nicolaferraro commented on issue #9: Regen gopkg.lock URL: https://github.com/apache/camel-k/pull/9#issuecomment-420062146 No @dmvolod, the lock file establishes the exact version of the libraries that the project is using, while the toml file describes high level constraints on them that must be respected by the lock file. If we don't commit the lock file, each one of us will use his own set of dependencies. We should use `dep ensure` to sync dependencies but also when we add a new dependency. We should use `dep ensure -update` only when we want to upgrade libraries to their latest versions (respecting constraints). The command `dep ensure` does not change versions in the lock file, only adds them if needed. This way the build should be reproducible across computers. At least, if we use the same version of dep..
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
