Re: Go dependencies and broken build

From: <>
Date: Fri, 07 Jan 2022 10:30:31 UTC

I follow up on my own email to correct the link: the bug is actually

It has now been re-assigned to nobody.
Can someone take it and commit the new patches?
That would allow us to have a new official version and publish the related
OPNSense plugin.

Thanks again,

On Mon, Jan 3, 2022 at 2:05 PM Marco Mariani <> wrote:

> Hello!
> I am in charge of maintaining the ports of security/crowdsec and
> security/crowdsec-firewall-bouncer, which are currently broken since a
> couple of weeks for not providing all Go  dependencies before build time.
> I work for the upstream company but had little previous freebsd
> experience, hence the bug on my first port submission.
> Now, for the short term, I have submitted a fix that builds from a git tag
> with all vendored dependencies, and added the patch to
> I understand the previous maintainer (to whom the bug is assigned) has
> little time right now to review and commit again,  so if somebody could
> have a look it would be greatly appreciated.
> In the long term, I'd like to avoid vendoring everything, which is not
> recommended by core Go devs anymore.
> The version of the port I inherited made use of go:modules from Mk/Uses/
>, but our software has since grown some plugins as sub-projects with
> their own dependencies. It was a lot simpler to just call our own Makefile,
> as I did in
> My approach should then be to port the technique from to our
> Makefile (and run "go mod download", "go mod vendor".. by hand).
> A bit tricky (it would create one set of .zip and .mod for each plugin)
> but it should be doable. What do you think? Is there a simpler way?
> Thanks,
> Marco