govcs.txt
  1163  		// to avoid making any network calls. The module lookup for a path
  1164  		// like rsc.io/nonexist.svn/foo needs to not make a network call for
  1165  		// a lookup on rsc.io.
  1166  		return nil, fmt.Errorf("rsc.io is not a module")
  1167  	}
  1168  	// A common error is to use https://packagepath because that's what
  1169  	// hg and git require. Diagnose this helpfully.
  1170  	if prefix := httpPrefix(importPath); prefix != "" {
  1171  		// The importPath has been cleaned, so has only one slash. The pattern
  1172  		// ignores the slashes; the error message puts them back on the RHS at least.
  1173  		return nil, fmt.Errorf("%q not allowed in import path", prefix+"//")
  1174  	}
  1175  	for _, srv := range vcsPaths {
  1176  		if !str.HasPathPrefix(importPath, srv.pathPrefix) {
  1177  			continue
  1178  		}
  1179  		m := srv.regexp.FindStringSubmatch(importPath)
  1180  		if m == nil {
  1181  			if srv.pathPrefix != "" {
  1182  				return nil, importErrorf(importPath, "invalid %s import path %q", srv.pathPrefix, importPath)
  1183  			}
  1184  			continue
  1185  		}
  1186  
  1187  		// Build map of named subexpression matches for expand.
  1188  		match := map[string]string{
  1189  			"prefix": srv.pathPrefix + "/",
  1190  			"import": importPath,
  1191  		}
  1192  		for i, name := range srv.regexp.SubexpNames() {
  1193  			if name != "" && match[name] == "" {
  1194  				match[name] = m[i]
  1195  			}
  1196  		}
  1197  		if srv.vcs != "" {
  1198  			match["vcs"] = expand(match, srv.vcs)
  1199  		}
  1200  		if srv.repo != "" {
  1201  			match["repo"] = expand(match, srv.repo)
  1202  		}
  1203  		if srv.check != nil {
  1204  			if err := srv.check(match); err != nil {
  1205  				return nil, err
  1206  			}
  1207  		}
  1208  		vcs := vcsByCmd(match["vcs"])
  1209  		if vcs == nil {
  1210  			return nil, fmt.Errorf("unknown version control system %q", match["vcs"])
  1211  		}
  1212  		if err := checkGOVCS(vcs, match["root"]); err != nil {
  1213  			return nil, err
  1214  		}
  1215  		var repoURL string
  1216  		if !srv.schemelessRepo {
  1217  			repoURL = match["repo"]
  1218  		} else {
  1219  			repo := match["repo"]
  1220  			var ok bool
  1221  			repoURL, ok = interceptVCSTest(repo, vcs, security)
  1222  			if !ok {
  1223  				scheme, err := func() (string, error) {
  1224  					for _, s := range vcs.Scheme {
  1225  						if security == web.SecureOnly && !vcs.isSecureScheme(s) {
  1226  							continue
  1227  						}
  1228  
  1229  						// If we know how to ping URL schemes for this VCS,
  1230  						// check that this repo works.
  1231  						// Otherwise, default to the first scheme
  1232  						// that meets the requested security level.
  1233  						if vcs.PingCmd == "" {
  1234  							return s, nil
  1235  						}
  1236  						if err := vcs.Ping(s, repo); err == nil {
  1237  							return s, nil
  1238  						}
  1239  					}
  1240  					securityFrag := ""
  1241  					if security == web.SecureOnly {
  1242  						securityFrag = "secure "
  1243  					}
  1244  					return "", fmt.Errorf("no %sprotocol found for repository", securityFrag)
  1245  				}()
  1246  				if err != nil {
  1247  					return nil, err
  1248  				}
  1249  				repoURL = scheme + "://" + repo
  1250  			}
  1251  		}
  1252  		rr := &RepoRoot{
  1253  			Repo: repoURL,
  1254  			Root: match["root"],
  1255  			VCS:  vcs,
  1256  		}
  1257  		return rr, nil
  1258  	}
  1259  	return nil, errUnknownSite
  1260  }
  1261  
  1262  func interceptVCSTest(repo string, vcs *Cmd, security web.SecurityMode) (repoURL string, ok bool) {
  1263  	if VCSTestRepoURL == "" {
  1264  		return "", false
  1265  	}
  1266  	if vcs == vcsMod {
  1267  		// Since the "mod" protocol is implemented internally,
  1268  		// requests will be intercepted at a lower level (in cmd/go/internal/web).
