[oauth2] Remove oauth2 go.mod and go.sum #802
Conversation
pgier
force-pushed
the
remove-oauth2-module
branch
from
3fb63f8
to
7900c57
Compare
|
The main module contained a newer version of |
|
I did a bit of testing just to make sure that this change doesn't break existing apps. AFAICT, a normal In some cases, users may see an The fix for this is to remove the indirect dependency line from go.mod, and the run |
|
@liangyuanpeng Thanks for the feedback, I have added some info to the README about the possible error. |
pgier
force-pushed
the
remove-oauth2-module
branch
from
86600fc
to
e638f1b
Compare
This removes the module definition in the oauth2 subdirectory. Since the oauth2 module is not released independently of the main module, it can/should be treated as a normal module subdirectory. Signed-off-by: Paul Gier <paul.gier@datastax.com>
Signed-off-by: Paul Gier <paul.gier@datastax.com>
Signed-off-by: Paul Gier <paul.gier@datastax.com>
pgier
force-pushed
the
remove-oauth2-module
branch
from
e638f1b
to
ce26507
Compare
|
IIRC streamnative/pulsar-ctl uses oauth2 only and provides an admin API. It will be affected due to this patch and it proves that there're existing packages depends on the isolated releases. cc @nodece |
|
And we may add some doc (README.md under oauth2?) to say this situation. |
Thanks for telling me, that changes should break the pulsarctl. I verified the pulsarctl, it works fine. |
|
@nodece thanks for your validation! Interesting. I ever thought of you can only add a dep in the top level of |
When using the |
|
@nodece as long as the whole codebase is small and it isn't polluted in the linking stage, it's fine. Although, such usage may indicate that oauth2 deserves an isolated release lifecycle. You can trade off the choices. I tend to revert this patch and keep oauth2 a separate go module. Because we accept this patch due to "there wasn't any justification given (AFAICT) for creating a separate sub-module", now we have one. |
|
@tisonkun I tested the pulsar-ctl build, and this change has no immediate effect on it. Go modules are tied to specific checksums, so this change would only be noticeable during the next upgrade. The pulsar-ctl go.mod currently also has a Here are the steps to upgrade, if you want to test:
I don't think this justifies the need for a sub-module. Go is pretty efficient in terms of using only the code that it needs, so depending on the root module instead of the oauth2 module should not add any additional code/size to your binary. The oauth2 module has never actually had an isolated release lifecycle (separate release process and version), it's always just been released along with the main project. |
|
@pgier thanks for your explanation! I'll try to learn how go.mod works nowadays in details :) Actually, such an assumption prevents me reuse a package inner inside vitess and I'm happy to see there's no restriction. |
|
@pgier I read your comment now. And it seems my statement above holds:
Out of topic, still, I can hardly reuse a package inner inside vitess since the top level mod is a relative large codebase to pull. |
Motivation
When the oauth2 sub-directory was added in PR #313 there wasn't any justification given (AFAICT) for creating a separate sub-module instead of just treating the oauth2 sources as a normal directory. Since the oauth2 module does not have a separate release cycle, treating it as a sub-module just adds unnecessary complexity.
Modifications
Removed
go.modandgo.sumfrom the oauth2 sub-directory. Updated the maingo.modandgo.sumto included the necessary dependencies.