{"id":16915054,"url":"https://github.com/ryancurrah/gomodguard","last_synced_at":"2026-04-02T17:02:01.001Z","repository":{"id":46827347,"uuid":"250381008","full_name":"ryancurrah/gomodguard","owner":"ryancurrah","description":"Allow and block list linter for direct Go module dependencies.","archived":false,"fork":false,"pushed_at":"2026-03-28T20:12:34.000Z","size":169,"stargazers_count":82,"open_issues_count":0,"forks_count":9,"subscribers_count":3,"default_branch":"main","last_synced_at":"2026-03-28T20:41:02.697Z","etag":null,"topics":["allowed","blocked","go","go-mod","go-module","go-modules","golang","lint","linter"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ryancurrah.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2020-03-26T21:58:51.000Z","updated_at":"2026-03-28T19:41:30.000Z","dependencies_parsed_at":"2024-03-19T01:45:07.907Z","dependency_job_id":"bd512879-ec45-499a-84fa-49d1c648207a","html_url":"https://github.com/ryancurrah/gomodguard","commit_stats":null,"previous_names":[],"tags_count":20,"template":false,"template_full_name":null,"purl":"pkg:github/ryancurrah/gomodguard","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ryancurrah%2Fgomodguard","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ryancurrah%2Fgomodguard/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ryancurrah%2Fgomodguard/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ryancurrah%2Fgomodguard/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ryancurrah","download_url":"https://codeload.github.com/ryancurrah/gomodguard/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ryancurrah%2Fgomodguard/sbom","scorecard":{"id":791879,"data":{"date":"2025-08-11","repo":{"name":"github.com/ryancurrah/gomodguard","commit":"030e34c04e7882b729e7fd32b61fd1fd3b3c3eb3"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5.3,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Code-Review","score":3,"reason":"Found 3/10 approved changesets -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":3,"reason":"4 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Token-Permissions","score":10,"reason":"GitHub workflow tokens follow principle of least privilege","details":["Info: found token with 'none' permissions: .github/workflows/go.yml:14","Info: found token with 'none' permissions: .github/workflows/go.yml:15","Info: found token with 'none' permissions: .github/workflows/go.yml:18","Info: found token with 'none' permissions: .github/workflows/go.yml:19","Info: found token with 'none' permissions: .github/workflows/go.yml:10","Info: found token with 'none' permissions: .github/workflows/go.yml:11","Info: topLevel 'contents' permission set to 'read': .github/workflows/go.yml:12","Info: found token with 'none' permissions: .github/workflows/go.yml:16","Info: found token with 'none' permissions: .github/workflows/go.yml:17","Info: found token with 'none' permissions: .github/workflows/go.yml:13","Info: found token with 'none' permissions: .github/workflows/snyk.yml:6","Info: found token with 'none' permissions: .github/workflows/snyk.yml:11","Info: found token with 'none' permissions: .github/workflows/snyk.yml:12","Info: found token with 'none' permissions: .github/workflows/snyk.yml:15","Info: found token with 'none' permissions: .github/workflows/snyk.yml:7","Info: topLevel 'contents' permission set to 'read': .github/workflows/snyk.yml:8","Info: found token with 'none' permissions: .github/workflows/snyk.yml:9","Info: found token with 'none' permissions: .github/workflows/snyk.yml:10","Info: found token with 'none' permissions: .github/workflows/snyk.yml:13","Info: found token with 'none' permissions: .github/workflows/snyk.yml:14","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v1.4.1 not signed: https://api.github.com/repos/ryancurrah/gomodguard/releases/203739985","Warn: release artifact v1.4.0 not signed: https://api.github.com/repos/ryancurrah/gomodguard/releases/203261669","Warn: release artifact v1.3.5 not signed: https://api.github.com/repos/ryancurrah/gomodguard/releases/173991554","Warn: release artifact v1.3.2 not signed: https://api.github.com/repos/ryancurrah/gomodguard/releases/149610725","Warn: release artifact v1.4.1 does not have provenance: https://api.github.com/repos/ryancurrah/gomodguard/releases/203739985","Warn: release artifact v1.4.0 does not have provenance: https://api.github.com/repos/ryancurrah/gomodguard/releases/203261669","Warn: release artifact v1.3.5 does not have provenance: https://api.github.com/repos/ryancurrah/gomodguard/releases/173991554","Warn: release artifact v1.3.2 does not have provenance: https://api.github.com/repos/ryancurrah/gomodguard/releases/149610725"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":3,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'main'","Info: 'force pushes' disabled on branch 'main'","Info: 'branch protection settings apply to administrators' is required to merge on branch 'main'","Warn: 'stale review dismissal' is disabled on branch 'main'","Warn: branch 'main' does not require approvers","Warn: codeowners review is not required on branch 'main'","Warn: 'last push approval' is disabled on branch 'main'","Warn: no status checks found to merge onto branch 'main'","Info: PRs are required in order to make changes on branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/ryancurrah/gomodguard/go.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/ryancurrah/gomodguard/go.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/go.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/ryancurrah/gomodguard/go.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/go.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/ryancurrah/gomodguard/go.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/snyk.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/ryancurrah/gomodguard/snyk.