-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
"go get" installs outdated Dex v2.13.0 and refuses to install latest v2.26.0 #1857
Comments
Hello! This is how go modules works. Dex 2.13 is the latest version that didn't use them. go get -v github.com/dexidp/dex@71bbbee0752781a65d7f9dde198d58f97ddec097 This is the best way if you want to use Dex as a library. Another way (if you want just to download the repo) is to run P.S. It's unclear to me why do you want to use Dex as a package. Please, could you share your use case? |
This was reported before: #1710 Unfortunately (or not?) this is not something we can address in the v2 release branch, simply because of how Go modules work. (It would require us to add a Additionally, this is not something that we really want to address in the near future. We don't support importing Dex as a library, simply because it's an application. The only reasonable explanation we've heard so far is importing the API itself, which has been addressed by releasing a separate V2 API module: https://github.com/dexidp/dex/releases/tag/api%2Fv2.0.0 So importing the main module is not supported anymore and is not planned to be supported in the near future (although technically you can still install Dex by pointing to a specific commit, but the version won't work). If you have a use case in mind that would require importing the main Dex module, feel free to open a separate issue explaining that use case in detail. Until then, please use the V2 API (if that's your use case) or fork Dex if you need to make any changes. Thanks! |
Hi, thanks for your explanations. Our use case was not really to use Dex as a Go library, but instead to keep track in our bill of material that we're using Dex (as an application) in a particular version. Referencing the commit hash directly might also work with our tool, will check this. |
Expected behavior (what you expected to happen):
I understand that Dex v2.26.0 is the latest release. There also exists a Git tag with that exact name.
-> Expected:
go get
installs latest Dex version v2.26.0.Also expected: One can choose the version to install using
go get github.com/dexidp/dex@<VERSION>
Usage of
go get
is also suggested here: https://github.com/dexidp/website/blob/main/content/docs/getting-started.mdI know that I can manually check out the Dex repo where
go get
would put it, but it seems to me thatgo get
should by default provide the most recent release.Actual behavior (what actually happened):
go get
installs outdated Dex version v2.13.0.It complains when trying to explicity install v2.26.0.
Steps to reproduce:
Environment:
GO111MODULE=on
The text was updated successfully, but these errors were encountered: