Bugfix for change in Glide behavior #237
Conversation
This patch fixes an issue where Glide no longer seems to handle transitive dependencies correctly unless the referencing dependency is ordered above another that may have a conflict. In this instance the dependency upon `github.com/akutz/goof` was moved to the top of the `glide.yaml` file so that its dependency upon a fork of the `logrus` project would be honored when glide evaluated the transitive dependency chain.
akutz
force-pushed
the
bugfix/glide-version
branch
from
819f8e3
to
51f7d39
Compare
|
This PR's build shows the |
|
Thanks for pinging me into this (though the other issue). Handling transitive dependency versions is hard in Go/Glide right now. If everyone was using SemVer ranges you could figure things out. Unfortunately, most of the time a commit id is used and that's hard to sort out. Right now we are doing the case where the first version wins and we provide a warning when another version comes along. Then in the I'm curious why you're putting the A tip, while I'm here... you don't need to typically specify the If you have suggestions for Glide we're open to listening. Hope this all goes well. |
|
Hi @mattfarina, We're ignoring the new lock file because I'm using a Maven approach to versioning dependencies. During active development we're depending on the tip of things, only locking down prior to release. This is what we did for the last release, and what we'll do this time. It worked well with glide.yaml. However, with glide.lock it appears that you want to lock dependencies every time, and this isn't something we want. I'm ignoring the file simply so it's not accidentally committed by some other developer. It will be created and used on the CI system per your docs of course, but it won't be a part of the repo and influencing builds unless we specifically lock a dependency via glide.yaml. As for the ordering, I understand. The dependency resolution engine in Maven's reactor is a rather large piece of work and a majority of the value of Maven. It's no small feat to duplicate handling transitive conflicts and what not. |
|
Been testing this. Apparently I had a gremlin in my install where somehow my |
|
Finally, LGTM. |
|
@akutz Thanks for the feedback. The way you're ignoring the lockfile for now is the right pattern for that situation. I've done the same thing in other languages where the tooling a similar lockfile pattern. |
|
Tested this on my own repo and travis integration to bintray. LGTM https://bintray.com/clintonskitson/rexray/staged/0.3.1-rc3/view#files/staged/0.3.1-rc3 |
Bugfix for change in Glide behavior
Fixed typo in libstorage.json
This patch fixes an issue (#221) where Glide no longer seems to handle transitive dependencies correctly unless the referencing dependency is ordered above another that may have a conflict.
In this instance the dependency upon
github.com/akutz/goofwas moved to the top of theglide.yamlfile so that its dependency upon a fork of thelogrusproject would be honored when glide evaluated the transitive dependency chain.@clintonskitson, FWIW, the reason you didn't see any speedup in builds with caching is how glide now operates. It apparently downloads everything by default, rendering the package cache somewhat irrelevant due to the fact that glide by default rebuilds it as it downloads dependencies anyway.
In the future we should eliminate transitive dependencies if we wish to avoid this so we can disable glide's recursive dependency feature.
@clintonskitson, I also made some small changes in the
Makefileso that if you setMAKE_LOG_LEVELto2via an environment variable, glide will output the log of what dependencies it downloads. This should allow us to confirm the correctlogrusbranch is being set to coincide with the testing I did locally.