Closed deankarn closed 8 years ago
@joeybloggs thanks for the comments and support. I think the proposed -i
, --ignore
would be a fine addition.
Thanks @jackspirou :+1:
@joeybloggs FYI - i'm playing around with an implementation for this request on the ignore
branch. https://github.com/govend/govend/compare/ignore
Awesome @jackspirou Thanks! I will also check it out when I get a spare moment.
Hey @jackspirou finally had a chance to test and it appears to be working great. I would however make one adjustment to the help documentation, currently it states:
-i, --ignore The --ignore flag ignores the source code and just vendored
packages that are found in the manifest file.
but I think it would be less confusing as:
-i, --ignore The --ignore flag ignores any packages that are NOT found in the manifest
file.
@joeybloggs the ignore
branch has been merged into master
, with the adjustments to the documentation you suggested above. You should be good to go!
Thanks so much @jackspirou :thumbsup: 😃
Hi, I was wondering if it would be possible to add an option to ignore dependencies that are not already in the lock file from being vendored?
Scenario
Company has developed a web application say: github.com/company/webapp and has also developed a bunch of reusable libraries for use in multiple applications, like the following:
github.com/company/db - common database access used by many applications
now this library is fully under the company's control so we know that master is always going to be stable; this is ensured by only admin having the ability to merge or push code to the master branch ( this is actually a security requirement of the company... ) The db library is also frequently updated when making changes to our web application and this is where the troubles, for us, begin because the steps in getting a projects changes merged becomes too involved:
this is just an example of one reusable library, we use many more.
Proposed Solution 1
Add option, say -i, --ignore and when a lock file already exists it will only download and vendor packages within the lock file.
Proposed Solution 2
Add section to the vendor lock file of packages to ignore and preserve when updating all.
Either of these would solve our issues as the developer doesn't have to worry about vendoring the company code which is guaranteed to be stable.
Thanks in advance for your consideration :)
P.S. Thanks for govend, out of all the tools I've tried so far it is simple and does vendoring properly! this is the only problem that's stopping us from implementing as our vendoring solution.