Update gon dependency version in Go-based release templates #360
Comments
per1234
added
type: enhancement
This was resolved by #412 However, even though the dependency was updated to the latest available version at the time of that pull request, the problem of the dependency being outdated has since returned because several releases have been made after that time. It is clear that it is not feasible for us to keep dependencies updated manually. Meanwhile, the dependencies managed by Dependabot are kept up to date. For this reason, I recommend we switch to using the Go module system for all Go based tool dependencies. This is done by adding dummy https://github.com/golang/go/wiki/Modules#how-can-i-track-tool-dependencies-for-a-module I have been using this system in my own personal projects recently and have been 100% satisfied. |
This repository hosts several "templates" for continuous deployment systems to be used in Go-based projects. The ones that produce release builds notarize the macOS builds:
An excellent tool named gon is used to perform the notarization.
The templates are currently using gon version 0.2.3. Several releases of gon have been made since 0.2.3.
I don't see any significant changes between 0.2.3 and 0.2.5 so I don't expect the update will pose any difficulties.
Beyond the general advisability of keeping dependencies updated, there is a specific motivation for making this update. The current versions of gon will stop working 2023-11-01 (#359). Even though the update to 0.2.5 won't solve that issue, it might facilitate the future update to an anticipated version of gon that has the necessary changes to continue working after 2023-11-01. If we ended up needing to make that update at the last minute then it would be better if we had dealt with any problems that might have been introduced by the previous changes to gon in advance.
The text was updated successfully, but these errors were encountered: