fe3dback
Forbid vendor for all code
Quite often I've come to see "bad" dependencies being used in code to solve problems, that are already solved via different dependencies in the larger part of the codebase. It would really help to have a way to forbid usage of such dependencies.
As an example:
- Project uses github.com/stretchr/testify's
assertandrequirepackages - But new contributor adds dependency on github.com/gotestyourself/gotest.tools's similarly named packages
I propose we add option to ban dependency for all code, like this:
vendors:
testify:
in: github.com/stretchr/testify/**
gotest.tools:
in: github.com/gotestyourself/gotest.tools/**
forbiddenVendors:
gotest.tools
Additionally, I propose we add a way to configure a message explaining how this restriction must be mitigated:
forbiddenVendors:
gotest.tools:
message: Instead use github.com/stretchr/testify
This allows more lenient restriction on completely outrageous vendor dependencies without enabling Strict Mode (defined in #37 )
Hey, good idea. I'll do it in version 4 of the config when I have time, if no one does the PR before me. I will be glad to see pull-request if there is a desire to add this feature faster.
I don't mind making a PR implementing this. One thing I don't understand, why do we need to increment config version to use this feature? Doesn't seem like it breaks any backwards compatibility
Yes, it affects external tools. Each config version has a specific immutable data scheme that is not supposed to have any changes after release. (external tools don't expect new fields in same config version)
fyi:
- plugin example: https://plugins.jetbrains.com/plugin/15423-goarchlint-file-support
- schemes: https://github.com/fe3dback/go-arch-lint/blob/master/internal/services/schema/provider.go