search

gohugoio / hugo

The world’s fastest framework for building websites.
https://gohugo.io
Apache License 2.0
74.82k stars 7.46k forks source link

document dependencies #6886

Closed rbucker closed 4 years ago

rbucker commented 4 years ago

I ran out of disk space on my development machine only to discover that HUGO has a huge 3rd party dependency tree. While not everything is bad sometimes things are missed.

For example... OpenCensus. Reading the home page they say:

Supported backends include Azure Monitor, Datadog, Instana, Jaeger, New Relic, SignalFX, Stackdriver, and Zipkin. You can also add support for other backends.

Since that does not seem to be a HUGO configuration option exactly what data is hugo sending and how can I disable that?

And so the point is... there are so many libs... what do they do?

bep commented 4 years ago

I'm pretty sure you are wrong on the general statement above, but you need to understand Go Modules.

Try to set GOPROXY and Go does not need to download everything to calculate its dependency graph.

bep commented 4 years ago

To add:

go list --deps | grep -v gohugo | wc -l
     448

So, this is 448 packages (not dependencies) and includes the rather big Go stdlib.

It does include the open census:

go.opencensus.io/resource
go.opencensus.io/metric/metricdata
go.opencensus.io/tag
go.opencensus.io/stats/internal
go.opencensus.io/stats
go.opencensus.io/internal/tagencoding
go.opencensus.io/metric/metricproducer
go.opencensus.io/stats/view
go.opencensus.io
go.opencensus.io/internal
go.opencensus.io/trace/internal
go.opencensus.io/trace/tracestate
go.opencensus.io/trace
go.opencensus.io/trace/propagation
go.opencensus.io/plugin/ocgrpc
go.opencensus.io/plugin/ochttp/propagation/b3
go.opencensus.io/plugin/ochttp

Which comes from:

github.com/gohugoio/hugo/deploy
gocloud.dev/blob
gocloud.dev/internal/oc
go.opencensus.io/plugin/ocgrpc
go.opencensus.io/trace/propagation

Which I guess is the "sinner" here. We had a similar discussion when adding that feature.

rbucker commented 4 years ago

opencensus advertises itself as a monitoring tool... I suppose that would make sense if you were monitoring yourself. However, without documentation on how it's implemented, how to turn it on and how to capture your own data... it seems sneaky.

"448 packages" is the definition of a dependency. Consider that the project will not build or run without all 448 packages.

Thanks for the INFO. Guess that closes it out.

github-actions[bot] commented 2 years ago

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.