If local Go is different version than Go used to compile `depth`, `tree.Resolve` fails with an unhelpful error message

[elldritch]

Hi there!

We've been using depth as a library as a part of https://github.com/fossas/fossa-cli to power our Go dependency discovery. We recently ran into an interesting bug where using a copy of depth compiled with a different (newer?) version of Go than the local Go caused tree.Resolve to fail with cryptic errors like could not resolve package: fmt or could not resolve package: bytes. My suspicion is that this is related to depth's usage of go/build, and some weirdness is going on with importing standard library packages when the Go version changes. See fossas/fossa-cli#63 for our downstream tracking issue.

We're working around this issue by switching to go list parsing instead, but I wonder if this can be resolved within depth itself (maybe by special-casing the standard library packages?). If not, it may be possible to at least give a less cryptic error message by detecting when a resolution error occurs on a known standard library package.