Commit b6ddb6aa authored by Hilko Bengen's avatar Hilko Bengen

New upstream version 0.5.1

parent 85f1c405
......@@ -22,7 +22,9 @@ checks:
enabled: false
plugins:
gofmt:
enabled: true
# Codeclimate go fmt does not agree with tip go fmt; consider re-enabling
# CC when the advice matches up with tip again.
enabled: false
govet:
enabled: true
golint:
......
language: go
sudo: false
dist: xenial
notifications:
email: false
jobs:
......@@ -7,12 +8,15 @@ jobs:
- stage: test
go_import_path: github.com/golang/dep
install:
- ssh-keyscan -t $TRAVIS_SSH_KEY_TYPES -H bitbucket.org >> ~/.ssh/known_hosts
- make get-deps
- npm install -g codeclimate-test-reporter
env:
- DEPTESTBYPASS501=1
- TZ=UTC
- GOCACHE=/home/travis/var/cache
os: linux
go: 1.10.x
go: 1.12.x
script:
- make validate test
- ./hack/coverage.bash
......@@ -20,25 +24,41 @@ jobs:
- codeclimate-test-reporter < coverage.txt
# YAML alias, for settings shared across the simpler builds
- &simple-test
go: 1.9.x
go: 1.11.x
stage: test
go_import_path: github.com/golang/dep
install: skip
install:
- ssh-keyscan -t $TRAVIS_SSH_KEY_TYPES -H bitbucket.org >> ~/.ssh/known_hosts
env:
- DEPTESTBYPASS501=1
script: make test
- TZ=UTC
script:
- make test
- <<: *simple-test
go: 1.9.x
- <<: *simple-test
go: tip
install:
- ssh-keyscan -t $TRAVIS_SSH_KEY_TYPES -H bitbucket.org >> ~/.ssh/known_hosts
- mkdir -p /home/travis/var/cache
env:
- GOCACHE=/home/travis/var/cache
- DEPTESTBYPASS501=1
- TZ=UTC
- <<: *simple-test
os: osx
go: 1.10.x
go: 1.12.x
install:
# brew takes horribly long to update itself despite the above caching
# attempt; only bzr install if it's not on the $PATH
- ssh-keyscan -t $TRAVIS_SSH_KEY_TYPES -H bitbucket.org >> ~/.ssh/known_hosts
- test $(which bzr) || brew install bzr
env:
- HOMEBREW_NO_AUTO_UPDATE=1
- DEPTESTBYPASS501=1
- TZ=UTC
- GOCACHE=/Users/travis/var/cache
script:
# OSX as of El Capitan sets an exit trap that interacts poorly with how
# travis seems to spawn these shells; if set -e is set, then it can cause
......@@ -47,14 +67,16 @@ jobs:
# Related: https://superuser.com/questions/1044130/why-am-i-having-how-can-i-fix-this-error-shell-session-update-command-not-f
- trap EXIT
- make test
- go: 1.10.x
- go: 1.12.x
# Run on OS X so that we get a CGO-enabled binary for this OS; see
# https://github.com/golang/dep/issues/1838 for more details.
os: osx
stage: deploy
go_import_path: github.com/golang/dep
install: skip
script: skip
install:
- ssh-keyscan -t $TRAVIS_SSH_KEY_TYPES -H bitbucket.org >> ~/.ssh/known_hosts
script:
- skip
before_deploy:
- ./hack/build-all.bash
deploy:
......@@ -78,6 +100,16 @@ jobs:
- release/dep-freebsd-386.sha256
- release/dep-windows-386.exe
- release/dep-windows-386.exe.sha256
- release/dep-linux-ppc64
- release/dep-linux-ppc64.sha256
- release/dep-linux-ppc64le
- release/dep-linux-ppc64le.sha256
- release/dep-linux-s390x
- release/dep-linux-s390x.sha256
- release/dep-linux-armv6
- release/dep-linux-armv6.sha256
- release/dep-linux-arm64
- release/dep-linux-arm64.sha256
skip_cleanup: true
on:
repo: golang/dep
......
# (next version)
# v0.5.1
IMPROVEMENTS:
* Add CI tests against go1.11.
* Fix indefinite hang cloning Git repositories that failed fsck checks. ([#2070][2070])
* The `noverify` field in `Gopkg.toml` allows for the preservation of excess files under `vendor`. ([#2002](https://github.com/golang/dep/issue/2002))
* Add releases for `arm`, `armv6` ([#2102][2102]), `s390x` ([#2070][2070]), and `ppc` architectures.
* Fix handling of cyclic import graphs ([#2003][2003]).
* Fix error in preservation of vendor/.git ([#2000][2000]).
* Fix an edge case in lockdiff where all the projects may be removed from the lock file ([#1972][1972]).
* Fix panic related to projects. ([#1945][1945])
[2102]: https://github.com/golang/dep/pull/2102
[2070]: https://github.com/golang/dep/pull/2070
[2000]: https://github.com/golang/dep/pull/2000
[1981]: https://github.com/golang/dep/pull/1981
[2003]: https://github.com/golang/dep/pull/2003
[1972]: https://github.com/golang/dep/pull/1972
[1945]: https://github.com/golang/dep/pull/1945
BUG FIXES:
* Correctly handle certain cases where `dep ensure` removed projects from Gopkg.lock. ([#1945](https://github.com/golang/dep/issue/1945)).
# v0.5.0
......
......@@ -24,7 +24,7 @@ When [filing an issue](https://github.com/golang/dep/issues/new), make sure to a
## Contributing code
Let us know if you are interested in working on an issue by leaving a comment
on the issue in GitHub. This helps avoid multiple people unknowingly
on the issue in GitHub. This helps avoid multiple people unknowingly
working on the same issue.
Please read the [Contribution Guidelines](https://golang.org/doc/contribute.html)
......
......@@ -41,6 +41,19 @@
revision = "925541529c1fa6821df4e44ce2723319eb2be768"
version = "v1.0.0"
[[projects]]
digest = "1:2e3c336fc7fde5c984d2841455a658a6d626450b1754a854b3b32e7a8f49a07a"
name = "github.com/google/go-cmp"
packages = [
"cmp",
"cmp/internal/diff",
"cmp/internal/function",
"cmp/internal/value",
]
pruneopts = "NUT"
revision = "3af367b6b30c263d47e8895973edcca9a49cf029"
version = "v0.2.0"
[[projects]]
digest = "1:f5169729244becc423886eae4d72547e28ac3f13f861bed8a9d749bc7238a1c3"
name = "github.com/jmank88/nuts"
......@@ -122,12 +135,14 @@
"github.com/armon/go-radix",
"github.com/boltdb/bolt",
"github.com/golang/protobuf/proto",
"github.com/google/go-cmp/cmp",
"github.com/jmank88/nuts",
"github.com/nightlyone/lockfile",
"github.com/pelletier/go-toml",
"github.com/pkg/errors",
"github.com/sdboyer/constext",
"golang.org/x/sync/errgroup",
"golang.org/x/sys/unix",
"gopkg.in/yaml.v2",
]
solver-name = "gps-cdcl"
......
......@@ -28,6 +28,12 @@ $ brew install dep
$ brew upgrade dep
```
On Debian platforms you can install or upgrade to the latest version with apt-get:
```sh
$ sudo apt-get install go-dep
```
On other platforms you can use the `install.sh` script:
```sh
......
......@@ -141,7 +141,7 @@ func (cmd *checkCommand) Run(ctx *dep.Ctx, args []string) error {
noverify[skip] = true
}
var vendorfail bool
var vendorfail, hasnoverify bool
// One full pass through, to see if we need to print the header, and to
// create an array of names to sort for deterministic output.
var ordered []string
......@@ -149,54 +149,75 @@ func (cmd *checkCommand) Run(ctx *dep.Ctx, args []string) error {
ordered = append(ordered, path)
switch status {
case verify.DigestMismatchInLock, verify.HashVersionMismatch, verify.EmptyDigestInLock:
// NoVerify applies only to these three cases.
