If you run dep ensure with the latest version of dep, it will point out that we are setting a constraint that is ignored by dep:
$ dep ensure
Warning: the following project(s) have [[constraint]] stanzas in Gopkg.toml:
✗ gopkg.in/yaml.v2
However, these projects are not direct dependencies of the current project:
they are not imported in any .go files, nor are they in the 'required' list in
Gopkg.toml. Dep only applies [[constraint]] rules to direct dependencies, so
these rules will have no effect.
Either import/require packages from these projects so that they become direct
dependencies, or convert each [[constraint]] to an [[override]] to enforce rules
on these projects, if they happen to be transitive dependencies,
Since dep is already properly detecting v2 of the yaml package, that entry can be safely removed.
Or if it's critical that we set that constraint, a dummy import can be added to the code to force dep to enforce the constraint by promoting it to a direct dependency.
If you run
dep ensurewith the latest version of dep, it will point out that we are setting a constraint that is ignored by dep:Since dep is already properly detecting v2 of the yaml package, that entry can be safely removed.
Or if it's critical that we set that constraint, a dummy import can be added to the code to force dep to enforce the constraint by promoting it to a direct dependency.