|
|
|
|
|
|
by lantastic
398 days ago
|
|
|
Wow, that's massive. I guess it's inevitable that a popular piece of open-source software for end-users will be compelled to accrue dependencies due to popular demand for features that require them. I feel Telegraf made a good compromise: out of the box, it comes with a _ton_ of stuff[1] to monitor everything, but they make it possible to build only with pieces that you need via build tags, and even provide a tool to extract said tags from your telegraf config[2]. But lots of supply-chain security stuff assume everything in go.mod is used, so that can results in a lot of noise. [1] https://github.com/influxdata/telegraf/blob/master/go.mod
[2] https://github.com/influxdata/telegraf/tree/master/tools/cus... |
|
|