case verify.DigestMismatchInLock, verify.HashVersionMismatch, verify.EmptyDigestInLock, verify.NotInLock:
if noverify[path] {
hasnoverify = true
continue
}
fallthrough
case verify.NotInTree, verify.NotInLock:
case verify.NotInTree:
// NoVerify cannot be used to make dep check ignore the absence
// of a project entirely.
if noverify[path] {
delete(noverify, path)
}
fail = true
if !vendorfail {
vendorfail = true
logger.Println("# vendor is out of sync:")
}
}
}
sort.Strings(ordered)
var vfbuf, novbuf bytes.Buffer
var bufptr *bytes.Buffer
fmt.Fprintf(&vfbuf, "# vendor is out of sync:\n")
fmt.Fprintf(&novbuf, "# out of sync, but ignored, due to noverify in Gopkg.toml:\n")
for _, pr := range ordered {
var nvSuffix string
if noverify[pr] {
nvSuffix = " (CHECK IGNORED: marked noverify in Gopkg.toml)"
bufptr = &novbuf
} else {
bufptr = &vfbuf
}
status := statuses[pr]
switch status {
case verify.NotInTree:
logger.Printf("%s: missing from vendor\n", pr)
fmt.Fprintf(bufptr, "%s: missing from vendor\n", pr)
case verify.NotInLock:
fi, err := os.Stat(filepath.Join(p.AbsRoot, "vendor", pr))
if err != nil {
return errors.Wrap(err, "could not stat file that VerifyVendor claimed existed")
}
if fi.IsDir() {
logger.Printf("%s: unused project\n", pr)
fmt.Fprintf(bufptr, "%s: unused project\n", pr)
} else {
logger.Printf("%s: orphaned file\n", pr)
fmt.Fprintf(bufptr, "%s: orphaned file\n", pr)
}
case verify.DigestMismatchInLock:
logger.Printf("%s: hash of vendored tree not equal to digest in Gopkg.lock%s\n", pr, nvSuffix)
fmt.Fprintf(bufptr, "%s: hash of vendored tree not equal to digest in Gopkg.lock\n", pr)
case verify.EmptyDigestInLock:
logger.Printf("%s: no digest in Gopkg.lock to compare against hash of vendored tree%s\n", pr, nvSuffix)
fmt.Fprintf(bufptr, "%s: no digest in Gopkg.lock to compare against hash of vendored tree\n", pr)
case verify.HashVersionMismatch:
// This will double-print if the hash version is zero, but
// that's a rare case that really only occurs before the first
// run with a version of dep >=0.5.0, so it's fine.
logger.Printf("%s: hash algorithm mismatch, want version %v%s\n", pr, verify.HashVersion, nvSuffix)
fmt.Fprintf(bufptr, "%s: hash algorithm mismatch, want version %v\n", pr, verify.HashVersion)
}
}
if vendorfail {
logger.Print(vfbuf.String())
if hasnoverify {
logger.Println()
}
}
if hasnoverify {
logger.Print(novbuf.String())
}
}
if fail {
......
......@@ -35,10 +35,6 @@ func TestMain(m *testing.M) {
os.Setenv("CCACHE_DIR", filepath.Join(home, ".ccache"))
}
os.Setenv("HOME", "/test-dep-home-does-not-exist")
if os.Getenv("GOCACHE") == "" {
os.Setenv("GOCACHE", "off") // because $HOME is gone
}
r := m.Run()
os.Remove("testdep" + test.ExeSuffix)
......
......@@ -74,7 +74,7 @@ func (cmd *initCommand) Run(ctx *dep.Ctx, args []string) error {
}
var root string
if len(args) <= 0 {
if len(args) == 0 {
root = ctx.WorkingDir
} else {
root = args[0]
......
......@@ -340,7 +340,7 @@ func (out *dotOutput) BasicHeader() error {
func (out *dotOutput) BasicFooter() error {
gvo := out.g.output("")
_, err := fmt.Fprintf(out.w, gvo.String())
_, err := fmt.Fprint(out.w, gvo.String())
return err
}
......
