Skip to content

Instantly share code, notes, and snippets.

@mcandre

mcandre/go-register-tools.md

Last active February 11, 2025 23:27
Show Gist options
  • Save mcandre/7d12e774b2a49679ab9accb15ea79f03 to your computer and use it in GitHub Desktop.
Save mcandre/7d12e774b2a49679ab9accb15ea79f03 to your computer and use it in GitHub Desktop.
Download ZIP
Go Register Tools
Raw
go-register-tools.md

Go Register Tools

Go tools with pinned versions can now be tracked with the go mod system.

$ go get -tool <package>

This adds tool dependency entries in go.mod. Then update the go mod cache:

$ go mod download
$ go mod vendor
$ go mod tidy

This optimizes the go.mod configuration. Then read the file contents and confirm the desired version identifiers. If necessary, adjust the versions and update the go mod cache again.

Then instruct Go to emit binaries to $GOBIN.

$ go install tool

This is essential for integrating with go vet.

Note that unpinned (@latest) packages may not be tracked via go mod. For example, the govulncheck SCA utility should be downloaded in terms of the latest stable release. Such packages can be managed via traditional go install <package> commands:

$ go install golang.org/x/vuln/cmd/govulncheck@latest
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment