fix: go backend missing supports_lockfile_url() override

[palootcenas-outreach]

Summary

Go backend tools compile from source via go install and don't produce downloadable binary artifacts. The default supports_lockfile_url() returns true, causing --locked mode to fail for any go-backend tool since their lockfile entries can never contain platform-specific download URLs.

This adds supports_lockfile_url() -> false to the Go backend, matching the pattern already used by cargo, npm, pipx, asdf, dotnet, rust, and ubi backends.

The Problem

When using --locked mode with go-backend tools:

# mise.toml
[tools]
"go:golang.org/x/tools/cmd/goimports" = "latest"

mise lock generates entries without download URLs (because there are none — go tools are compiled from source):

# mise.lock
[[tools]]
name = "go:golang.org/x/tools/cmd/goimports"
version = "0.33.0"
backend = "go"
# no checksums/URLs — compiled from source

Then mise install --locked fails because install_version() in src/backend/mod.rs expects lockfile URLs when supports_lockfile_url() returns true.

The Fix

One-line override in src/backend/go.rs:

fn supports_lockfile_url(&self) -> bool {
    false
}

Note: gem, spm, and conda backends may have the same issue — they also don't override supports_lockfile_url() and may compile from source or use non-URL-based installation. Worth checking.

Related

• Discussion with full root cause analysis of this + a second bug (disable_backends bypass): `disable_backends` doesn't work for explicitly declared tools (two bugs) #8789

[gemini-code-assist]

Code Review

This pull request implements the supports_lockfile_url method for the GoBackend in src/backend/go.rs, which currently returns false. I have no feedback to provide.

[greptile-apps]

Greptile Summary

This PR adds a one-line supports_lockfile_url() -> false override to GoBackend, fixing a bug where mise install --locked would fail for any go-backend tool because go tools are compiled from source via go install and never produce platform-specific downloadable binary artifacts that can be stored as URLs in a lockfile.\n\n- The fix correctly mirrors the pattern already established by cargo, npm, pipx, asdf, ubi, rust (core plugin), and dotnet (core plugin) backends, all of which return false from supports_lockfile_url().\n- Without this override, install_version() in src/backend/mod.rs (line 996) checks for a lockfile URL and bails with an error, even though go-backend lockfile entries legitimately have no URL.\n- The PR description notes that gem, spm, and conda backends may have the same issue — these are unaddressed in this PR but worth a follow-up.\n- No regression test is added; a new e2e test under e2e/lockfile/ covering --locked mode for a go-backend tool would prevent future regressions.

Confidence Score: 5/5

Safe to merge — the change is minimal, correctly follows established patterns, and directly fixes a broken user-facing workflow.

Single-method override that returns a constant false, consistent with at least seven other backends that have the same pattern. The logic in mod.rs clearly shows this is the correct fix. No risk of regression in unrelated code paths.

No files require special attention — the single changed file is straightforward.

Important Files Changed

Filename	Overview
src/backend/go.rs	Adds supports_lockfile_url() -> false override to GoBackend, fixing --locked mode failures for go-backend tools that compile from source and have no downloadable binary URLs.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A["mise install --locked (go:some/tool)"] --> B["install_version() — mod.rs:996"]
    B --> C{"ctx.locked &&\nnot tool_stub?"}
    C -- No --> F["Proceed with install via go install"]
    C -- Yes --> D{"supports_lockfile_url()?"}
    D -- "true (before fix)\ndefault" --> E["❌ bail! — No lockfile URL found\n(go tools have no binary URLs)"]
    D -- "false (after fix)\nGoBackend override" --> F
    F --> G["go install golang.org/x/...@version"]
    G --> H["✅ Tool installed from source"]

Loading

_{Reviews (1): Last reviewed commit: "fix: go backend missing supports_lockfil..." | Re-trigger Greptile}

[greptile-apps]

No regression test for locked mode

The fix is correct, but there's no new e2e test covering mise install --locked with a go-backend tool. The existing lockfile tests (e.g. e2e/lockfile/test_lockfile_install, e2e/lockfile/test_lockfile_locked_mode) don't exercise this code path for the go backend. Without a test, a future refactor that accidentally reverts this override or changes how supports_lockfile_url() is wired would silently re-introduce the regression.

Consider adding a small test under e2e/lockfile/ — something like:

#!/usr/bin/env bash
export MISE_LOCKFILE=1

cat <<EOF >mise.toml
[tools]
"go:golang.org/x/tools/cmd/goimports" = "latest"
EOF

# mise lock should succeed and produce an entry without a URL
mise lock
assert_contains "mise.lock" 'backend = "go"'

# mise install --locked should succeed (not bail with "No lockfile URL found")
mise install --locked