  1269  		return "", false
  1270  	}
  1271  
  1272  	if scheme, path, ok := strings.Cut(repo, "://"); ok {
  1273  		if security == web.SecureOnly && !vcs.isSecureScheme(scheme) {
  1274  			return "", false // Let the caller reject the original URL.
  1275  		}
  1276  		repo = path // Remove leading URL scheme if present.
  1277  	}
  1278  	for _, host := range VCSTestHosts {
  1279  		if !str.HasPathPrefix(repo, host) {
  1280  			continue
  1281  		}
  1282  
  1283  		httpURL := VCSTestRepoURL + strings.TrimPrefix(repo, host)
  1284  
  1285  		if vcs == vcsSvn {
  1286  			// Ping the vcweb HTTP server to tell it to initialize the SVN repository
  1287  			// and get the SVN server URL.
  1288  			u, err := urlpkg.Parse(httpURL + "?vcwebsvn=1")
  1289  			if err != nil {
  1290  				panic(fmt.Sprintf("invalid vcs-test repo URL: %v", err))
  1291  			}
  1292  			svnURL, err := web.GetBytes(u)
  1293  			svnURL = bytes.TrimSpace(svnURL)
  1294  			if err == nil && len(svnURL) > 0 {
  1295  				return string(svnURL) + strings.TrimPrefix(repo, host), true
  1296  			}
  1297  
  1298  			// vcs-test doesn't have a svn handler for the given path,
  1299  			// so resolve the repo to HTTPS instead.
  1300  		}
  1301  
  1302  		return httpURL, true
  1303  	}
  1304  	return "", false
  1305  }
  1306  
  1307  // urlForImportPath returns a partially-populated URL for the given Go import path.
  1308  //
  1309  // The URL leaves the Scheme field blank so that web.Get will try any scheme
  1310  // allowed by the selected security mode.
  1311  func urlForImportPath(importPath string) (*urlpkg.URL, error) {
  1312  	slash := strings.Index(importPath, "/")
  1313  	if slash < 0 {
  1314  		slash = len(importPath)
  1315  	}
  1316  	host, path := importPath[:slash], importPath[slash:]
  1317  	if !strings.Contains(host, ".") {
  1318  		return nil, errors.New("import path does not begin with hostname")
  1319  	}
  1320  	if len(path) == 0 {
  1321  		path = "/"
  1322  	}
  1323  	return &urlpkg.URL{Host: host, Path: path, RawQuery: "go-get=1"}, nil
  1324  }
  1325  
  1326  // repoRootForImportDynamic finds a *RepoRoot for a custom domain that's not
  1327  // statically known by repoRootFromVCSPaths.
  1328  //
  1329  // This handles custom import paths like "name.tld/pkg/foo" or just "name.tld".
  1330  func repoRootForImportDynamic(importPath string, mod ModuleMode, security web.SecurityMode) (*RepoRoot, error) {
  1331  	url, err := urlForImportPath(importPath)
  1332  	if err != nil {
  1333  		return nil, err
  1334  	}
  1335  	resp, err := web.Get(security, url)
  1336  	if err != nil {
  1337  		msg := "https fetch: %v"
  1338  		if security == web.Insecure {
  1339  			msg = "http/" + msg
  1340  		}
  1341  		return nil, fmt.Errorf(msg, err)
  1342  	}
  1343  	body := resp.Body
  1344  	defer body.Close()
  1345  	imports, err := parseMetaGoImports(body, mod)
  1346  	if len(imports) == 0 {
  1347  		if respErr := resp.Err(); respErr != nil {
  1348  			// If the server's status was not OK, prefer to report that instead of
  1349  			// an XML parse error.
  1350  			return nil, respErr
  1351  		}
  1352  	}
  1353  	if err != nil {
  1354  		return nil, fmt.Errorf("parsing %s: %v", importPath, err)
  1355  	}
  1356  	// Find the matched meta import.
