From 9882c28b4431f97c7f83eccab441e30bbe1fa17d Mon Sep 17 00:00:00 2001 From: Peter Bourgon Date: Wed, 4 Jan 2017 13:17:10 +0100 Subject: [PATCH] Review feedback --- ensure.go | 31 +++++++++---------------------- init.go | 2 +- 2 files changed, 10 insertions(+), 23 deletions(-) diff --git a/ensure.go b/ensure.go index 347e4b2350..fb299298dd 100644 --- a/ensure.go +++ b/ensure.go @@ -21,13 +21,12 @@ import ( "github.com/sdboyer/gps" ) -const ensureShortHelp = `Ensure a dependency is vendored in the project` +const ensureShortHelp = `Ensure a dependency is safely vendored in the project` const ensureLongHelp = ` - Ensure is used to fetch project dependencies into the vendor folder, as well as to set version constraints for specific dependencies. It takes user input, solves the updated dependency graph of the project, writes any changes to the -manifest and lock file, and downloads dependencies to the vendor folder. +manifest and lock file, and places dependencies in the vendor folder. Package spec: @@ -44,7 +43,7 @@ For more detailed usage examples, see dep ensure -examples. const ensureExamples = ` dep ensure - Solve the project's dependency graph, and download all dependencies to the + Solve the project's dependency graph, and place all dependencies in the vendor folder. If a dependency is in the lock file, use the version specified there. Otherwise, use the most recent version that can satisfy the constraints in the manifest file. @@ -53,39 +52,27 @@ dep ensure -update Update all dependencies to the latest version allowed by the manifest, ignoring any versions specified in the lock file. Update the lock file with any - changes. + changes. Note: this flag is not yet implemented. -dep ensure github.com/heroku/rollrus +dep ensure github.com/heroku/rollrus@^0.9.1 - Update a specific dependency to the latest version allowed by the manifest, - including all of its transitive dependencies. + Same as above, but choose any release >= 0.9.1, < 1.0.0. This form of + constraint strikes a good balance of safety and flexibility, and should be + preferred for libraries. dep ensure github.com/heroku/rollrus@~0.9.0 Same as above, but choose any release matching 0.9.x, preferring latest. If a constraint was previously set in the manifest, this resets it. -dep ensure github.com/heroku/rollrus@^0.9.1 - - Same as above, but choose any release >= 0.9.1, < 1.0.0. This form of - constraint strikes a good balance of safety and flexibility, and should be - preferred for libraries. - dep ensure github.com/heroku/rollrus:git.internal.com/foo/bar Fetch the dependency from a different location. -dep ensure github.com/heroku/rollrus==1.2.3 # 1.2.3 exactly -dep ensure github.com/heroku/rollrus=^1.2.0 # >= 1.2.0, < 2.0.0 - - Fetch the dependency at a specific version or range, and update the lock - file, but don't update the manifest file. Will fail if the specified version - doesn't satisfy the constraint in the manifest file. - dep ensure -override github.com/heroku/rollrus@^0.9.1 Forcefully and transitively override any constraint for this dependency. - This can inadvertantly make your dependency graph unsolvable; use sparingly. + This can inadvertantly make your dependency graph unsolvable; use sparingly. ` diff --git a/init.go b/init.go index aebbe12f5d..5b3cf850e9 100644 --- a/init.go +++ b/init.go @@ -28,7 +28,7 @@ but it will be solved-for, and will appear in the lock. Note: init may use the network to solve the dependency graph. -Note: init does NOT vendor dependencies. See dep ensure. +Note: init does NOT vendor dependencies at the moment. See dep ensure. ` func (cmd *initCommand) Name() string { return "init" }