Hi maintainers,
First, thanks for the SDK — it has clearly stood the test of time, if not the test of go mod tidy.
Unfortunately, running any program that imports ucloud-sdk-go with a modern Go toolchain (1.26 on macOS) instantly hits a SIGBUS crash. The stack leads straight to golang.org/x/sys/unix.ioctl, called through logrus → IsTerminal just to check if stderr is a TTY. The program then cheerfully exits with signal: bus error at a dodgy address.
A quick look at your go.mod explains everything:
github.com/sirupsen/logrus v1.3.0
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550 // indirect
x/sys comes in as another 2019 pseudo-version. These were great releases — in 2019. Against Go 1.26 they are essentially a loaded footgun.
I was able to fix the crash locally by manually updating these dependencies in my project. But I shouldn't have to, and neither should anyone else. A library is supposed to declare a compatible, working set of dependencies. Right now your go.mod guarantees a panic for every new user on a recent Go version.
Could you please bump logrus, x/crypto, and anything else that drags in ancient x/sys? A simple go get -u and go mod tidy on your side would save everyone else a debugging session and a heart attack when they see a bus error.
Thanks for your time — and for preserving a piece of Go module archaeology for future generations.
Hi maintainers,
First, thanks for the SDK — it has clearly stood the test of time, if not the test of go mod tidy.
Unfortunately, running any program that imports ucloud-sdk-go with a modern Go toolchain (1.26 on macOS) instantly hits a SIGBUS crash. The stack leads straight to golang.org/x/sys/unix.ioctl, called through logrus → IsTerminal just to check if stderr is a TTY. The program then cheerfully exits with signal: bus error at a dodgy address.
A quick look at your go.mod explains everything:
x/sys comes in as another 2019 pseudo-version. These were great releases — in 2019. Against Go 1.26 they are essentially a loaded footgun.
I was able to fix the crash locally by manually updating these dependencies in my project. But I shouldn't have to, and neither should anyone else. A library is supposed to declare a compatible, working set of dependencies. Right now your go.mod guarantees a panic for every new user on a recent Go version.
Could you please bump logrus, x/crypto, and anything else that drags in ancient x/sys? A simple go get -u and go mod tidy on your side would save everyone else a debugging session and a heart attack when they see a bus error.
Thanks for your time — and for preserving a piece of Go module archaeology for future generations.