......@@ -7,6 +7,7 @@ package main
import (
"bytes"
"fmt"
"io"
"io/ioutil"
"log"
"path/filepath"
......@@ -16,8 +17,6 @@ import (
"text/tabwriter"
"text/template"
"io"
"github.com/golang/dep"
"github.com/golang/dep/gps"
"github.com/golang/dep/internal/test"
......@@ -28,7 +27,7 @@ func TestStatusFormatVersion(t *testing.T) {
t.Parallel()
tests := map[gps.Version]string{
nil: "",
nil: "",
gps.NewBranch("master"): "branch master",
gps.NewVersion("1.0.0"): "1.0.0",
gps.Revision("flooboofoobooo"): "flooboo",
......
github.com/sdboyer/deptest: hash of vendored tree not equal to digest in Gopkg.lock (CHECK IGNORED: marked noverify in Gopkg.toml)
# out of sync, but ignored, due to noverify in Gopkg.toml:
github.com/sdboyer/deptest: hash of vendored tree not equal to digest in Gopkg.lock
github.com/sdboyer/deptest: hash algorithm mismatch, want version 1 (CHECK IGNORED: marked noverify in Gopkg.toml)
# out of sync, but ignored, due to noverify in Gopkg.toml:
github.com/sdboyer/deptest: hash algorithm mismatch, want version 1
# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
[[projects]]
digest = "1:ddbbbe7f7a81c86d54e89fa388b532f4c144d666a14e8e483ba04fa58265b135"
name = "github.com/sdboyer/deptest"
packages = ["."]
pruneopts = ""
revision = "ff2948a2ac8f538c4ecd55962e919d1e13e74baf"
version = "v1.0.0"
[solve-meta]
analyzer-name = "dep"
analyzer-version = 1
input-imports = ["github.com/sdboyer/deptest"]
solver-name = "gps-cdcl"
solver-version = 1
[[constraint]]
name = "github.com/sdboyer/deptest"
version = "1.0.0"
[prune]
go-tests = true
unused-packages = true
# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
[[projects]]
digest = "1:ddbbbe7f7a81c86d54e89fa388b532f4c144d666a14e8e483ba04fa58265b135"
name = "github.com/sdboyer/deptest"
packages = ["."]
pruneopts = ""
revision = "ff2948a2ac8f538c4ecd55962e919d1e13e74baf"
version = "v1.0.0"
[solve-meta]
analyzer-name = "dep"
analyzer-version = 1
input-imports = ["github.com/sdboyer/deptest"]
solver-name = "gps-cdcl"
solver-version = 1
[[constraint]]
name = "github.com/sdboyer/deptest"
version = "1.0.0"
[prune]
go-tests = true
unused-packages = true
// Copyright 2016 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package main
import (
"github.com/sdboyer/deptest"
)
func main() {
err := nil
if err != nil {
deptest.Map["yo yo!"]
}
}
# Gopkg.lock is out of sync:
github.com/sdboyer/deptest: prune options changed ( -> UT)
{
"commands": [
["check"]
],
"should-fail": true,
"vendor-final": [
"github.com/sdboyer/deptest"
]
}
......@@ -2,4 +2,4 @@ This is a hack - it's effectively just verifying that the Gopkg.lock doesn't
change for projects with noverify set, which (under the current logic) is an
indicator that vendor wasn't updated.
Of course, that vendor -> lock relatinoship isn't guaranteed to hold...
Of course, that vendor -> lock relationship isn't guaranteed to hold...
# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
[[projects]]
digest = "1:ddbbbe7f7a81c86d54e89fa388b532f4c144d666a14e8e483ba04fa58265b135"
name = "github.com/sdboyer/deptest"
packages = ["."]
pruneopts = ""
revision = "ff2948a2ac8f538c4ecd55962e919d1e13e74baf"
version = "v1.0.0"
[solve-meta]
analyzer-name = "dep"
analyzer-version = 1
input-imports = ["github.com/sdboyer/deptest"]
solver-name = "gps-cdcl"
solver-version = 1
# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
[[projects]]
digest = "1:ddbbbe7f7a81c86d54e89fa388b532f4c144d666a14e8e483ba04fa58265b135"
name = "github.com/sdboyer/deptest"
packages = ["."]
