Build Fails Due to Dependency Version Mismatch #80
Description
Description
While reproducing the project, we found that the build process fails due to mismatched or unresolved dependencies.
The following error log was produced during the build process:
......
go: found github.com/stretchr/testify/assert in github.com/stretchr/testify v1.10.0
go: finding module for package github.com/docker/docker/pkg/term
go: github.com/dhiltgen/docker-machine-kvm imports
github.com/docker/machine/libmachine/ssh imports
github.com/docker/docker/pkg/term: module github.com/docker/docker@latest found (v27.5.0+incompatible), but does not contain package github.com/docker/docker/pkg/term
Result
The build fails with errors related to missing or mismatched dependencies.
The error dependency is github.com/docker/docker.
The build process automatically pulls the latest dependency versions by default. However, the required package github.com/docker/docker/pkg/term is not included in version v27.5.0+incompatible.
Reason
This issue appears to be caused by the absence of precise version tracking in GOPATH, which leads to inconsistency in dependency resolution.
Proposed Solution
To resolve this issue, we analyzed the project and identified the correct versions of the required dependencies.
The analysis shows that the correct version for the dependency github.com/docker/docker is v20.10.25+incompatible.
Consider adopting this suggested version to prevent other developers from encountering build failures when constructing the project.
This information can be documented in the README.md file or another relevant location.
Additional Suggestions
To ensure reproducible builds and align with the evolving trends of the Go programming language, it is recommended that the current project be migrated to the Go module mechanism.
Updating to the go module mechanism allows for managing third-party dependency versions through the go.mod file, which provides a centralized and consistent way to specify dependency constraints.
We have generated a go.mod file with the correct versions of the third-party dependencies needed for this project.
The suggested go.mod file is as follows:
module github.com/dhiltgen/docker-machine-kvm
go 1.23
require github.com/docker/docker v20.10.25+incompatible // indirect
require github.com/docker/machine v0.5.0-rc1
require github.com/libvirt/libvirt-go v7.4.0+incompatible
require (
github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c // indirect
github.com/moby/term v0.5.2 // indirect
github.com/stretchr/testify v1.10.0 // indirect
golang.org/x/crypto v0.33.0 // indirect
golang.org/x/sys v0.30.0 // indirect
golang.org/x/term v0.29.0 // indirect
)
--------------------------------------------------
成功构建项目: github.com/chainHero/heroes-service
依赖库: github.com/hyperledger/fabric
github.com/hyperledger/fabric v1.4.7
github.com/hyperledger/fabric-sdk-go v1.0.0
github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric v0.0.0-20190822125948-d2b42602e52e
github.com/hyperledger/fabric-amcl v0.0.0-20230602173724-9e02669dceb2 // indirect
github.com/hyperledger/fabric-config v0.0.5 // indirect
github.com/hyperledger/fabric-lib-go v1.0.0 // indirect
github.com/hyperledger/fabric-protos-go v0.0.0-20200707132912-fee30f3ccd23 // indirect
module github.com/chainHero/heroes-service
go 1.23
require (
github.com/hyperledger/fabric v1.4.7
github.com/hyperledger/fabric-sdk-go v1.0.0
github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric v0.0.0-20190822125948-d2b42602e52e
github.com/pkg/errors v0.9.1
)
require (
github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
github.com/Knetic/govaluate v3.0.0+incompatible // indirect
github.com/Microsoft/go-winio v0.6.2 // indirect
github.com/Shopify/sarama v0.0.0-00010101000000-000000000000 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/cloudflare/cfssl v1.4.1 // indirect
github.com/containerd/log v0.1.0 // indirect
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
github.com/docker/docker v27.1.2+incompatible // indirect
