depguard cannot blacklist toplevel imports (clearify what includeGoRoot does)

OpenPeeDeeP / depguard

Go linter that checks if package imports are in a list of acceptable packages.

GNU General Public License v3.0

138 stars 15 forks source link

depguard cannot blacklist toplevel imports (clearify what includeGoRoot does) #10

Closed howardjohn closed 5 years ago

howardjohn commented 5 years ago

I want the following config:

{
  "type": "blacklist",
  "packages": [
    "testing"
  ]
}

To block users from importing testing packages into our main code, which bloats the flags we have in our binaries. However depguard seems to ignore these blacklists. If I put any builtins like testing or strings, depguard will not reject them, but other packages like github.com/davecgh/go-spew/spew are accepted

howardjohn commented 5 years ago

Nevermind I misunderstood includeGoRoot

dixonwille commented 5 years ago

Thanks for responding back with the solution. Just for interest of making it better, is there a better term/config I could use as an alias to help clarify what it does?

howardjohn commented 5 years ago

I somehow thought that this meant it would be running against the actual standard lib code (not sure why that would ever make sense :slightly_smiling_face:) rather than including the std lib as part of the imports. includeGoStdLib maybe slightly more understandable (to me, at least), but probably not worth it.

I wonder if its possible to just fail if they provide something in the stdlib and have includeGoRoot set to false?

dixonwille commented 5 years ago

I don't like the failing bit, but a warning message may be nice. I'll change this to a feature request then. And adding an alias for includeGoStdLib to do what includeGoRoot should not be too hard to do.