  1357  	mmi, err := matchGoImport(imports, importPath)
  1358  	if err != nil {
  1359  		if _, ok := err.(ImportMismatchError); !ok {
  1360  			return nil, fmt.Errorf("parse %s: %v", url, err)
  1361  		}
  1362  		return nil, fmt.Errorf("parse %s: no go-import meta tags (%s)", resp.URL, err)
  1363  	}
  1364  	if cfg.BuildV {
  1365  		log.Printf("get %q: found meta tag %#v at %s", importPath, mmi, url)
  1366  	}
  1367  	// If the import was "uni.edu/bob/project", which said the
  1368  	// prefix was "uni.edu" and the RepoRoot was "evilroot.com",
  1369  	// make sure we don't trust Bob and check out evilroot.com to
  1370  	// "uni.edu" yet (possibly overwriting/preempting another
  1371  	// non-evil student). Instead, first verify the root and see
  1372  	// if it matches Bob's claim.
  1373  	if mmi.Prefix != importPath {
  1374  		if cfg.BuildV {
  1375  			log.Printf("get %q: verifying non-authoritative meta tag", importPath)
  1376  		}
  1377  		var imports []metaImport
  1378  		url, imports, err = metaImportsForPrefix(mmi.Prefix, mod, security)
  1379  		if err != nil {
  1380  			return nil, err
  1381  		}
  1382  		metaImport2, err := matchGoImport(imports, importPath)
  1383  		if err != nil || mmi != metaImport2 {
  1384  			return nil, fmt.Errorf("%s and %s disagree about go-import for %s", resp.URL, url, mmi.Prefix)
  1385  		}
  1386  	}
  1387  
  1388  	if err := validateRepoRoot(mmi.RepoRoot); err != nil {
  1389  		return nil, fmt.Errorf("%s: invalid repo root %q: %v", resp.URL, mmi.RepoRoot, err)
  1390  	}
  1391  	var vcs *Cmd
  1392  	if mmi.VCS == "mod" {
  1393  		vcs = vcsMod
  1394  	} else {
  1395  		vcs = vcsByCmd(mmi.VCS)
  1396  		if vcs == nil {
  1397  			return nil, fmt.Errorf("%s: unknown vcs %q", resp.URL, mmi.VCS)
  1398  		}
  1399  	}
  1400  
  1401  	if err := checkGOVCS(vcs, mmi.Prefix); err != nil {
  1402  		return nil, err
  1403  	}
  1404  
  1405  	repoURL, ok := interceptVCSTest(mmi.RepoRoot, vcs, security)
  1406  	if !ok {
  1407  		repoURL = mmi.RepoRoot
  1408  	}
  1409  	rr := &RepoRoot{
  1410  		Repo:     repoURL,
  1411  		Root:     mmi.Prefix,
  1412  		SubDir:   mmi.SubDir,
  1413  		IsCustom: true,
  1414  		VCS:      vcs,
  1415  	}
  1416  	return rr, nil
  1417  }
  1418  
  1419  // validateRepoRoot returns an error if repoRoot does not seem to be
  1420  // a valid URL with scheme.
  1421  func validateRepoRoot(repoRoot string) error {
  1422  	url, err := urlpkg.Parse(repoRoot)
  1423  	if err != nil {
  1424  		return err
  1425  	}
  1426  	if url.Scheme == "" {
  1427  		return errors.New("no scheme")
  1428  	}
  1429  	if url.Scheme == "file" {
  1430  		return errors.New("file scheme disallowed")
  1431  	}
  1432  	return nil
  1433  }
  1434  
  1435  var fetchGroup singleflight.Group
  1436  var (
  1437  	fetchCacheMu sync.Mutex
  1438  	fetchCache   = map[string]fetchResult{} // key is metaImportsForPrefix's importPrefix
  1439  )
  1440  
  1441  // metaImportsForPrefix takes a package's root import path as declared in a <meta> tag
  1442  // and returns its HTML discovery URL and the parsed metaImport lines
  1443  // found on the page.
