提交"vendor"目录是否是最佳实践? [英] Is it best-practice to commit the `vendor` directory?

问题描述

我正在使用dep处理我的Go依赖项.将vendor目录也提交到版本控制中是否是最佳实践?还是在签出存储库后始终执行dep ensure的最佳实践?

I am using dep to handle my Go dependencies. Is it best practice to also commit the vendor directory into version control? Or is best practice to always execute dep ensure after checking out a repository?

推荐答案

dep工具的常见问题解答

The dep tool's FAQ answers this:

我应该提交供应商目录吗?

由您决定:

优点

• 这是获得真正可复制的构建的唯一方法，因为它可以保护 针对上游重命名，删除和提交历史记录的覆盖. * 您不需要额外的Dep确保步骤即可同步供应商/ 在执行大多数操作(例如go get，克隆，getting)之后，执行Gopkg.lock 最新，合并等.

• It's the only way to get truly reproducible builds, as it guards against upstream renames, deletes and commit history overwrites. * You don't need an extra dep ensure step to sync vendor/ with Gopkg.lock after most operations, such as go get, cloning, getting latest, merging, etc.

缺点

• 您的回购将会更大，甚至可能更大 修剪可以最大程度地减少此问题. *公关差异将包括更改 对于修改了Gopkg.lock的vendor/下的文件，但是 默认情况下，Github上的vendor/是隐藏的.

• Your repo will be bigger, potentially a lot bigger, though dep prune can help minimize this problem. * PR diffs will include changes for files under vendor/ when Gopkg.lock is modified, however files in vendor/ are hidden by default on Github.

这篇关于提交"vendor"目录是否是最佳实践?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！