Merge branch 'golang:master' into master

Author: kumarlokesh

api/next/73088.txt

@@ -0,0 +1,7 @@
+pkg go/ast, const FilterFuncDuplicates //deprecated #73088
+pkg go/ast, const FilterImportDuplicates //deprecated #73088
+pkg go/ast, const FilterUnassociatedComments //deprecated #73088
+pkg go/ast, func FilterPackage //deprecated #73088
+pkg go/ast, func MergePackageFiles //deprecated #73088
+pkg go/ast, func PackageExports //deprecated #73088
+pkg go/ast, type MergeMode //deprecated #73088

doc/next/6-stdlib/99-minor/go/ast/73088.md

@@ -0,0 +1,4 @@
+The [ast.FilterPackage], [ast.PackageExports], and
+[ast.MergePackageFiles] functions, and the [MergeMode] type and its
+constants, are all deprecated, as they are for use only with the
+long-deprecated [ast.Object] and [ast.Package] machinery.

doc/next/9-todo.md

@@ -1,6 +1,10 @@
 <!--
 Output from relnote todo that was generated and reviewed on 2025-05-23, plus summary info from bug/CL: -->
 
+### TODO
+
+**Please turn these into proper release notes**
+
 <!-- TODO: CL 420114 has a RELNOTE comment without a suggested text (from RELNOTE comment in https://go.dev/cl/420114) -->
 all: implement plugin build mode for riscv64
 

src/cmd/compile/internal/ir/expr.go

@@ -853,6 +853,10 @@ func IsAddressable(n Node) bool {
 //
 // calling StaticValue on the "int(y)" expression returns the outer
 // "g()" expression.
+//
+// NOTE: StaticValue can return a result with a different type than
+// n's type because it can traverse through OCONVNOP operations.
+// TODO: consider reapplying OCONVNOP operations to the result. See https://go.dev/cl/676517.
 func StaticValue(n Node) Node {
 	for {
 		switch n1 := n.(type) {

src/cmd/compile/internal/walk/order.go

@@ -249,14 +249,14 @@ func (o *orderState) addrTemp(n ir.Node) ir.Node {
 	if (v.Op() == ir.OSTRUCTLIT || v.Op() == ir.OARRAYLIT) && !base.Ctxt.IsFIPS() {
 		if ir.IsZero(v) && 0 < v.Type().Size() && v.Type().Size() <= abi.ZeroValSize {
 			// This zero value can be represented by the read-only zeroVal.
-			zeroVal := ir.NewLinksymExpr(v.Pos(), ir.Syms.ZeroVal, v.Type())
+			zeroVal := ir.NewLinksymExpr(v.Pos(), ir.Syms.ZeroVal, n.Type())
 			vstat := typecheck.Expr(zeroVal).(*ir.LinksymOffsetExpr)
 			return vstat
 		}
 		if isStaticCompositeLiteral(v) {
 			// v can be directly represented in the read-only data section.
 			lit := v.(*ir.CompLitExpr)
-			vstat := readonlystaticname(lit.Type())
+			vstat := readonlystaticname(n.Type())
 			fixedlit(inInitFunction, initKindStatic, lit, vstat, nil) // nil init
 			vstat = typecheck.Expr(vstat).(*ir.Name)
 			return vstat

src/cmd/go/internal/modget/get.go

@@ -337,6 +337,7 @@ func runGet(ctx context.Context, cmd *base.Command, args []string) {
 	r.performLocalQueries(ctx)
 	r.performPathQueries(ctx)
 	r.performToolQueries(ctx)
+	r.performWorkQueries(ctx)
 
 	for {
 		r.performWildcardQueries(ctx)
@@ -513,6 +514,7 @@ type resolver struct {
 	pathQueries       []*query // package path literal queries in original order
 	wildcardQueries   []*query // path wildcard queries in original order
 	patternAllQueries []*query // queries with the pattern "all"
+	workQueries       []*query // queries with the pattern "work"
 	toolQueries       []*query // queries with the pattern "tool"
 
 	// Indexed "none" queries. These are also included in the slices above;
@@ -578,6 +580,8 @@ func newResolver(ctx context.Context, queries []*query) *resolver {
 	for _, q := range queries {
 		if q.pattern == "all" {
 			r.patternAllQueries = append(r.patternAllQueries, q)
+		} else if q.pattern == "work" {
+			r.workQueries = append(r.workQueries, q)
 		} else if q.pattern == "tool" {
 			r.toolQueries = append(r.toolQueries, q)
 		} else if q.patternIsLocal {
@@ -1070,6 +1074,37 @@ func (r *resolver) performToolQueries(ctx context.Context) {
 	}
 }
 
