Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependency version warning #28

Open
Ben131-Go opened this issue Jan 30, 2023 · 3 comments
Open

Dependency version warning #28

Ben131-Go opened this issue Jan 30, 2023 · 3 comments

Comments

@Ben131-Go
Copy link

Dependency line:

github.com/fuweid/embedshim --> github.com/containerd/containerd --> github.com/urfave/cli

github.com/containerd/containerd v1.5.13 --> github.com/urfave/cli v1.22.1

https://github.com/containerd/containerd/blob/v1.5.13/go.mod#L119

Background

Repo github.com/containerd/containerd at version v1.5.13 uses replace directive to pin dependencygithub.com/urfave/cli to version v1.22.1.

According to Go Modules wikis, replace directives in modules other than the main module are ignored when building the main module.
It means such replace usage in dependency's go.mod cannot be inherited when building main module. And it turns out that fuweid/embedshim depends on urfave/cli@v1.22.2, which is different from the pinned version containerd/containerd needed.

https://github.com/fuweid/embedshim/blob/unstable/go.mod(Line 19)

github.com/urfave/cli v1.22.2

https://github.com/containerd/containerd/blob/v1.5.13/go.mod(line 52&119)

github.com/urfave/cli v1.22.2
github.com/urfave/cli => github.com/urfave/cli v1.22.1

So this is just a reminder in the hope that you can notice such an inconsistency.

Solution

1. Bump the version of dependency github.com/containerd/containerd

You can try upgrading dependency github.com/containerd/containerd to a newer version, which may have eliminated the use of this directive.

2. Add the same replace rule to your go.mod

replace github.com/urfave/cli => github.com/urfave/cli v1.22.1
@fuweid
Copy link
Owner

fuweid commented Jan 30, 2023

Closing because it looks like bot reply. Please feel free to reopen it if it is mistake.

@fuweid fuweid closed this as completed Jan 30, 2023
@Ben131-Go
Copy link
Author

It seems to relate to issue urfave/cli#1092. I'm just giving a kind reminder entirely from the perspective of dependency analysis. It doesn't necessarily mean it will cause dependency issues to your project at now, but it might be better to update to a new fixed version of urfave/cli, say [v1.22.6 - v1.22.12]. Overall, it depends on your choice and there is nothing particularly serious.

@fuweid
Copy link
Owner

fuweid commented Jan 30, 2023

@Ben131-Go Thanks for the comment. I reopen it and fix it later.

@fuweid fuweid reopened this Jan 30, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@fuweid @Ben131-Go