caddy: Ambiguous dependency problem

hi,

when i try to compile the 2.4.5 version i get the following error:

        github.com/caddyserver/caddy/v2/modules/caddyhttp imports
        github.com/google/cel-go/cel imports
        github.com/google/cel-go/parser imports
        github.com/antlr/antlr4/runtime/Go/antlr loaded from github.com/antlr/antlr4/runtime/Go/antlr@v0.0.0-20210826220005-b48c857c3a0e,
        but go 1.16 would fail to locate it:
        ambiguous import: found package github.com/antlr/antlr4/runtime/Go/antlr in multiple modules:
        github.com/antlr/antlr4 v0.0.0-20200503195918-621b933c7a7f (/home/usc/go/pkg/mod/github.com/antlr/antlr4@v0.0.0-20200503195918-621b933c7a7f/runtime/Go/antlr)
        github.com/antlr/antlr4/runtime/Go/antlr v0.0.0-20210826220005-b48c857c3a0e (/home/usc/go/pkg/mod/github.com/antlr/antlr4/runtime/!go/antlr@v0.0.0-20210826220005-b48c857c3a0e)

this is NOT a problem of your code, it is a bug in cel-go which is already fixed (https://github.com/google/cel-go/issues/441). But as you have the v0.7.3 as a dependency and there is (at the moment) no new release, i had to patch my go.mod file to replace the library:

replace github.com/google/cel-go v0.7.3 => github.com/google/cel-go v0.7.4-0.20210818044834-cd8abd3c0e5e

I’m not sure if it a good idea to update your dependency too to this this commit-version?

It is ok to simply close this issue, as your code has no direct defect (in this case). this is only for documentation when other people have the same problem when they try to compile from a completely fresh codebase/workspace.

About this issue

Original URL
State: closed
Created 3 years ago
Comments: 21 (20 by maintainers)

Commits related to this issue

go.mod: fix wanky antlr4 dependency context: https://github.com/caddyserver/caddy/issues/4331 — committed to sjtug/caddy2-filter by htfy96 2 years ago

Most upvoted comments

Awesome. Then I’ll give that other issue a look to see what I can come up with there. The v0.11.2 vastly improves CEL environment bootstrapping costs and has some evaluation performance improvements as well.

TristonianJones on Apr 4, 2022

I’ve played around a bit with the builds and found that running go mod edit -exclude github.com/antlr/antlr4@v0.0.0-20200503195918-621b933c7a7f will add exclude github.com/antlr/antlr4 v0.0.0-20200503195918-621b933c7a7f to the go.mod file, which allows the build to succeed.

But it’s important we understand why is it added in the first place. We might need to consult #modules on the gopher slack. bcmills might have some insight, but I don’t want to ping him here. It’s more beneficial we have a public understanding in the channel.

mohammed90 on Mar 15, 2022

I agree, though it’s encouraging that something works without having to v2 cel or Antlr before either can really guarantee API stability.

I’ve reached out to the Antlr maintainer and he’s okay with tagging releases with go-compatible semantic versions which means the solution should be to replace the pseudo-version of Antlr with a version+incompatible one. That’s basically what we’re doing with pseudo-versions here, but less hacky

TristonianJones on Mar 15, 2022