+// performWorkQueries populates the candidates for each query whose pattern is "work".
+// The candidate module to resolve the work pattern is exactly the single main module.
+func (r *resolver) performWorkQueries(ctx context.Context) {
+	for _, q := range r.workQueries {
+		q.pathOnce(q.pattern, func() pathSet {
+			// TODO(matloob): Maybe export MainModules.mustGetSingleMainModule and call that.
+			// There are a few other places outside the modload package where we expect
+			// a single main module.
+			if len(modload.MainModules.Versions()) != 1 {
+				panic("internal error: number of main modules is not exactly one in resolution phase of go get")
+			}
+			mainModule := modload.MainModules.Versions()[0]
+
+			// We know what the result is going to be, assuming the main module is not
+			// empty, (it's the main module itself) but first check to see that there
+			// are packages in the main module, so that if there aren't any, we can
+			// return the expected warning that the pattern matched no packages.
+			match := modload.MatchInModule(ctx, q.pattern, mainModule, imports.AnyTags())
+			if len(match.Errs) > 0 {
+				return pathSet{err: match.Errs[0]}
+			}
+			if len(match.Pkgs) == 0 {
+				search.WarnUnmatched([]*search.Match{match})
+				return pathSet{} // There are no packages in the main module, so the main module isn't needed to resolve them.
+			}
+
+			return pathSet{pkgMods: []module.Version{mainModule}}
+		})
+	}
+}
+
 // performPatternAllQueries populates the candidates for each query whose
 // pattern is "all".
 //

src/cmd/go/testdata/script/mod_get_nopkgs.txt

@@ -29,6 +29,10 @@ stderr '^go: example\.net/emptysubdir/subdir/\.\.\.: module example\.net/emptysu
 ! go get builtin/...  # in GOROOT/src, but contains no packages
 stderr '^go: builtin/...: malformed module path "builtin": missing dot in first path element$'
 
+cd ../subdirmod
+go get work
+stderr -count=1 'matched no packages'
+
 -- go.mod --
 module example.net/emptysubdir
 
@@ -38,3 +42,7 @@ go 1.16
 package emptysubdir
 -- subdir/README.txt --
 This module intentionally does not contain any p
+-- subdirmod/go.mod --
+module example.net/emptysubdir/subdirmod
+
+go 1.16

src/cmd/go/testdata/script/mod_get_work.txt

@@ -0,0 +1,46 @@
+# Test go get with the work pattern.
+
+# go get work gets dependencies to satisfy missing imports in the
+# main modules' package graph. Before the 'work' pattern existed, users
+# would have to run './...' in the root of the work (main) module.
+cp go.mod go.mod.orig
+go get work
+cmp go.mod go.mod.want
+
+# 'go get work' and 'go get all' behave very differently. Because
+# 'all' evaluates to work packages but also to their dependencies,
+# 'go get all' will run the 'get' logic on all the dependency module
+# packages, bumping all their modules to the latest versions.
+cp go.mod.orig go.mod
+go get all
+cmp go.mod go.mod.all.want
+-- go.mod --
+module example.com/a
+
+go 1.25
+-- go.mod.want --
+module example.com/a
+
+go 1.25
+
+require rsc.io/quote v1.5.2
+
+require (
+	golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c // indirect
+	rsc.io/sampler v1.3.0 // indirect
+)
+-- go.mod.all.want --
+module example.com/a
+
+go 1.25
+
+require rsc.io/quote v1.5.2
+
+require (
+	golang.org/x/text v0.3.0 // indirect
+	rsc.io/sampler v1.99.99 // indirect
+)
+-- a.go --
+package a
+
+import _ "rsc.io/quote"

src/cmd/go/testdata/script/mod_get_work_incomplete.txt renamed to src/cmd/go/testdata/script/mod_get_workspace_incomplete.txt

@@ -20,6 +20,13 @@ go get ./...
 cmp go.mod go.mod.want
 cmp go.sum go.sum.want
 
+# Test go get with an incomplete module using a "work" query.
+cp go.mod.orig go.mod
+rm go.sum
+go get work
+cmp go.mod go.mod.want
+cmp go.sum go.sum.want
+
 # Test go get with an incomplete module using a path query that can be resolved.
 cp go.mod.orig go.mod
 rm go.sum