  1444  //
  1445  // The importPath is of the form "golang.org/x/tools".
  1446  // It is an error if no imports are found.
  1447  // url will still be valid if err != nil.
  1448  // The returned url will be of the form "https://golang.org/x/tools?go-get=1"
  1449  func metaImportsForPrefix(importPrefix string, mod ModuleMode, security web.SecurityMode) (*urlpkg.URL, []metaImport, error) {
  1450  	setCache := func(res fetchResult) (fetchResult, error) {
  1451  		fetchCacheMu.Lock()
  1452  		defer fetchCacheMu.Unlock()
  1453  		fetchCache[importPrefix] = res
  1454  		return res, nil
  1455  	}
  1456  
  1457  	resi, _, _ := fetchGroup.Do(importPrefix, func() (resi any, err error) {
  1458  		fetchCacheMu.Lock()
  1459  		if res, ok := fetchCache[importPrefix]; ok {
  1460  			fetchCacheMu.Unlock()
  1461  			return res, nil
  1462  		}
  1463  		fetchCacheMu.Unlock()
  1464  
  1465  		url, err := urlForImportPath(importPrefix)
  1466  		if err != nil {
  1467  			return setCache(fetchResult{err: err})
  1468  		}
  1469  		resp, err := web.Get(security, url)
  1470  		if err != nil {
  1471  			return setCache(fetchResult{url: url, err: fmt.Errorf("fetching %s: %v", importPrefix, err)})
  1472  		}
  1473  		body := resp.Body
  1474  		defer body.Close()
  1475  		imports, err := parseMetaGoImports(body, mod)
  1476  		if len(imports) == 0 {
  1477  			if respErr := resp.Err(); respErr != nil {
  1478  				// If the server's status was not OK, prefer to report that instead of
  1479  				// an XML parse error.
  1480  				return setCache(fetchResult{url: url, err: respErr})
  1481  			}
  1482  		}
  1483  		if err != nil {
  1484  			return setCache(fetchResult{url: url, err: fmt.Errorf("parsing %s: %v", resp.URL, err)})
  1485  		}
  1486  		if len(imports) == 0 {
  1487  			err = fmt.Errorf("fetching %s: no go-import meta tag found in %s", importPrefix, resp.URL)
  1488  		}
  1489  		return setCache(fetchResult{url: url, imports: imports, err: err})
  1490  	})
  1491  	res := resi.(fetchResult)
  1492  	return res.url, res.imports, res.err
  1493  }
  1494  
  1495  type fetchResult struct {
  1496  	url     *urlpkg.URL
  1497  	imports []metaImport
  1498  	err     error
  1499  }
  1500  
  1501  // metaImport represents the parsed <meta name="go-import"
  1502  // content="prefix vcs reporoot subdir" /> tags from HTML files.
  1503  type metaImport struct {
  1504  	Prefix, VCS, RepoRoot, SubDir string
  1505  }
  1506  
  1507  // An ImportMismatchError is returned where metaImport/s are present
  1508  // but none match our import path.
  1509  type ImportMismatchError struct {
  1510  	importPath string
  1511  	mismatches []string // the meta imports that were discarded for not matching our importPath
  1512  }
  1513  
  1514  func (m ImportMismatchError) Error() string {
  1515  	formattedStrings := make([]string, len(m.mismatches))
  1516  	for i, pre := range m.mismatches {
  1517  		formattedStrings[i] = fmt.Sprintf("meta tag %s did not match import path %s", pre, m.importPath)
  1518  	}
  1519  	return strings.Join(formattedStrings, ", ")
  1520  }
  1521  
  1522  // matchGoImport returns the metaImport from imports matching importPath.
  1523  // An error is returned if there are multiple matches.
  1524  // An ImportMismatchError is returned if none match.
  1525  func matchGoImport(imports []metaImport, importPath string) (metaImport, error) {
  1526  	match := -1
  1527  
  1528  	errImportMismatch := ImportMismatchError{importPath: importPath}
  1529  	for i, im := range imports {
  1530  		if !str.HasPathPrefix(importPath, im.Prefix) {
  1531  			errImportMismatch.mismatches = append(errImportMismatch.mismatches, im.Prefix)
  1532  			continue
  1533  		}
  1534  
  1535  		if match >= 0 {
  1536  			if imports[match].VCS == "mod" && im.VCS != "mod" {
  1537  				// All the mod entries precede all the non-mod entries.
