在这里声明一下,百度或者google看到的godep
不是我这篇博文说的dep
,那它们是什么关系呢?按照Peter Bourgon博文来说,它们的作者都有相同的人,但是一个是dep是官方版本,godep是第三方工具。
我今天介绍的是dep,之前也有介绍过glide,有兴趣的可以到Golang依赖管理工具:glide从入门到精通使用看看。
现在还有一个疑问是为什么官方现在要支持依赖管理了呢?我个人认为有如下原因(勿喷,如果不同或者遗漏欢迎留言补充):
- 第三方依赖管理很多,虽然很好用,但是很少可以兼容的,结果--乱;
- 官方的包管理为了增加社区的凝聚力,保持Go开箱即用的简单特性,不需要大家再安装各种第三方工具了,而且第三方工具都会过来兼容官方版的;
- 还有一个官话,为了go更好的发展;
dep的FAQ中有一段描述dep
和go get
的网址,也是侧面说了依赖管理工具和go get
关系, 一句话概括:依赖管理工具
是为应用管理代码的,go get
是为GOPATH管理代码的。
下面进入教程。
介绍
dep是一个原型依赖管理工具,需要在Go 1.7及更高的版本中使用,说明第三方工具近期还是有市场的。
PS:本博客的dep
基于v0.3。
安装
环境准备。
//设置环境变量 使用vendor目录
GO15VENDOREXPERIMENT=1
安装dep
等到dep
正式集成到Golang中时候,也许是Golang 1.10 ,广大吃瓜群众就可以直接使用go dep
命令。现在还是需要自己安装的。
$ go get -u github.com/golang/dep/cmd/dep
验证安装
$ dep
dep is a tool for managing dependencies for Go projects
Usage: dep <command>
Commands:
init Initialize a new project with manifest and lock files
status Report the status of the project's dependencies
ensure Ensure a dependency is safely vendored in the project
prune Prune the vendor tree of unused packages
Examples:
dep init set up a new project
dep ensure install the project's dependencies
dep ensure -update update the locked versions of all dependencies
dep ensure -add github.com/pkg/errors add a dependency to the project
Use "dep help [command]" for more information about a command.
有一个很重要的选项ensure
中文含义是确保;保证;担保
,作者想传达的意思是确保所有本地状态-代码树、清单、锁和供应商彼此同步
。
看到这个说明已经安装好了。
使用
老规矩,篇幅有限,我只介绍经常使用到的。 先进入在GOPATH的一个项目中。
cd $GOPATH/src/foordep
初始化(dep init)
$ cd foordep/
$ dep init
$ ll
total 12
-rw-rw-r-- 1 qiangmzsx qiangmzsx 286 Aug 7 11:45 Gopkg.lock
-rw-rw-r-- 1 qiangmzsx qiangmzsx 535 Aug 7 11:45 Gopkg.toml
drwxrwxr-x 2 qiangmzsx qiangmzsx 4096 Aug 7 11:45 vendor
大家发现了,应用foordep目录下出现了两个文件(Gopkg.lock、Gopkg.toml)和一个目录(vendor)。
它们是什么关系呢?
所以出现Gopkg.toml and Gopkg.lock are out of sync.
时候最好执行一下dep ensure
。
下面看看它们的内容。
$ cat Gopkg.lock
# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
[solve-meta]
analyzer-name = "dep"
analyzer-version = 1
inputs-digest = "ab4fef131ee828e96ba67d31a7d690bd5f2f42040c6766b1b12fe856f87e0ff7"
solver-name = "gps-cdcl"
solver-version = 1
$ cat Gopkg.toml
# Gopkg.toml example
#
# Refer to https://github.com/golang/dep/blob/master/docs/Gopkg.toml.md
# for detailed Gopkg.toml documentation.
#
# required = ["github.com/user/thing/cmd/thing"]
# ignored = ["github.com/user/project/pkgX", "bitbucket.org/user/project/pkgA/pkgY"]
#
# [[constraint]]
# name = "github.com/user/project"
# version = "1.0.0"
#
# [[constraint]]
# name = "github.com/user/project2"
# branch = "dev"
# source = "github.com/myfork/project2"
#
# [[override]]
# name = "github.com/x/y"
# version = "2.4.0"
dep ensure
我们写一个Gopkg.toml
看看效果。
# 必需包
required = ["github.com/astaxie/beego"]
# 忽略包
ignored = ["golang.org/x/crypto"]
# 项目元数据
[metadata]
homepage = "https://github.com/qiangmzsx"
license = "MIT"
owners_name_1 = "qiangmzsx"
owners_email_1 = "qiangmzsx@hotmail.com"
owners_homepage_1 = "https://github.com/qiangmzsx"
# 约束条件
[[constraint]]
name = "github.com/astaxie/beego"
# 可选:版本
version = "=1.8.0"
# 分支
#branch = "master"
# 修订
#revision = "beego 1.8.0"
# 可选:指定来源
source = "github.com/astaxie/beego"
但是怎么样执行?可以执行如下命令寻找帮助:
$ dep help ensure
Usage: dep ensure [-update | -add] [-no-vendor | -vendor-only] [-dry-run] [<spec>...]
