[#6136] added warning logs in case of mismatched modernc deps

CHANGELOG.md

@@ -1,3 +1,8 @@
+## v0.23.12 (WIP)
+
+- Added warning logs in case of mismatched `modernc.org/sqlite` and `modernc.org/libs` versions ([#6136](https://github.com/pocketbase/pocketbase/issues/6136#issuecomment-2556336962)).
+
+
 ## v0.23.11
 
 - Upgraded `golang.org/x/net` to 0.33.0 to fix [CVE-2024-45338](https://www.cve.org/CVERecord?id=CVE-2024-45338).

modernc_versions_check.go

@@ -0,0 +1,64 @@
+package pocketbase
+
+import (
+	"fmt"
+	"log/slog"
+	"runtime/debug"
+)
+
+const (
+	expectedDriverVersion = "v1.34.3"
+	expectedLibcVersion   = "v1.55.3"
+
+	// ModerncDepsCheckHookId is the id of the hook that performs the modernc.org/* deps checks.
+	// It could be used for removing/unbinding the hook if you don't want the checks.
+	ModerncDepsCheckHookId = "pbModerncDepsCheck"
+)
+
+func checkModerncDeps(logger *slog.Logger) {
+	info, ok := debug.ReadBuildInfo()
+	if !ok {
+		return // no build info (probably compiled without module support)
+	}
+
+	var driverVersion, libcVersion string
+
+	for _, dep := range info.Deps {
+		switch dep.Path {
+		case "modernc.org/libc":
+			libcVersion = dep.Version
+		case "modernc.org/sqlite":
+			driverVersion = dep.Version
+		}
+
+		// no need to further search if both deps are located
+		if driverVersion != "" && libcVersion != "" {
+			break
+		}
+	}
+
+	// not using the default driver
+	if driverVersion == "" {
+		return
+	}
+
+	if driverVersion != expectedDriverVersion {
+		logger.Warn(fmt.Sprintf(
+			"You are using  modernc.org/sqlite %s which differs from the tested %s.\n"+
+				"Make sure to either manually update in your go.mod the dependency version to the expected one OR if you want to keep yours "+
+				"ensure that its indirect modernc.org/libc dependency has the same version as in the https://gitlab.com/cznic/sqlite/-/blob/master/go.mod, "+
+				"otherwise it could result in unexpected build or runtime errors.",
+			driverVersion,
+			expectedDriverVersion,
+		), slog.String("current", driverVersion), slog.String("expected", expectedDriverVersion))
+	} else if libcVersion != expectedLibcVersion {
+		logger.Warn(fmt.Sprintf(
+			"You are using a modernc.org/libc %s which differs from the tested %s.\n"+
+				"Please update your go.mod and manually set modernc.org/libc to %s, otherwise it could result in unexpected build or runtime errors "+
+				"(you may have to also run 'go clean -modcache' to clear the cache if the warning persists).",
+			libcVersion,
+			expectedLibcVersion,
+			expectedLibcVersion,
+		), slog.String("current", libcVersion), slog.String("expected", expectedLibcVersion))
+	}
+}

pocketbase.go

@@ -12,7 +12,9 @@ import (
 	"github.com/fatih/color"
 	"github.com/pocketbase/pocketbase/cmd"
 	"github.com/pocketbase/pocketbase/core"
+	"github.com/pocketbase/pocketbase/tools/hook"
 	"github.com/pocketbase/pocketbase/tools/list"
+	"github.com/pocketbase/pocketbase/tools/routine"
 	"github.com/spf13/cobra"
 
 	_ "github.com/pocketbase/pocketbase/migrations"
@@ -137,6 +139,24 @@ func NewWithConfig(config Config) *PocketBase {
 	// hide the default help command (allow only `--help` flag)
 	pb.RootCmd.SetHelpCommand(&cobra.Command{Hidden: true})
 
+	// https://github.com/pocketbase/pocketbase/issues/6136
+	pb.OnBootstrap().Bind(&hook.Handler[*core.BootstrapEvent]{
+		Id: ModerncDepsCheckHookId,
+		Func: func(be *core.BootstrapEvent) error {
+			if err := be.Next(); err != nil {
+				return err
+			}
+
+			// run separately to avoid blocking
+			logger := be.App.Logger()
+			routine.FireAndForget(func() {
+				checkModerncDeps(logger)
+			})
+
+			return nil
+		},
+	})
+
 	return pb
 }