pruneopts = ""
revision = "ff2948a2ac8f538c4ecd55962e919d1e13e74baf"
version = "v1.0.0"
[solve-meta]
analyzer-name = "dep"
analyzer-version = 1
input-imports = ["github.com/sdboyer/deptest"]
solver-name = "gps-cdcl"
solver-version = 1
// Copyright 2017 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package main
import (
_ "github.com/sdboyer/deptest"
)
func main() {
}
# out of sync, but ignored, due to noverify in Gopkg.toml:
foo: orphaned file
orphdir: unused project
{
"commands": [
["ensure"],
["check"]
],
"vendor-final": [
"github.com/sdboyer/deptest"
]
}
PROJECT CONSTRAINT VERSION REVISION LATEST PKGS USED
github.com/sdboyer/deptest ^0.8.0 v0.8.0 ff2948a v0.8.1 1
github.com/sdboyer/deptestdos v2.0.0 v2.0.0 5c60720 v2.0.0 1
github.com/sdboyer/deptest ^0.8.0 v0.8.0 ff2948a v0.8.1 1
github.com/sdboyer/deptestdos v2.0.0 v2.0.0 5c60720 v2.0.0 1
PROJECT CONSTRAINT REVISION LATEST
github.com/carolynvs/go-dep-test ^0.1.0 b9c5511 4069198
github.com/carolynvs/go-dep-test ^0.1.0 b9c5511 4069198
PROJECT CONSTRAINT VERSION REVISION LATEST PKGS USED
github.com/sdboyer/deptest v0.8.1 (override) v0.8.1 3f4c3be v0.8.1 1
github.com/sdboyer/deptestdos v2.0.0 v2.0.0 5c60720 v2.0.0 1
github.com/sdboyer/deptest v0.8.1 (override) v0.8.1 3f4c3be v0.8.1 1
github.com/sdboyer/deptestdos v2.0.0 v2.0.0 5c60720 v2.0.0 1
PROJECT CONSTRAINT VERSION REVISION LATEST PKGS USED
github.com/sdboyer/deptest v1.0.0 v1.0.0 ff2948a v1.0.0 1
github.com/sdboyer/deptestdos a0196ba a0196ba 1
github.com/sdboyer/deptest v1.0.0 v1.0.0 ff2948a v1.0.0 1
github.com/sdboyer/deptestdos a0196ba a0196ba 1
......@@ -231,17 +231,19 @@ It is usually safe to set `non-go = true`, as well. However, as dep only has a c
## `noverify`
The `noverify` field is a list of [project roots](glossary.md#project-root) to exclude from [vendor verification](glossary.md#vendor-verification).
The `noverify` field is a list of paths, typically [project roots](glossary.md#project-root), to exclude from [vendor verification](glossary.md#vendor-verification).
Dep uses per-project hash digests, computed after pruning and recorded in [Gopkg.lock](Gopkg.lock.md#digest), to determine if the contents of `vendor/` are as expected. If the recorded digest and the hash of the corresponding tree in `vendor/` differ, that project is considered to be out of sync:
* `dep ensure` will regenerate it
* `dep check` will complain of a hash mismatch and exit 1
It is strongly preferable for almost all workflows that you leave `vendor/` unmodified, in whatever state dep puts it in. However, this isn't always an option. If you have no choice but to modify `vendor/` for a particular project, then add the project root for that project to `noverify`. This will have the following effects:
It is strongly recommended that you leave `vendor/` unmodified, in whatever state dep puts it in. However, this isn't always feasible. If you have no choice but to modify `vendor/` for a particular project, then add the project root for that project to `noverify`. This will have the following effects:
* `dep ensure` will ignore hash mismatches for the project, and only regenerate it in `vendor/` if absolutely necessary (prune options change, package list changes, version changes)
* `dep check` will continue to report hash mismatches (albeit with an annotation about `noverify`) for the project, but will no longer exit 1.
* `dep check` will continue to report hash mismatches (albeit with an annotation about `noverify`) for the project, but will no longer exit 1.
`noverify` can also be used to preserve certain excess paths that would otherwise be removed; for example, adding `WORKSPACE` to the `noverify` list would allow you to preserve `vendor/WORKSPACE`, which can help with some Bazel-based workflows.