Project spec:
<import path>[:alt source URL][@<constraint>]
Ensure gets a project into a complete, reproducible, and likely compilable state:
* All non-stdlib imports are fulfilled
* All rules in Gopkg.toml are respected
* Gopkg.lock records precise versions for all dependencies
* vendor/ is populated according to Gopkg.lock
Ensure has fast techniques to determine that some of these steps may be
unnecessary. If that determination is made, ensure may skip some steps. Flags
may be passed to bypass these checks; -vendor-only will allow an out-of-date
Gopkg.lock to populate vendor/, and -no-vendor will update Gopkg.lock (if
needed), but never touch vendor/.
The effect of passing project spec arguments varies slightly depending on the
combination of flags that are passed.
Examples:
dep ensure Populate vendor from existing Gopkg.toml and Gopkg.lock
dep ensure -add github.com/pkg/foo Introduce a named dependency at its newest version
dep ensure -add github.com/pkg/foo@^1.0.1 Introduce a named dependency with a particular constraint
For more detailed usage examples, see dep ensure -examples.
Flags:
-add add new dependencies, or populate Gopkg.toml with constraints for existing dependencies (default: false)
-dry-run only report the changes that would be made (default: false)
-examples print detailed usage examples (default: false)
-no-vendor update Gopkg.lock (if needed), but do not update vendor/ (default: false)
-update update the named dependencies (or all, if none are named) in Gopkg.lock to the latest allowed by Gopkg.toml (default: false)
-v enable verbose logging (default: false)
-vendor-only populate vendor/ from Gopkg.lock without updating it first (default: false)
执行一下
$ dep ensure
all dirs lacked any go code
错误了,这是因为foordep目录下没有任何的go代码,只能加上一个看看。
$ vim main.go
package main
import (
"github.com/astaxie/beego"
"runtime"
)
func main() {
maxCPU := runtime.NumCPU()
runtime.GOMAXPROCS(maxCPU)
beego.Run()
}
再来试试看。
$ dep ensure
$ ll vendor/
total 4
drwxrwxr-x 3 qiangmzsx qiangmzsx 4096 Aug 7 16:29 github.com
看看Gopkg.lock的内容。
# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
[[projects]]
name = "github.com/astaxie/beego"
packages = [".","config","context","grace","logs","session","toolbox","utils"]
revision = "323a1c4214101331a4b71922c23d19b7409ac71f"
source = "github.com/astaxie/beego"
version = "v1.8.0"
[solve-meta]
analyzer-name = "dep"
analyzer-version = 1
inputs-digest = "6fb93334da1b165aaab11f170d871a92b40033575e66e2cf4289e77e0d64551d"
solver-name = "gps-cdcl"
solver-version = 1
现在需要解析json,我们试试使用命令行的方式导入github.com/bitly/go-simplejson
包。
$ dep ensure -add github.com/bitly/go-simplejson
$ Gopkg.lock
# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
[[projects]]
name = "github.com/astaxie/beego"
packages = [".","config","context","grace","logs","session","toolbox","utils"]
revision = "323a1c4214101331a4b71922c23d19b7409ac71f"
source = "github.com/astaxie/beego"
version = "v1.8.0"
[[projects]]
name = "github.com/bitly/go-simplejson"
packages = ["."]
