I'm going to finish this series of posts with an interesting but in my opinion unfinished feature:
third-party imports. Unless you like to reinvent wheels, your projects will depend on libraries
written by other people. To help you do this, Go's import
declaration allows you to
reference packages
stored in open source repositories.
For example, if you want to use the Go project's example square root implementation, you could write the following:
package main import "fmt" import "code.google.com/p/go.example/newmath" func main() { fmt.Println("The square root of 2 is ", newmath.Sqrt(2)) }
If you just try to build this code, you'll get an error message indicating that the compiler can't find the package. Before you can use it, you have to retrieve it:
go get code.google.com/p/go.example/newmath
This is, to say the least, inconvenient: if you depend on multiple libraries, you have to manually retrieve
each of them before you can build your own project. Fortunately, go get
resolves transitive
dependencies, and if your project is stored in one of the “standard” repositories you can
leverage this feature to retrieve your project and its dependencies in one step. However, at least for GitHub
projects, this technique doesn't clone the repository. If you want to make changes — or get updates
from your dependencies — you need to manually clone.
A bigger problem is that there's no mechanism for versioning: you always get the trunk revision. If all of your libraries are backwards compatible, that may not be a problem. My experience suggests that's a bad thing to rely upon. In practice, it seems that most developers retrieve the libraries that they want to use, then check those libraries into their own version control system: creating a “locked” revision that they know supports their code.
As I said, I think the feature is unfinished. Versioning is a necessary first step, and should not be too difficult to add. But it's not enough. If you rely on retrieving packages from an open-source repository, you also rely on the package owner; one fit of pique, and your dependency could disappear. Along with versioning, Google needs to add its own repository for versioned artifacts, much like Maven Central, CPAN, or RubyGems.org. This could work transparently to the user: remote imports of public projects would be proxied through Google's server, and it would keep a copy of anything that had a version number.
No comments:
Post a Comment