## Scope
......
......@@ -17,7 +17,7 @@ Let's start with words!
Dep's main command is `dep ensure`. The verb is "ensure" to imply that the action is not just some single, discrete action (like adding a dependency), but enforcing some kind of broader guarantee. If we wanted to express the `dep ensure` guarantee as a sentence, it would go something like this:
> Hey dep, please make sure that [my project](glossary.md#current-project) is [in sync](glossary.md#sync): that [`Gopkg.lock`](Gopkg.lock.md) satisfies all the imports in my project, and all the rules in[ `Gopkg.toml`](Gopkg.toml.md), and that `vendor/` contains exactly what `Gopkg.lock` says it should."
> "Hey dep, please make sure that [my project](glossary.md#current-project) is [in sync](glossary.md#sync): that [`Gopkg.lock`](Gopkg.lock.md) satisfies all the imports in my project, and all the rules in[ `Gopkg.toml`](Gopkg.toml.md), and that `vendor/` contains exactly what `Gopkg.lock` says it should."
As the narrative indicates, `dep ensure` is a holistic operation. Rather than offering a series of commands to run in succession that incrementally achieve some final state, each run of `dep ensure` delivers a safe, complete, and reproducible set of dependencies with respect to the current state of your project. You might imagine repeated runs of `dep ensure` as being a bit like a frog, hopping from one lily pad to the next.
......
......@@ -13,7 +13,7 @@ Briefly, the four states are:
1. The [current project's](glossary.md#current-project) source code.
2. A [manifest](glossary.md#manifest) - a file describing the current project's dependency requirements. In dep, this is the [`Gopkg.toml`](Gopkg.toml.md) file.
3. A [lock](glossary.md#lock) - a file containing a transitively-complete, reproducible description of the dependency graph. In dep, this is the [`Gopkg.lock`](Gopkg.lock.md) file.
4. The source code of the dependences themselves. In dep's current design, this is the `vendor/` directory.
4. The source code of the dependencies themselves. In dep's current design, this is the `vendor/` directory.
We can visually represent these four states as follows:
......@@ -156,7 +156,7 @@ Ordinarily, when the solver encounters a project name for which there's an entry
"Skips pulling the version from the lock" would imply that `dep ensure -update github.com/foo/bar` is equivalent to removing the `[[project]]` stanza for `github.com/foo/bar` from your `Gopkg.lock`, then running `dep ensure`. And indeed it is - however, that approach is not recommended, and subtle changes may be introduced in the future that complicate the equivalency.
If `-update` is passed with no arguments, then `ChangeAll` is set to `true`, resulting in the solver ignoring `Gopkg.lock` for all newly-encountered project names. This is equivalent to explicitly passing all of your dependences as arguments to `dep ensure -update`, as well as `rm Gopkg.lock && dep ensure`. Again, however, neither of these approaches are recommended, and future changes may introduce subtle differences.
If `-update` is passed with no arguments, then `ChangeAll` is set to `true`, resulting in the solver ignoring `Gopkg.lock` for all newly-encountered project names. This is equivalent to explicitly passing all of your dependencies as arguments to `dep ensure -update`, as well as `rm Gopkg.lock && dep ensure`. Again, however, neither of these approaches are recommended, and future changes may introduce subtle differences.
When a version hint from `Gopkg.lock` is not placed at the head of the version queue, it means that dep will explore the set of possible versions for a particular dependency. This exploration is performed according to a [fixed sort order](https://godoc.org/github.com/golang/dep/gps#SortForUpgrade), where newer versions are tried first, resulting in an update.
......
......@@ -16,7 +16,7 @@ Environment variables are passed through to subcommands, and therefore can be us
### `DEPCACHEAGE`
If set to a [duration](https://golang.org/pkg/time/#ParseDuration) (e.g. `24h`), it will enable caching of metadata from source repositories:
If set to a [duration](https://golang.org/pkg/time/#ParseDuration) (e.g. `24h`), it will enable caching of metadata from source repositories:
* Lists of published versions
* The contents of a project's `Gopkg.toml` file, at a particular version
......
