book

Hands-On Software Engineering with Golang

by Achilleas Anagnostopoulos

January 2020

Intermediate to advanced

640 pages

16h 56m

English

Packt Publishing

Read now

Unlock full access

Content preview from Hands-On Software Engineering with Golang

Is vendoring always a good idea?

The previous section went into great effort to extol the virtues of vendoring. But is vendoring the panacea for all dependency management problems? This section attempts to dig a bit deeper into some of the caveats associated with vendoring.

One common problem across engineering teams is that in spite of the fact that engineers are keen on vendoring their dependencies, they often forget to periodically refresh them. As I argued in a previous section, all code can contain potential security bugs. It is therefore likely that some security bugs (perhaps from a transitive dependency of an imported package) will eventually end up in production.

Security-related or not, when bugs are reported to the package maintainers, ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Hands-On Software Architecture with Golang

Publisher Resources

ISBN: 9781838554491Supplemental Content

Hands-On Software Engineering with Golang

by Achilleas Anagnostopoulos

Is vendoring always a good idea?

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

Hands-On Software Architecture with Golang

Event-Driven Architecture in Golang

Up and Running with Concurrency in Go (Golang)

Domain-Driven Design with Golang

Publisher Resources