revision = "aabad6e819789e569bd6aabf444c935aa9ba1e44"
version = "v0.5.0"
[solve-meta]
analyzer-name = "dep"
analyzer-version = 1
inputs-digest = "6fb93334da1b165aaab11f170d871a92b40033575e66e2cf4289e77e0d64551d"
solver-name = "gps-cdcl"
solver-version = 1
可以发现多了github.com/bitly/go-simplejson
,但是Gopkg.toml
并没有任何改变。
注意:执行dep ensure -add
时候报错
$ dep ensure -add github.com/bitly/go-simplejson
Gopkg.toml and Gopkg.lock are out of sync. Run a plain dep ensure to resync them before attempting to -add
还可以指定依赖的版本:
$ dep ensure -add github.com/bitly/go-simplejson@=0.4.3
是因为Gopkg.toml
和Gopkg.lock
不同步了,需要重新执行一下dep ensure
即可。
重新整理一下Gopkg.toml
。
# 必需包
required = ["github.com/astaxie/beego"]
# 忽略包
ignored = ["golang.org/x/crypto"]
# 项目元数据
[metadata]
homepage = "https://github.com/qiangmzsx"
license = "MIT"
owners_name_1 = "qiangmzsx"
owners_email_1 = "qiangmzsx@hotmail.com"
owners_homepage_1 = "https://github.com/qiangmzsx"
# 约束条件
[[constraint]]
name = "github.com/astaxie/beego"
# 可选:版本
version = "=1.8.0"
# 分支
#branch = "master"
# 修订
#revision = "beego 1.8.0"
# 可选:指定来源
source = "github.com/astaxie/beego"
[[constraint]]
name = "github.com/bitly/go-simplejson"
branch = "master"
source = "https://github.com/bitly/go-simplejson.git"
Gopkg.toml
的version
规则:
~
和=
是version
使用的操作符规则,如果仅仅是指定version = "1.8.0"
,那么dep
会自动加上^
,表示最左边的非零位的版本加一
。
^1.2.3 意味 1.2.3 <= X < 2.0.0
^0.2.3 意味 0.2.3 <= X < 0.3.0
^0.0.3 意味 0.0.3 <= X < 0.1.0
如果执行dep ensure
时候出现
$ dep ensure
error while parsing /home/users/qiangmzsx/golang/src/foordep/Gopkg.toml: multiple constraints specified for github.com/astaxie/beego, can only specify one
说明配置写错了,需要看看Gopkg.toml
文件中是不是同时配置了version
、branch
和revision
。
空配置
我们现在尝试着把foordep
目录情况就留下main.go
package main
import (
"github.com/astaxie/beego"
"github.com/bitly/go-simplejson"
"runtime"
)
func main() {
maxCPU := runtime.NumCPU()
runtime.GOMAXPROCS(maxCPU)
strJson := `{"announcer": {"nickname": "非议讲史", "kind": "user", "created_at": 1494904539000, "updated_at": 1494983507000, "track_id": 38088960}}`
mapJson,_:=simplejson.NewJson([]byte(strJson))
println(mapJson)
beego.Run()
}
执行dep ensure
为了更好地看到过程,加上参数-v
。
$ dep init -v
Root project is "foordep"
1 transitively valid internal packages
2 external packages imported from 2 projects
(0) ✓ select (root)
(1) ? attempt github.com/bitly/go-simplejson with 1 pkgs; 5 versions to try
(1) try github.com/bitly/go-simplejson@v0.5.0
(1) ✓ select github.com/bitly/go-simplejson@v0.5.0 w/1 pkgs
(2) ? attempt github.com/astaxie/beego with 1 pkgs; 23 versions to try
(2) try github.com/astaxie/beego@v1.8.3
(2) ✓ select github.com/astaxie/beego@v1.8.3 w/9 pkgs
✓ found solution with 10 packages from 2 projects
Solver wall times by segment:
b-list-versions: 3.926086724s
b-list-pkgs: 285.209471ms
b-gmal: 266.828805ms
select-atom: 3.417834ms
satisfy: 3.126864ms
select-root: 428.276µs
new-atom: 234.106µs
other: 45.014µs
b-source-exists: 6.946µs
b-deduce-proj-root: 3.472µs
TOTAL: 4.485387512s
Using ^0.5.0 as constraint for direct dep github.com/bitly/go-simplejson
Locking in v0.5.0 (aabad6e) for direct dep github.com/bitly/go-simplejson
Using ^1.8.3 as constraint for direct dep github.com/astaxie/beego
Locking in v1.8.3 (cab8458) for direct dep github.com/astaxie/beego
此时再查看Gopkg.toml
和Gopkg.lock
文件:
$ vim Gopkg.toml
[[constraint]]
name = "github.com/astaxie/beego"
version = "1.8.3"
[[constraint]]
name = "github.com/bitly/go-simplejson"
version = "0.5.0"
$ vim Gopkg.lock
[[projects]]
name = "github.com/astaxie/beego"
packages = [".","config","context","context/param","grace","logs","session","toolbox","utils"]
revision = "cab8458c1c4a5a3b4bf5192922be620e6dede15b"
version = "v1.8.3"
[[projects]]
name = "github.com/bitly/go-simplejson"
packages = ["."]