......@@ -29,6 +29,14 @@ Install the `dep` package:
pacman -S dep
```
## Fedora
Install the `dep` package:
```sh
dnf install -y dep
```
## Install From Source
The snippet below installs the latest release of dep from source and sets the
......
......@@ -31,7 +31,7 @@ The behavior of `dep init` varies depending on what's in your existing codebase,
The inference phase is where `dep init`'s behavior varies. By default, `dep init` will look in your codebase for metadata files from [other Go package management tools that it understands](https://github.com/golang/dep/tree/master/internal/importers), and attempt to automatically migrate the data in these files into concepts that make sense in a dep. Depending on the tool and the particular values dep finds, metadata from the tool may be treated as either:
* A hint: information that dep will try to honor in the solving phase, but will discard if it cannot find a solution that respects the hint.
* A rule: information that must obeyed in the solving phase, and will ultimately appear in `Gopkg.toml` as a `[[constraint]]`. If the solving phase cannot find a solution that satisfies the rules, it will fail with an informative message.
* A rule: information that must be obeyed in the solving phase, and will ultimately appear in `Gopkg.toml` as a `[[constraint]]`. If the solving phase cannot find a solution that satisfies the rules, it will fail with an informative message.
There are three circumstances that can lead dep not to make any tool-based inferences:
......@@ -61,7 +61,7 @@ First and foremost, make sure that you're running `dep init` with the `-v` flag.
`dep init`, like dep in general, has both hard and soft failure modes. Hard failures result in the process hanging or aborting entirely, without anything being written to disk. Soft failures may or may not include warnings, but do ultimately write out a `Gopkg.toml`, `Gopkg.lock`, and `vendor/` - just, not the ones you wanted. Before we dig into those, though, let's set some context.
While dep contributors have invested enormous effort into creating automated migration paths into dep, these paths will always best-effort and imprecise. It's simply not always possible to convert from other tools or GOPATH with full fidelity. dep is an opinionated tool, with a correspondingly opinionated model, and that model does sometimes fundamentally differ from that of other tools. Sometimes these model mismatches result in hard failures, sometimes soft, and sometimes there's no harm at all.
While dep contributors have invested enormous effort into creating automated migration paths into dep, these paths will always be best-effort and imprecise. It's simply not always possible to convert from other tools or GOPATH with full fidelity. dep is an opinionated tool, with a correspondingly opinionated model, and that model does sometimes fundamentally differ from that of other tools. Sometimes these model mismatches result in hard failures, sometimes soft, and sometimes there's no harm at all.
Because these are deep assumptions, their symptoms can be varied and surprising. Keeping these assumptions in mind could save you some hair-pulling later on.
......@@ -72,7 +72,7 @@ Because these are deep assumptions, their symptoms can be varied and surprising.
* dep generally prefers semantic versioning-tagged releases to branches (when not given any additional rules). This is a significant shift from the "default branch" model of `go get` and some other tools. It can result in dep making surprising choices for dependencies for which it could not infer a rule.
* dep assumes that all generated code exists, and has been committed to the source.
A small number of projects that have reported being unable, thus far, to find a reasonable way of adapting to these requirements. If you can't figure out how to make your project fit, please file an issue - while dep necessarily cannot accommodate every single existing approach, it is dep's goal is define rules to which all Go projects can reasonably adapt.
Thus far, only a small number of projects have reported being unable to find a reasonable way of adapting to these requirements. If you can't figure out how to make your project fit, please file an issue - while dep necessarily cannot accommodate every single existing approach, it is dep's goal is define rules to which all Go projects can reasonably adapt.
### Hard failures
......
// Copyright 2017 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package canonical /* import "vanity1" */
var (
A = "A"
)
// Copyright 2017 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package canonical /* import "vanity2" */
var (
B = "B"
)
......@@ -15,6 +15,7 @@ import (
"time"
"github.com/pkg/errors"
"golang.org/x/sys/unix"
)
type cmd struct {
......@@ -66,10 +67,10 @@ func (c cmd) CombinedOutput() ([]byte, error) {
if err := c.Cmd.Process.Signal(os.Interrupt); err != nil {
// If an error comes back from attempting to signal, proceed