I generally vote for checking in, or at least ensuring that /something/ has an in-house copy of all dependencies. The worst thing that can happen is someone deleting their repository and having your project being super broken.
(See also https://www.theregister.co.uk/2016/03/23/npm_left_pad_chaos/) -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
