GoMod: Fix the algorithm for handling cycles

[fviernau]

The previous algorithm exhibits the following issues when run on graphs
with cycles, in particular when the amount of edges is large:

1. Cycles of length 1 lead to infinite recursion.
2. The algorithm is inefficient in terms of execution time and memory
   allocation, as it creates a copy of the
   predecessorNodes set per recursion.
3. When run against [1] the execution of toPackageReferenceForest()
   didn't finish within 15 minutes, causing high CPU load and memory
   consumption.

If GoMod used the dependency graph format already, the solution would be
as simple as calling DependencyGraphBuilder.breakCycles(). Fix the
problem by copying the code of DependencyGraphBuilder.breakCycles() as
a temporary quick fix. This saves effort, because refactoring GoMod to
use the dependency graph is planned anyway [2], which will allow for
removing that copied code again.

[1] https://github.com/ossf/scorecard
[2] #4249

Fixes #5627.

[codecov]

Codecov Report

Merging #5628 (3f9e8a6) into main (918e64e) will increase coverage by 0.06%.
The diff coverage is 54.05%.

❗ Current head 3f9e8a6 differs from pull request most recent head 1467603. Consider uploading reports for the commit 1467603 to get more accurate results

@@             Coverage Diff              @@
##               main    #5628      +/-   ##
============================================
+ Coverage     67.83%   67.90%   +0.06%     
+ Complexity     2177     2164      -13     
============================================
  Files           271      271              
  Lines         15854    15863       +9     
  Branches       2809     2823      +14     
============================================
+ Hits          10754    10771      +17     
+ Misses         3967     3957      -10     
- Partials       1133     1135       +2     

Flag	Coverage Δ
funTest-analyzer-docker	73.87% <76.92%> (+0.01%)	⬆️
funTest-non-analyzer	46.09% <ø> (ø)
test	32.10% <0.00%> (-0.06%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
analyzer/src/main/kotlin/managers/GoMod.kt	61.90% <54.05%> (+4.01%)	⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

[dgutson]

Thanks @fviernau!, is there an issue already created to "refactor GoMod to
use the dependency graph"?

[qequ]

Tested the analyze tool with the Scorecard repo and works fine without the need of adding extra memory 👌

[tsteenbe]

Thanks @fviernau!, is there an issue already created to "refactor GoMod to use the dependency graph"?

@dgutson Yes, there is see #4249