Go - Go Modules, Go Dep, Bazel
This section provides a breakdown of the file formats and features supported in Go.
Last updated
Was this helpful?
This section provides a breakdown of the file formats and features supported in Go.
Last updated
Was this helpful?
Debricked supports tracking Go dependencies through:
Go Modules, using go.mod files
Go Dep, using gopkg.lok files
Bazel, using WORKSPACE files
Debricked supports tracking Go dependencies using the Go Modules dependency management system and its associated go.mod file. To achieve the fastest and most accurate results, it is necessary to create a file containing the resolved dependency tree, .gomod.debricked.lock, before scanning.
This can be done using the technology in . If you execute the resolve command, the CLI automatically identifies all manifest files that lack the recommended go.lock files and generates them as needed.
You can manually generate the recommended file(s) by running go mod graph followed by go list -m all, and storing the outputs separated by two new lines between the sections in the gomod.debricked.lock file.
Every gomod.debricked.lock must be put in the same directory as the corresponding go.mod.
Debricked recommends running go mod tidy to clean up unused modules before pushing the go.mod files, ensuring more accurate service results.
Debricked supports Go projects that utilize Bazel, scanning the WORKSPACE file format alongside any Go file formats in use. Although Bazel does not have native support for Go, support can be added using .
Go Dep and its associated file Gopkg.lock is deprecated and will not get any improvements present in other formats, such as Go Modules.
Bazel
WORKSPACE
-
Bazel
install.json
Yes*
Go Modules
go.mod
Yes
Go Dep
gopkg.lock
Yes*
*This is a native lock file format. Native lock file formats are the fastest formats to scan.