github.com/docker/go-connections v0.4.0 // indirect
github.com/docker/go-units v0.5.0 // indirect
github.com/fsnotify/fsnotify v1.7.0 // indirect
github.com/fsouza/go-dockerclient v1.12.0 // indirect
github.com/go-kit/kit v0.8.0 // indirect
github.com/go-logfmt/logfmt v0.5.0 // indirect
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang/mock v1.4.3 // indirect
github.com/golang/protobuf v1.5.4 // indirect
github.com/google/certificate-transparency-go v1.0.21 // indirect
github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 // indirect
github.com/hashicorp/go-version v1.7.0 // indirect
github.com/hashicorp/hcl v1.0.0 // indirect
github.com/hyperledger/fabric-amcl v0.0.0-20230602173724-9e02669dceb2 // indirect
github.com/hyperledger/fabric-config v0.0.5 // indirect
github.com/hyperledger/fabric-lib-go v1.0.0 // indirect
github.com/hyperledger/fabric-protos-go v0.0.0-20200707132912-fee30f3ccd23 // indirect
github.com/klauspost/compress v1.17.9 // indirect
github.com/magiconair/properties v1.8.7 // indirect
github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect
github.com/miekg/pkcs11 v1.1.1 // indirect
github.com/mitchellh/mapstructure v1.5.0 // indirect
github.com/moby/docker-image-spec v1.3.1 // indirect
github.com/moby/patternmatcher v0.6.0 // indirect
github.com/moby/sys/sequential v0.5.0 // indirect
github.com/moby/sys/user v0.1.0 // indirect
github.com/moby/sys/userns v0.1.0 // indirect
github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6 // indirect
github.com/morikuni/aec v1.0.0 // indirect
github.com/onsi/ginkgo v1.16.5 // indirect
github.com/onsi/gomega v1.36.2 // indirect
github.com/op/go-logging v0.0.0-20160315200505-970db520ece7 // indirect
github.com/opencontainers/go-digest v1.0.0 // indirect
github.com/opencontainers/image-spec v1.1.0-rc2.0.20221005185240-3a7f492d3f1b // indirect
github.com/pelletier/go-toml/v2 v2.2.2 // indirect
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
github.com/prometheus/client_golang v1.1.0 // indirect
github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4 // indirect
github.com/prometheus/common v0.6.0 // indirect
github.com/prometheus/procfs v0.0.3 // indirect
github.com/sagikazarmark/locafero v0.4.0 // indirect
github.com/sagikazarmark/slog-shim v0.1.0 // indirect
github.com/sirupsen/logrus v1.9.3 // indirect
github.com/sourcegraph/conc v0.3.0 // indirect
github.com/spf13/afero v1.11.0 // indirect
github.com/spf13/cast v1.6.0 // indirect
github.com/spf13/pflag v1.0.5 // indirect
github.com/spf13/viper v1.19.0 // indirect
github.com/stretchr/testify v1.10.0 // indirect
github.com/subosito/gotenv v1.6.0 // indirect
github.com/sykesm/zap-logfmt v0.0.4 // indirect
github.com/weppos/publicsuffix-go v0.5.0 // indirect
github.com/zmap/zcrypto v0.0.0-20190729165852-9051775e6a2e // indirect
github.com/zmap/zlint v0.0.0-20190806154020-fd021b4cfbeb // indirect
go.uber.org/multierr v1.10.0 // indirect
go.uber.org/zap v1.27.0 // indirect
golang.org/x/crypto v0.33.0 // indirect
golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect
golang.org/x/net v0.35.0 // indirect
golang.org/x/sys v0.30.0 // indirect
golang.org/x/text v0.22.0 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20241202173237-19429a94021a // indirect
google.golang.org/grpc v1.70.0 // indirect
google.golang.org/protobuf v1.36.1 // indirect
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
gopkg.in/ini.v1 v1.67.0 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)
replace github.com/Shopify/sarama => github.com/IBM/sarama v1.43.3
Here the +incompatible suffix in go.mod indicates that the module does not follow Go Modules' semantic versioning (SemVer) rules correctly. But Go can still build and run the project normally despite the +incompatible tag.
Additional Information:
This issue was identified as part of our research project focused on automating the analysis of GOPATH projects to provide accurate dependency versions for seamless migration to Go Modules. We value your feedback and would appreciate any comments or suggestions regarding this approach.