revision = "aabad6e819789e569bd6aabf444c935aa9ba1e44"
version = "v0.5.0"
[solve-meta]
analyzer-name = "dep"
analyzer-version = 1
inputs-digest = "dc040fb12390d61768be6388ad2935bdd7f9cc93d4b1fdda421a284058277c80"
solver-name = "gps-cdcl"
solver-version = 1
与glide
一样,具有自举
功能,不知道这个名词用得对不对。dep
会自动根据代码生成Gopkg.toml
和Gopkg.lock
配置文件。
PS:但是不建议使用,因为其拉取的依赖包都是最新的,可能出现不兼容,再者我国是一个被墙
的地方。
dep cache
看到这里时候很多人都会有疑问?dep
的依赖包每一次都是拉取新的还是优先使用本地cache呢?可以肯定的是
dep
也是有本地缓存的,大家可以打开$GOPATH/pkg/dep/
看看,是不是存在呢!
下面我们做两个测试看看。
$GOPATH/src不存在依赖包
环境准备,将原来的cache和vendor清空,别遗漏了$GOPATH/src
中的github.com/bitly/go-simplejson
。
$ ll
total 4
-rwxr--r-- 1 qiangmzsx qiangmzsx 990 Aug 7 16:39 main.go
$ vim main.go
package main
import (
"github.com/astaxie/beego"
"github.com/bitly/go-simplejson"
"runtime"
)
func main() {
maxCPU := runtime.NumCPU()
runtime.GOMAXPROCS(maxCPU)
strJson := `{"announcer": {"nickname": "非议讲史", "kind": "user", "updated_at": 1494983507000, "track_id": 38088960}}`
mapJson,_:=simplejson.NewJson([]byte(strJson))
println(mapJson)
beego.Run()
}
执行dep init -gopath -v
查看初始化过程。
$ ll
total 4
-rwxr--r-- 1 qiangmzsx qiangmzsx 382 Aug 8 12:47 main.go
$ dep init -gopath -v
Searching GOPATH for projects...
Following dependencies were not found in GOPATH. Dep will use the most recent versions of these projects.
github.com/bitly/go-simplejson
Root project is "foordep"
1 transitively valid internal packages
2 external packages imported from 2 projects
(0) ✓ select (root)
(1) ? attempt github.com/astaxie/beego with 1 pkgs; at least 1 versions to try
(1) try github.com/astaxie/beego@76ce912a30f9255d8d353d365ab99cb069fd29e0
(1) ✗ Unable to update checked out version: fatal: reference is not a tree: 76ce912a30f9255d8d353d365ab99cb069fd29e0
(1) try github.com/astaxie/beego@v1.8.3
(1) ✓ select github.com/astaxie/beego@v1.8.3 w/9 pkgs
(2) ? attempt github.com/bitly/go-simplejson with 1 pkgs; 5 versions to try
(2) try github.com/bitly/go-simplejson@v0.5.0
(2) ✓ select github.com/bitly/go-simplejson@v0.5.0 w/1 pkgs
✓ found solution with 10 packages from 2 projects
Solver wall times by segment:
b-list-pkgs: 320.955115ms
b-gmal: 274.950203ms
satisfy: 8.179966ms
select-atom: 2.62224ms
new-atom: 392.168µs
b-list-versions: 254.937µs
select-root: 209.152µs
b-deduce-proj-root: 40.45µs
other: 37.01µs
b-source-exists: 5.83µs
TOTAL: 607.647071ms
Using ^1.8.3 as constraint for direct dep github.com/astaxie/beego
Locking in v1.8.3 (cab8458) for direct dep github.com/astaxie/beego
Using ^0.5.0 as constraint for direct dep github.com/bitly/go-simplejson
Locking in v0.5.0 (aabad6e) for direct dep github.com/bitly/go-simplejson
日志显示,dep
首先从$GOPATH查找github.com/bitly/go-simplejson
,因为没有找到才从网络下载。
$GOPATH存在依赖包
环境准备,将原来的cache和vendor清空,注意$GOPATH/src
中的github.com/bitly/go-simplejson
存在。
$ ll
total 4
-rwxr--r-- 1 qiangmzsx qiangmzsx 382 Aug 8 12:47 main.go
$ dep init -gopath -v
Searching GOPATH for projects...
