|
|
|
|
|
|
by quacker
6 days ago
|
|
|
if you go look at any real Go projects they usually use tons of dependencies and they're usually pinned to random git hashes No, they are usually pinned to a git tag, which is usually a version string representing a released version. And the tag is locked to a hash to detect if the tag is later modified. |
|
|