Security News
crates.io Ships Security Tab and Tightens Publishing Controls
crates.io adds a Security tab backed by RustSec advisories and narrows trusted publishing paths to reduce common CI publishing risks.
By Sarah Gooding - Jan 27, 2026
Latest Socket ResearchMalicious Chrome Extension Performs Hidden Affiliate Hijacking.Details →
www.github.com/golang/dep.git
- Version
- v0.5.4
- Version published
- Created
Would you like to see your company name here? We're looking for a stable source of funding.
Dep
dep is a dependency management tool for Go. It requires Go 1.9 or newer to compile.
dep was the "official experiment." The Go toolchain, as of 1.11, has adopted
an approach that sharply diverges from dep. As a result, we are continuing
development of dep, but gearing work primarily towards the development of an
alternative prototype for versioning behavior in the toolchain.
For guides and reference materials about dep, see the
documentation.
Installation
You should use an officially released version. Release binaries are available on the releases page.
On MacOS you can install or upgrade to the latest released version with Homebrew:
$ brew install dep
$ brew upgrade dep
On Debian platforms you can install or upgrade to the latest version with apt-get:
$ sudo apt-get install go-dep
On Windows, you can download a tarball from go.equinox.io.
On other platforms you can use the install.sh script:
$ curl https://raw.githubusercontent.com/golang/dep/master/install.sh | sh
It will install into your $GOPATH/bin directory by default or any other directory you specify using the INSTALL_DIRECTORY environment variable.
If your platform is not supported, you'll need to build it manually or let the team know and we'll consider adding your platform to the release builds.
If you're interested in getting the source code, or hacking on dep, you can
install via go get:
go get -u github.com/golang/dep/cmd/dep
Feedback
Feedback is greatly appreciated. At this stage, the maintainers are most interested in feedback centered on the user experience (UX) of the tool. Do you have workflows that the tool supports well, or doesn't support at all? Do any of the commands have surprising effects, output, or results? Let us know by filing an issue, describing what you did or wanted to do, what you expected to happen, and what actually happened.
Contributing
Contributions are greatly appreciated. The maintainers actively manage the issues list, and try to highlight issues suitable for newcomers. The project follows the typical GitHub pull request model. See CONTRIBUTING.md for more details. Before starting any work, please either comment on an existing issue, or file a new one.
FAQs
Unknown package
Package last updated on 13 Jun 2019
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Malicious Chrome Extension Performs Hidden Affiliate Hijacking
A Chrome extension claiming to hide Amazon ads was found secretly hijacking affiliate links, replacing creators’ tags with its own without user consent.
By Kush Pandya - Jan 27, 2026
Security News
curl Shuts Down Bug Bounty Program After Flood of AI Slop Reports
A surge of AI-generated vulnerability reports has pushed open source maintainers to rethink bug bounties and tighten security disclosure processes.
By Sarah Gooding - Jan 23, 2026