  1538  				// We have a mod entry and don't care about the rest,
  1539  				// matching or not.
  1540  				break
  1541  			}
  1542  			return metaImport{}, fmt.Errorf("multiple meta tags match import path %q", importPath)
  1543  		}
  1544  		match = i
  1545  	}
  1546  
  1547  	if match == -1 {
  1548  		return metaImport{}, errImportMismatch
  1549  	}
  1550  	return imports[match], nil
  1551  }
  1552  
  1553  // expand rewrites s to replace {k} with match[k] for each key k in match.
  1554  func expand(match map[string]string, s string) string {
  1555  	// We want to replace each match exactly once, and the result of expansion
  1556  	// must not depend on the iteration order through the map.
  1557  	// A strings.Replacer has exactly the properties we're looking for.
  1558  	oldNew := make([]string, 0, 2*len(match))
  1559  	for k, v := range match {
  1560  		oldNew = append(oldNew, "{"+k+"}", v)
  1561  	}
  1562  	return strings.NewReplacer(oldNew...).Replace(s)
  1563  }
  1564  
  1565  // vcsPaths defines the meaning of import paths referring to
  1566  // commonly-used VCS hosting sites (github.com/user/dir)
  1567  // and import paths referring to a fully-qualified importPath
  1568  // containing a VCS type (foo.com/repo.git/dir)
  1569  var vcsPaths = []*vcsPath{
  1570  	// GitHub
  1571  	{
  1572  		pathPrefix: "github.com",
  1573  		regexp:     lazyregexp.New(`^(?P<root>github\.com/[\w.\-]+/[\w.\-]+)(/[\w.\-]+)*$`),
  1574  		vcs:        "git",
  1575  		repo:       "https://{root}",
  1576  		check:      noVCSSuffix,
  1577  	},
  1578  
  1579  	// Bitbucket
  1580  	{
  1581  		pathPrefix: "bitbucket.org",
  1582  		regexp:     lazyregexp.New(`^(?P<root>bitbucket\.org/(?P<bitname>[\w.\-]+/[\w.\-]+))(/[\w.\-]+)*$`),
  1583  		vcs:        "git",
  1584  		repo:       "https://{root}",
  1585  		check:      noVCSSuffix,
  1586  	},
  1587  
  1588  	// IBM DevOps Services (JazzHub)
  1589  	{
  1590  		pathPrefix: "hub.jazz.net/git",
  1591  		regexp:     lazyregexp.New(`^(?P<root>hub\.jazz\.net/git/[a-z0-9]+/[\w.\-]+)(/[\w.\-]+)*$`),
  1592  		vcs:        "git",
  1593  		repo:       "https://{root}",
  1594  		check:      noVCSSuffix,
  1595  	},
  1596  
  1597  	// Git at Apache
  1598  	{
  1599  		pathPrefix: "git.apache.org",
  1600  		regexp:     lazyregexp.New(`^(?P<root>git\.apache\.org/[a-z0-9_.\-]+\.git)(/[\w.\-]+)*$`),
  1601  		vcs:        "git",
  1602  		repo:       "https://{root}",
  1603  	},
  1604  
  1605  	// Git at OpenStack
  1606  	{
  1607  		pathPrefix: "git.openstack.org",
  1608  		regexp:     lazyregexp.New(`^(?P<root>git\.openstack\.org/[\w.\-]+/[\w.\-]+)(\.git)?(/[\w.\-]+)*$`),
  1609  		vcs:        "git",
  1610  		repo:       "https://{root}",
  1611  	},
  1612  
  1613  	// chiselapp.com for fossil
  1614  	{
  1615  		pathPrefix: "chiselapp.com",
  1616  		regexp:     lazyregexp.New(`^(?P<root>chiselapp\.com/user/[A-Za-z0-9]+/repository/[\w.\-]+)$`),
  1617  		vcs:        "fossil",
  1618  		repo:       "https://{root}",
  1619  	},
  1620  
  1621  	// General syntax for any server.