Using master as constraint for direct dep github.com/bitly/go-simplejson
Locking in master (da1a892) for direct dep github.com/bitly/go-simplejson
Root project is "foordep"
1 transitively valid internal packages
2 external packages imported from 2 projects
(0) ✓ select (root)
(1) ? attempt github.com/astaxie/beego with 1 pkgs; at least 1 versions to try
(1) try github.com/astaxie/beego@76ce912a30f9255d8d353d365ab99cb069fd29e0
(1) ✗ Unable to update checked out version: fatal: reference is not a tree: 76ce912a30f9255d8d353d365ab99cb069fd29e0
(1) try github.com/astaxie/beego@v1.8.3
(1) ✓ select github.com/astaxie/beego@v1.8.3 w/9 pkgs
(2) ? attempt github.com/bitly/go-simplejson with 1 pkgs; at least 1 versions to try
(2) try github.com/bitly/go-simplejson@master
(2) ✓ select github.com/bitly/go-simplejson@master w/1 pkgs
✓ found solution with 10 packages from 2 projects
Solver wall times by segment:
b-list-pkgs: 312.646734ms
b-gmal: 265.066047ms
satisfy: 6.488056ms
select-atom: 3.287416ms
new-atom: 397.837µs
select-root: 373.267µs
b-list-versions: 108.466µs
other: 47.43µs
b-source-exists: 7.71µs
b-deduce-proj-root: 6.568µs
TOTAL: 588.429531ms
Using ^1.8.3 as constraint for direct dep github.com/astaxie/beego
Locking in v1.8.3 (cab8458) for direct dep github.com/astaxie/beego
可以看到github.com/bitly/go-simplejson
是优先从$GOPATH
获取的。 好处我个人认为有两个:
- 节省时间;
- 本地类库的稳定性和兼容性已经经过用户验证了。
在dep v0.1
时候还不需要手动加上-gopath
选项,dep
工具会自动判断,但是dep v0.3
后如果没有加上-gopath
那么默认就是从网络下载。
更新配置 (dep ensure -update)
现在修改foordep
项目的Gopkg.toml
内容为:
$ vim Gopkg.toml
[[constraint]]
name = "github.com/astaxie/beego"
# 约束为1.8.0
version = "=1.8.0"
[[constraint]]
name = "github.com/bitly/go-simplejson"
version = "0.5.0"
$ dep ensure -update
Gopkg.toml and Gopkg.lock are out of sync. Run a plain dep ensure to resync them before attempting to -update
$ dep ensure
$ dep ensure -update -v
Root project is "foordep"
1 transitively valid internal packages
2 external packages imported from 2 projects
(0) ✓ select (root)
(1) ? attempt github.com/astaxie/beego with 1 pkgs; 23 versions to try
(1) try github.com/astaxie/beego@v1.8.3
(2) ✗ github.com/astaxie/beego@v1.8.3 not allowed by constraint 1.8.0:
(2) 1.8.0 from (root)
(1) try github.com/astaxie/beego@v1.8.2
(2) ✗ github.com/astaxie/beego@v1.8.2 not allowed by constraint 1.8.0:
(2) 1.8.0 from (root)
(1) try github.com/astaxie/beego@v1.8.1
(2) ✗ github.com/astaxie/beego@v1.8.1 not allowed by constraint 1.8.0:
(2) 1.8.0 from (root)
(1) try github.com/astaxie/beego@v1.8.0
(1) ✓ select github.com/astaxie/beego@v1.8.0 w/8 pkgs
(2) ? attempt github.com/bitly/go-simplejson with 1 pkgs; 5 versions to try
(2) try github.com/bitly/go-simplejson@v0.5.0
(2) ✓ select github.com/bitly/go-simplejson@v0.5.0 w/1 pkgs
✓ found solution with 9 packages from 2 projects
Solver wall times by segment:
b-source-exists: 4.00794324s
b-list-pkgs: 2.545452669s
b-gmal: 276.070372ms
satisfy: 5.179016ms
select-atom: 4.337704ms
new-atom: 1.359055ms
b-list-versions: 467.799µs
b-matches: 371.239µs
select-root: 193.471µs
b-pair-rev: 127.992µs
other: 25.962µs
b-pair-version: 7.866µs
TOTAL: 6.841536385s
$ dep status
PROJECT CONSTRAINT VERSION REVISION LATEST PKGS USED
github.com/astaxie/beego 1.8.0 v1.8.0 323a1c4 323a1c4 8
github.com/bitly/go-simplejson ^0.5.0 v0.5.0 aabad6e aabad6e 1
后记
看到了这里,那么对dep
已经可以进行基本的使用了,不过目前而言,dep
还不够稳定,谁也不知道后续会怎么样更改,尝鲜可以,个人还不建议使用在线上。
如果大家喜欢这篇博文请点赞
或者留言
,有不同见解的也请留言
讨论。
有疑问加站长微信联系(非本文作者)