Vendor code committed to the repository

[djmattyg007]

Instead of committing vendor code directly to the repository and adding a readme file instructing people not to touch the files, why not just gitignore the files?

[ibuildthecloud]

Sorry I don't really understand your comment. This projects uses godeps in a pretty standard fashion, I believe. Is there a problem with the way in which godeps is used or do you have a more general comment that godeps is not the right solution.

[djmattyg007]

I'm not that familiar with go and godeps, but my understanding of how this should work is that whenever someone pulls in dependencies, they should always pull in exactly the same version (and therefore exactly the same code). Therefore, the dependencies (the vendor code) should not need to be committed to this repository. The easiest way of achieving this is to add a gitignore rule that ignores the Godeps directory.

[ibuildthecloud]

This is a go specific issue. In go when you say "import github.com/foo" it will go to github and clone that repo. So go assumes you want master. There's not really a nice way to pin versions like you do in mvn, pip, npm, etc.

You can refer to https://github.com/golang/go/wiki/PackageManagementTools for more info. The approach of this project is using the go maintainers recommended approach.