Update sqlite build code to respect all plugin dependencies

[misraved]

No description provided.

[Copilot]

Pull Request Overview

This PR updates the SQLite build code to respect all plugin dependencies by automatically extracting and applying replace directives from plugin go.mod files. The changes ensure that when building SQLite plugins, any replace directives specified in the plugin's go.mod file are properly incorporated into the build process.

Key changes:

• Added functionality to fetch and parse plugin go.mod files to extract replace directives and Go version information
• Updated template rendering to include Go version and toolchain information from plugin dependencies
• Modified the build process to apply replace directives when present

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 6 comments.

File	Description
generate/generator.go	Added comprehensive functionality to fetch plugin go.mod files, extract replace directives and Go version info, with extensive validation
Makefile	Updated build and render targets to apply replace.mod file contents to go.mod when present

[Copilot]

The regex pattern is too restrictive for Go module paths. It doesn't allow uppercase letters, which are valid in Go module paths (e.g., 'github.com/MyOrg/MyRepo'). The pattern should be case-insensitive or allow uppercase letters.

Suggested change

	re := regexp.MustCompile(`^[a-z0-9]+(?:[-./][a-z0-9]+)*$`)
	re := regexp.MustCompile(`^[A-Za-z0-9]+(?:[-./][A-Za-z0-9]+)*$`)

[Copilot]

The version validation regex is incorrect for pseudo-versions. Pseudo-versions have the format 'v0.0.0-yyyymmddhhmmss-abcdefabcdef' where the timestamp is 14 digits and the commit hash is 12 hex characters, but your pattern allows any version prefix (not just v0.0.0) before the timestamp. Also, the pattern doesn't properly handle the combination of pre-release and build metadata.

Suggested change

	re := regexp.MustCompile(`^v\d+(\.\d+){0,2}(-\d{14}-[a-f0-9]{12}|(-[\w\-\.]+)?(\+[\w\-\.]+)?)?$`)
	re := regexp.MustCompile(`^(v0\.0\.0-\d{14}-[a-f0-9]{12}|v\d+\.\d+\.\d+(-[\w\-\.]+)?(\+[\w\-\.]+)?)$`)

[Copilot]

The command construction is problematic. You're creating the command with just 'go get' and then appending the URL to cmd.Args. This will result in cmd.Args being ['go', 'get', 'github.com/...'] which is correct, but the pattern is unusual and error-prone. Consider using exec.Command("go", "get", safeUrl) directly.

Suggested change

	cmd = exec.Command("go", "get")
	cmd.Dir = tmpDir
	cmd.Args = append(cmd.Args, safeUrl) // Append URL directly
	cmd = exec.Command("go", "get", safeUrl)
	cmd.Dir = tmpDir

[Copilot]

Same issue as above - the command construction pattern of creating the command and then appending to cmd.Args is unusual and error-prone. Use exec.Command("go", "list", "-m", "-json", safeUrl) directly.

Suggested change

	cmd = exec.Command("go", "list", "-m", "-json")
	cmd.Dir = tmpDir
	cmd.Args = append(cmd.Args, safeUrl) // Append the URL directly
	cmd = exec.Command("go", "list", "-m", "-json", safeUrl)
	cmd.Dir = tmpDir

[Copilot]

The caching logic has a potential issue: if getPluginReplaceDirectives fails, cachedUrl is still updated to pluginGithubUrl, which means subsequent calls won't retry the operation even though it failed. The cachedUrl should only be updated on successful completion.