  1622  	// Must be last.
  1623  	{
  1624  		regexp:         lazyregexp.New(`(?P<root>(?P<repo>([a-z0-9.\-]+\.)+[a-z0-9.\-]+(:[0-9]+)?(/~?[\w.\-]+)+?)\.(?P<vcs>bzr|fossil|git|hg|svn))(/~?[\w.\-]+)*$`),
  1625  		schemelessRepo: true,
  1626  	},
  1627  }
  1628  
  1629  // vcsPathsAfterDynamic gives additional vcsPaths entries
  1630  // to try after the dynamic HTML check.
  1631  // This gives those sites a chance to introduce <meta> tags
  1632  // as part of a graceful transition away from the hard-coded logic.
  1633  var vcsPathsAfterDynamic = []*vcsPath{
  1634  	// Launchpad. See golang.org/issue/11436.
  1635  	{
  1636  		pathPrefix: "launchpad.net",
  1637  		regexp:     lazyregexp.New(`^(?P<root>launchpad\.net/((?P<project>[\w.\-]+)(?P<series>/[\w.\-]+)?|~[\w.\-]+/(\+junk|[\w.\-]+)/[\w.\-]+))(/[\w.\-]+)*$`),
  1638  		vcs:        "bzr",
  1639  		repo:       "https://{root}",
  1640  		check:      launchpadVCS,
  1641  	},
  1642  }
  1643  
  1644  // noVCSSuffix checks that the repository name does not
  1645  // end in .foo for any version control system foo.
  1646  // The usual culprit is ".git".
  1647  func noVCSSuffix(match map[string]string) error {
  1648  	repo := match["repo"]
  1649  	for _, vcs := range vcsList {
  1650  		if strings.HasSuffix(repo, "."+vcs.Cmd) {
  1651  			return fmt.Errorf("invalid version control suffix in %s path", match["prefix"])
  1652  		}
  1653  	}
  1654  	return nil
  1655  }
  1656  
  1657  // launchpadVCS solves the ambiguity for "lp.net/project/foo". In this case,
  1658  // "foo" could be a series name registered in Launchpad with its own branch,
  1659  // and it could also be the name of a directory within the main project
  1660  // branch one level up.
  1661  func launchpadVCS(match map[string]string) error {
  1662  	if match["project"] == "" || match["series"] == "" {
  1663  		return nil
  1664  	}
  1665  	url := &urlpkg.URL{
  1666  		Scheme: "https",
  1667  		Host:   "code.launchpad.net",
  1668  		Path:   expand(match, "/{project}{series}/.bzr/branch-format"),
  1669  	}
  1670  	_, err := web.GetBytes(url)
  1671  	if err != nil {
  1672  		match["root"] = expand(match, "launchpad.net/{project}")
  1673  		match["repo"] = expand(match, "https://{root}")
  1674  	}
  1675  	return nil
  1676  }
  1677  
  1678  // importError is a copy of load.importError, made to avoid a dependency cycle
  1679  // on cmd/go/internal/load. It just needs to satisfy load.ImportPathError.
  1680  type importError struct {
  1681  	importPath string
  1682  	err        error
  1683  }
  1684  
  1685  func importErrorf(path, format string, args ...any) error {
  1686  	err := &importError{importPath: path, err: fmt.Errorf(format, args...)}
  1687  	if errStr := err.Error(); !strings.Contains(errStr, path) {
  1688  		panic(fmt.Sprintf("path %q not in error %q", path, errStr))
  1689  	}
  1690  	return err
  1691  }
  1692  
  1693  func (e *importError) Error() string {
  1694  	return e.err.Error()
  1695  }
  1696  
  1697  func (e *importError) Unwrap() error {
  1698  	// Don't return e.err directly, since we're only wrapping an error if %w
  1699  	// was passed to ImportErrorf.
  1700  	return errors.Unwrap(e.err)
  1701  }
  1702  
  1703  func (e *importError) ImportPath() string {
  1704  	return e.importPath
  1705  }
  1706
View as plain text