dependency flow change

[antazoey]

Overview

Instead of caching the full dependency from github, we just want to build the manifest and cache that. Then, at the ape-solidity level, instead of mapping to paths in .ape/packages, we "extract" source files from the cached manifest and store them in <user-project>/contract/<dep-name> and do the linking that way.

Note: this will cause the files to become "tracked" by git in the user's project dir, unless they use gitignore, however there are some reasons to track these files anyway.

Specification

Dependencies

Include links to any open issues that must be resolved before this feature can be implemented.

[fubuloubu]

Note: it would be cool to do the "minimal" extraction necessary to place those files on disk, e.g. when you use ERC20 from OpenZeppelin you would pull out only the 5 or so source files you'd might want, instead of 130+ total contracts from that repo.

So like, if you add a new source file from a dependency in your contract, ape would be smart enough to add that file to source control

Also would be important to skip those files and just link to the dependency when building the final manifest of your file for publishing. (e.g. ignore the <user-project>/contract/<dep-name> folders and just add them as IPFS deps that are pinned as well)

[fubuloubu]

one other note: this is done to help integration with tools like slither, which Brownie has issues with

https://github.com/eth-brownie/brownie/issues/941

[antazoey]

Fixed in https://github.com/ApeWorX/ape/pull/420/files