build: pin vendor in repo

goharbor / harbor-scanner-clair

Use Clair as a plug-in vulnerability scanner in the Harbor registry

https://goharbor.io/

Apache License 2.0

34 stars 26 forks source link

build: pin vendor in repo #13

Closed heww closed 4 years ago

heww commented 4 years ago

Pin vendor in the repo to make it simpler to build by others.

Signed-off-by: He Weiwei hweiwei@vmware.com

reasonerjt commented 4 years ago

Not strcitly related to this particular PR, but I noticed that we are using https://github.com/testcontainers/testcontainers-go And this depends on: github.com/docker/docker v0.7.3-0.20190506211059-b20a14b54661

And v0.7.3 of docker repo is extremely old If we are using docker's code which was tagged in 2014, it's problematic...

reasonerjt commented 4 years ago

Turns out it's used in a test case, which is less problematic...

codecov-io commented 4 years ago

Welcome to Codecov :tada:

Once you merge this PR into your default branch, you're all set! Codecov will compare coverage reports and display results in all future pull requests.

Thanks for integrating Codecov - We've got you covered :open_umbrella:

heww commented 4 years ago

Not strcitly related to this particular PR, but I noticed that we are using https://github.com/testcontainers/testcontainers-go And this depends on: github.com/docker/docker v0.7.3-0.20190506211059-b20a14b54661

And v0.7.3 of docker repo is extremely old If we are using docker's code which was tagged in 2014, it's problematic...

The commit in go.sum for this pkg is b20a14b54661 which is pushed at May 6 of 2019.