Bump the extractor-dependencies group in /go/extractor with 2 updates

[dependabot]

Bumps the extractor-dependencies group in /go/extractor with 2 updates: golang.org/x/mod and golang.org/x/tools.

Updates golang.org/x/mod from 0.14.0 to 0.17.0

Commits

• aa51b25 modfile: do not collapse if there are unattached comments within blocks
• 87140ec sumdb/tlog: make NewTiles only generate strictly necessary tiles
• 18d3f56 modfile: fix crash on AddGoStmt in empty File
• 766dc5d modfile: use new go version string format in WorkFile.add error
• fa1ba42 sumdb: replace globsMatchPath with module.MatchPrefixPatterns
• See full diff in compare view

Updates golang.org/x/tools from 0.15.0 to 0.21.0

Release notes

Sourced from golang.org/x/tools's releases.

gopls/v0.15.3

This release fixes the following regressions in [email protected]+:

• golang/go#66490: occasional crashes when the imports cache is refreshed.
• golang/go#66425: spurious import errors in multi-root workspaces that have go.work replace directives.
• golang/go#66636: a crash in analysis when the go.mod contains a patch version and gopls was built with Go 1.20 or earlier.
• golang/go#66677: silent breakage when the go.mod file contains Go 1.22.x, and gopls was built with Go 1.21.x.
• golang/go#66731: a rare crash when diagnostics are erroneously positioned outside the file due to malformed syntax.
• golang/go#66647: a performance regression due to unnecessary reloading following "workspace/didChangeConfiguration" notifications. Under some not-yet-understood conditions, an apparent VS Code bug causes didChangeConfiguration notifications on every keystroke. With the zero-config logic of [email protected]+, any didChangeConfiguration notification causes gopls to re-evaluate (and reload) the set of builds it tracks. With the v0.15.3 release, gopls verifies that configuration actually changed. Special thanks to @​gordallott for working with us to track down this bug.

gopls/v0.15.2

This release fixes the following regressions in [email protected]+.

• golang/go#66109: a crash when encountering a test file excluded via build tags, which also contained an invalid import of a main package. This could occur in a tools_test.go file implementing the common pattern for tool dependencies.
• golang/go#66145: spurious import errors in multi-root workspaces. In some scenarios, the new zero-config logic added in [email protected] resulted in inaccurate errors about missing imports. This could occur when module A has a local replace of module B, and A and B are open as a separate workspace folders.
• golang/go#66195: a crash when working on modules with a go directive of the form go a.b.c, when gopls was compiled with Go 1.20 or earlier.
• golang/go#66090: a crash when SignatureHelp is cancelled (found via telemetry)
• golang/go#66250: a crash in references when one of the package files is missing a package declaration (found via telemetry)

These last two crashes are worth highlighting. Both were found via the (off by default) automated crash reporting added in [email protected]. Both were unlikely to get reported via GitHub issues, because they won't happen frequently enough for most LSP clients to notify the user. This is a perfect example of how telemetry can help us deliver a more reliable product than would be possible without automated reporting.

gopls/v0.15.1

This release fixes golang/go#65952, a crash in document highlighting when the cursor is in a return value for a function that has no results, such as the following example:

func f() { // <-- no results
   return 0| // <-- cursor at '|'
}

Thanks very much to @​patrickpichler who both reported and fixed this bug!

We're hopeful that once Go 1.23 is released, the opt-in automated crash reporting added in gopls v0.15.0 will increase the likelihood that these types of crashes are caught before they are released.

Commits

• cc29c91 go.mod: update golang.org/x dependencies
• 397fef9 gopls/internal/protocol: add links to LSP spec
• e2a352c internal/refactor/inline: extensible API
• c16c816 go/analysis/passes/stdversion: test *.go < go.mod version
• 629a7be go/analysis/analysistest: stricter errors and GOWORK setting
• 4db1697 go/packages/packagestest: fold modules_111.go into modules.go
• ccdef3c gopls/internal/golang: fix nil panic in InlayHint
• 74c9cfe go/analysis: add Pass.ReadFile
• 5ef4fc9 gopls/internal/golang/completion: fix the isEmptyInterface predicate
• 77f691b internal/gcimporter: use Alias.Rhs, not unsafe hack
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Dependabot tried to add @jorgectf/codeql-go as a reviewer to this PR, but received the following error from GitHub:

POST https://api.github.com/repos/jorgectf/codeql/pulls/96/requested_reviewers: 422 - Reviews may only be requested from collaborators. One or more of the teams you specified is not a collaborator of the jorgectf/codeql repository. // See: https://docs.github.com/rest/pulls/review-requests#request-reviewers-for-a-pull-request

[dependabot]

Superseded by #97.