src/crypto/tls/auth.go

@@ -149,20 +149,18 @@ func legacyTypeAndHashFromPublicKey(pub crypto.PublicKey) (sigType uint8, hash c
 var rsaSignatureSchemes = []struct {
 	scheme          SignatureScheme
 	minModulusBytes int
-	maxVersion      uint16
 }{
 	// RSA-PSS is used with PSSSaltLengthEqualsHash, and requires
 	//    emLen >= hLen + sLen + 2
-	{PSSWithSHA256, crypto.SHA256.Size()*2 + 2, VersionTLS13},
-	{PSSWithSHA384, crypto.SHA384.Size()*2 + 2, VersionTLS13},
-	{PSSWithSHA512, crypto.SHA512.Size()*2 + 2, VersionTLS13},
+	{PSSWithSHA256, crypto.SHA256.Size()*2 + 2},
+	{PSSWithSHA384, crypto.SHA384.Size()*2 + 2},
+	{PSSWithSHA512, crypto.SHA512.Size()*2 + 2},
 	// PKCS #1 v1.5 uses prefixes from hashPrefixes in crypto/rsa, and requires
 	//    emLen >= len(prefix) + hLen + 11
-	// TLS 1.3 dropped support for PKCS #1 v1.5 in favor of RSA-PSS.
-	{PKCS1WithSHA256, 19 + crypto.SHA256.Size() + 11, VersionTLS12},
-	{PKCS1WithSHA384, 19 + crypto.SHA384.Size() + 11, VersionTLS12},
-	{PKCS1WithSHA512, 19 + crypto.SHA512.Size() + 11, VersionTLS12},
-	{PKCS1WithSHA1, 15 + crypto.SHA1.Size() + 11, VersionTLS12},
+	{PKCS1WithSHA256, 19 + crypto.SHA256.Size() + 11},
+	{PKCS1WithSHA384, 19 + crypto.SHA384.Size() + 11},
+	{PKCS1WithSHA512, 19 + crypto.SHA512.Size() + 11},
+	{PKCS1WithSHA1, 15 + crypto.SHA1.Size() + 11},
 }
 
 // signatureSchemesForCertificate returns the list of supported SignatureSchemes
@@ -202,7 +200,7 @@ func signatureSchemesForCertificate(version uint16, cert *Certificate) []Signatu
 		size := pub.Size()
 		sigAlgs = make([]SignatureScheme, 0, len(rsaSignatureSchemes))
 		for _, candidate := range rsaSignatureSchemes {
-			if size >= candidate.minModulusBytes && version <= candidate.maxVersion {
+			if size >= candidate.minModulusBytes {
 				sigAlgs = append(sigAlgs, candidate.scheme)
 			}
 		}
@@ -219,10 +217,9 @@ func signatureSchemesForCertificate(version uint16, cert *Certificate) []Signatu
 	}
 
 	// Filter out any unsupported signature algorithms, for example due to
-	// FIPS 140-3 policy, tlssha1=0, or any downstream changes to defaults.go.
-	supportedAlgs := supportedSignatureAlgorithms(version)
+	// FIPS 140-3 policy, tlssha1=0, or protocol version.
 	sigAlgs = slices.DeleteFunc(sigAlgs, func(sigAlg SignatureScheme) bool {
-		return !isSupportedSignatureAlgorithm(sigAlg, supportedAlgs)
+		return isDisabledSignatureAlgorithm(version, sigAlg, false)
 	})
 
 	return sigAlgs

src/crypto/tls/bogo_config.json

@@ -20,8 +20,6 @@
         "TLS-ECH-Client-Reject-NoChannelID-TLS13": "We don't support sending channel ID",
         "TLS-ECH-Client-Reject-NoChannelID-TLS12": "We don't support sending channel ID",
 
-        "ServerAuth-SHA1-Fallback*": "We don't ever support SHA-1 in TLS 1.2, so we fail if there are no signature_algorithms",
-
         "TLS-ECH-Client-GREASE-IgnoreHRRExtension": "We don't support ECH GREASE because we don't fallback to plaintext",
         "TLS-ECH-Client-NoSupportedConfigs-GREASE": "We don't support ECH GREASE because we don't fallback to plaintext",
         "TLS-ECH-Client-GREASEExtensions": "We don't support ECH GREASE because we don't fallback to plaintext",
@@ -40,7 +38,19 @@
         "PostQuantumNotEnabledByDefaultInClients": "We do enable it by default!",
         "*-Kyber-TLS13": "We don't support Kyber, only ML-KEM (BoGo bug ignoring AllCurves?)",
 
