yrobla
commented
4 months ago ok these are valid go modules as well, although they are not the main ones. It's legit that they come on the feed
Closed yrobla closed 4 months ago
yrobla
commented
4 months ago ok these are valid go modules as well, although they are not the main ones. It's legit that they come on the feed
When consuming goproxy feed, i was expecting to receive just names of valid go modules, but sometimes i am receiving links to final paths or files:
package-feeds | time="2024-02-09T13:43:45Z" level=info msg="Sending package upstream" created_date="2024-02-09 13:43:21.276534 +0000 UTC" feed=goproxy name=github.com/cloudquery/cloudquery/plugins/source/hackernews
package-feeds | time="2024-02-09T13:43:45Z" level=info msg="Sending package upstream" created_date="2024-02-09 13:43:12.289811 +0000 UTC" feed=goproxy name=kubevirt.io/kubevirt/staging/src/kubevirt.io/client-go/examples/listvms
For consistency i was expecting that i will only be receiving valid package names, same as we have for pypi / npm, etc... some parsing and validation could be done on the go feed.