Learn about "go mod vendors"

php editor Zimo introduces you to a technology called "go mod supplier", which is an important feature of the Go language. By using a "go mod provider", developers can better manage and control the third-party libraries their projects depend on. This technology can help developers solve dependency management problems and ensure the stability and reliability of projects. Understanding the usage and principles of "go mod provider" is very helpful for Go language developers. In this article, we'll take a deep dive into "go mod vendors" to help you better understand and apply this technology.

Question content

What is the purpose of "go modvendor". I don't think vendor packages are stored in the module cache. However, if I understand correctly, I think this is incorrect as we need to update go.mod first via "go mod tidy" or "go get" before "go modvendor". It seems that "go mod tidy" and "go get" download packages in the module cache. To me the "go mod provider" seems to be a cached copy of the module. Why do we need to keep a copy of the module cache in the project root?

One more question: What is the recommended way to set up our environment? Let's say I'm using GOPROXY and GOPRIVATE. Which one is better to use? Supplier directory or module cache? Or it doesn't matter.

I have read this article.

Thanks!

Solution

As programmers, our main pain point is always a lack of control. Dependencies are a tricky thing, you can't build anything in pure software without relying on something that already exists. Not just the hardware, but usually the operating system and its drivers, and potentially external libraries.

External libraries are where Go modules come in. When the dependencies are not already on your computer, you can download them from the internet using go mod tidy and go get.

Once you have these libraries, you can use go modvendor to copy them from your system's Go cache directory to the actual repository that uses them. You check these dependencies into source control. This gives you complete control over the code you depend on. These dependencies are now part of your code, you now own them. You actually own them even if you don't provision them, but you lack control over them and you should avoid this if you want your code to be future-proof.

Once you make your code and all its library dependencies available and uploaded to GitLab (for example), it doesn't matter if the original owners of the libraries you depend on pull the rug out from under you and remove their libraries from GitLab ,For example. Now you've eliminated a potential problem from your list. This is why vendors make sense.

The above is the detailed content of Learn about "go mod vendors". For more information, please follow other related articles on the PHP Chinese website!