-        "*-SignDefault-*": "TODO, partially it encodes BoringSSL defaults, partially we might be missing some implicit behavior of a missing flag",
+        "*-RSA_PKCS1_SHA256_LEGACY-TLS13": "We don't support the legacy PKCS#1 v1.5 codepoint for TLS 1.3",
+        "*-Verify-RSA_PKCS1_SHA256_LEGACY-TLS12": "Likewise, we don't know how to handle it in TLS 1.2, so we send the wrong alert",
+        "*-VerifyDefault-*": "Our signature algorithms are not configurable, so there is no difference between default and supported",
+        "Ed25519DefaultDisable-*": "We support Ed25519 by default",
+        "NoCommonSignatureAlgorithms-TLS12-Fallback": "We don't support the legacy RSA exchange (without tlsrsakex=1)",
+
+        "*_SHA1-TLS12": "We don't support SHA-1 in TLS 1.2 (without tlssha1=1)",
+        "Agree-Digest-SHA1": "We don't support SHA-1 in TLS 1.2 (without tlssha1=1)",
+        "ServerAuth-SHA1-Fallback*": "We don't support SHA-1 in TLS 1.2 (without tlssha1=1), so we fail if there are no signature_algorithms",
+
+        "Agree-Digest-SHA256": "We select signature algorithms in peer preference order. We should consider changing this.",
+        "ECDSACurveMismatch-Verify-TLS13": "We don't enforce the curve when verifying. This is a bug. We need to fix this.",
+        "*-Verify-ECDSA_P224_SHA256-TLS13": "Side effect of the bug above. BoGo sends a P-256 sigAlg with a P-224 key, and we allow it.",
 
         "V2ClientHello-*": "We don't support SSLv2",
         "SendV2ClientHello*": "We don't support SSLv2",
@@ -62,8 +72,10 @@
         "CurveID-Resume*": "unexposed curveID is not stored in the ticket yet",
         "BadRSAClientKeyExchange-4": "crypto/tls doesn't check the version number in the premaster secret - see processClientKeyExchange comment",
         "BadRSAClientKeyExchange-5": "crypto/tls doesn't check the version number in the premaster secret - see processClientKeyExchange comment",
-        "CheckLeafCurve": "TODO: first pass, this should be fixed",
         "SupportTicketsWithSessionID": "We don't support session ID resumption",
+        "ResumeTLS12SessionID-TLS13": "We don't support session ID resumption",
+
+        "CheckLeafCurve": "TODO: first pass, this should be fixed",
         "KeyUpdate-RequestACK": "TODO: first pass, this should be fixed",
         "SupportedVersionSelection-TLS12": "TODO: first pass, this should be fixed",
         "UnsolicitedServerNameAck-TLS-TLS1": "TODO: first pass, this should be fixed",
@@ -88,19 +100,6 @@
         "Resume-Server-OmitPSKsOnSecondClientHello": "TODO: first pass, this should be fixed",
         "Renegotiate-Server-Forbidden": "TODO: first pass, this should be fixed",
         "Renegotiate-Client-Forbidden-1": "TODO: first pass, this should be fixed",
-        "Client-Sign-RSA_PKCS1_SHA1-TLS13": "TODO: first pass, this should be fixed",
-        "Client-Sign-RSA_PKCS1_SHA256-TLS13": "TODO: first pass, this should be fixed",
-        "Client-Sign-RSA_PKCS1_SHA384-TLS13": "TODO: first pass, this should be fixed",
-        "Client-Sign-RSA_PKCS1_SHA512-TLS13": "TODO: first pass, this should be fixed",
-        "Client-Sign-ECDSA_SHA1-TLS13": "TODO: first pass, this should be fixed",
-        "Client-Sign-ECDSA_P224_SHA256-TLS13": "TODO: first pass, this should be fixed",
-        "ClientAuth-NoFallback-TLS13": "TODO: first pass, this should be fixed",
-        "ClientAuth-NoFallback-ECDSA": "TODO: first pass, this should be fixed",
-        "ClientAuth-NoFallback-RSA": "TODO: first pass, this should be fixed",
-        "ECDSACurveMismatch-Verify-TLS13": "TODO: first pass, this should be fixed",
-        "Ed25519DefaultDisable-NoAdvertise": "TODO: first pass, this should be fixed",
-        "Ed25519DefaultDisable-NoAccept": "TODO: first pass, this should be fixed",
-        "NoCommonSignatureAlgorithms-TLS12-Fallback": "TODO: first pass, this should be fixed",
         "UnknownExtension-Client": "TODO: first pass, this should be fixed",
         "UnknownUnencryptedExtension-Client-TLS13": "TODO: first pass, this should be fixed",
         "UnofferedExtension-Client-TLS13": "TODO: first pass, this should be fixed",
@@ -153,7 +152,6 @@
         "TrailingMessageData-TLS13-ClientCertificate-TLS": "TODO: first pass, this should be fixed",
         "TrailingMessageData-TLS13-ClientCertificateVerify-TLS": "TODO: first pass, this should be fixed",
         "TrailingMessageData-TLS13-ServerCertificate-TLS": "TODO: first pass, this should be fixed",
-        "ResumeTLS12SessionID-TLS13": "We don't support session ID resumption",
         "SkipEarlyData-TLS13": "TODO: first pass, this should be fixed",
         "DuplicateKeyShares-TLS13": "TODO: first pass, this should be fixed",
         "Server-TooLongSessionID-TLS13": "TODO: first pass, this should be fixed",