The cache keys should be something more unique, maybe the URL after url.PathEscape applied, or the hash of the URL generated by passing it through sha1 or sha256 digest.
BTW I understand that this project is in sort of a freeze mode, so I documented my findings in a blog, in case this does not get fixed.
I'm using glide-0.13.1, and I think the generated local cache keys are not safe.
Consider https://github.com/lestrrat/go-msgpack and https://github.com/lestrrat-go/msgpack. These both exist because I transferred the original library to an organization afterwards. They unfortunately both map to
The cache keys should be something more unique, maybe the URL after
url.PathEscape
applied, or the hash of the URL generated by passing it through sha1 or sha256 digest.BTW I understand that this project is in sort of a freeze mode, so I documented my findings in a blog, in case this does not get fixed.
https://medium.com/@lestrrat/go-vendoring-tools-glide-and-local-cache-naming-665fe64bb9ef