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/snyk.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/ryancurrah/gomodguard/snyk.yml/main?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:2","Warn: containerImage not pinned by hash: Dockerfile:9: pin your Docker image by updating golang:alpine to golang:alpine@sha256:244baa35bcfaf9a5b3444519df6d42554a1f92dc33820bd98f0662df270d8a6a","Warn: containerImage not pinned by hash: Dockerfile.goreleaser:2: pin your Docker image by updating golang:alpine to golang:alpine@sha256:244baa35bcfaf9a5b3444519df6d42554a1f92dc33820bd98f0662df270d8a6a","Info:   0 out of   3 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   3 third-party GitHubAction dependencies pinned","Info:   0 out of   3 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":10,"reason":"SAST tool detected","details":["Info: SAST configuration detected: Snyk","Warn: 0 commits out of 27 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-23T07:47:09.483Z","repository_id":46827347,"created_at":"2025-08-23T07:47:09.483Z","updated_at":"2025-08-23T07:47:09.483Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31311011,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-02T12:59:32.332Z","status":"ssl_error","status_checked_at":"2026-04-02T12:54:48.875Z","response_time":89,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["allowed","blocked","go","go-mod","go-module","go-modules","golang","lint","linter"],"created_at":"2024-10-13T19:16:20.937Z","updated_at":"2026-04-02T17:02:00.984Z","avatar_url":"https://github.com/ryancurrah.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# gomodguard\n[![License](https://img.shields.io/github/license/ryancurrah/gomodguard?style=flat-square)](/LICENSE)\n[![Codecov](https://img.shields.io/codecov/c/gh/ryancurrah/gomodguard?style=flat-square)](https://codecov.io/gh/ryancurrah/gomodguard)\n[![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/ryancurrah/gomodguard/go.yml?branch=main\u0026logo=Go\u0026style=flat-square)](https://github.com/ryancurrah/gomodguard/actions?query=workflow%3AGo)\n[![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/ryancurrah/gomodguard?style=flat-square)](https://github.com/ryancurrah/gomodguard/releases/latest)\n[![Docker](https://img.shields.io/docker/pulls/ryancurrah/gomodguard?style=flat-square)](https://hub.docker.com/r/ryancurrah/gomodguard)\n[![Github Releases Stats of golangci-lint](https://img.shields.io/github/downloads/ryancurrah/gomodguard/total.svg?logo=github\u0026style=flat-square)](https://somsubhra.com/github-release-stats/?username=ryancurrah\u0026repository=gomodguard)\n\n\u003cimg src=\"https://storage.googleapis.com/gopherizeme.appspot.com/gophers/9afcc208898c763be95f046eb2f6080146607209.png\" width=\"30%\"\u003e\n\nAllow and block list linter for direct Go module dependencies. This is useful for organizations where they want to standardize on the modules used and be able to recommend alternative modules.\n\n## Description\n\nAllowed and blocked modules are defined in a `./.gomodguard.yaml` or `~/.gomodguard.yaml` file. \n\nModules can be allowed by module or prefix name. When allowed modules are specified any modules not in the allowed configuration are blocked.\n\nIf no allowed modules or module prefixes are specified then all modules are allowed except for blocked ones.\n\nThe linter looks for blocked modules in `go.mod` and searches for imported packages where the imported packages module is blocked. Indirect modules are not considered.\n\nAlternative modules can be optionally recommended in the blocked modules list.\n\nIf the linted module imports a blocked module but the linted module is in the recommended modules list the blocked module is ignored. Usually, this means the linted module wraps that blocked module for use by other modules, therefore the import of the blocked module should not be blocked.\n\nVersion constraints can be specified for modules as well which lets you block new or old versions of modules or specific versions.\n\nResults are printed to `stdout`.\n\nLogging statements are printed to `stderr`.\n\nResults can be exported to different report formats. Which can be imported into CI tools. See the help section for more information.\n\n# Configuration\n\n```yaml\n# allowed defines the modules that are permitted as direct dependencies.\n# When this section is non-empty, any module not matched by an entry is blocked.\n# When omitted entirely, all modules are allowed except those in the blocked list.\nallowed:\n  # Exact match (default when match-type is omitted).\n  - module: go.yaml.in/yaml/v4\n  - module: github.com/go-xmlfmt/xmlfmt\n\n  # version constrains which versions of the module are allowed.\n  # Uses semver constraint syntax (e.g. \"\u003e= 1.0.0\", \"~1.2\", \"== 2.5.0\").\n  - module: github.com/confluentinc/confluent-kafka-go/v2\n    version: \"== 2.5.0\"\n\n  # match-type controls how the module is matched against module paths.\n  # Options: exact (default), prefix, regex\n  - module: github.com/kubernetes\n    match-type: prefix\n  - module: github.com/apache/arrow-go\n    match-type: prefix\n  - module: \"github.com/somecompany/.*\"\n    match-type: regex\n\n# blocked defines modules that are not permitted as direct dependencies.\nblocked:\n  - module: github.com/uudashr/go-module\n    # match-type controls how the module is matched against module paths.\n    # Options: exact (default), prefix, regex\n    match-type: exact\n\n    # recommendations lists alternative modules to suggest in the lint error.\n    recommendations:\n      - golang.org/x/mod\n\n    # reason is a human-readable explanation appended to the lint error.\n    reason: \"`mod` is the official go.mod parser library.\"\n\n  - module: github.com/mitchellh/go-homedir\n    # version constrains which versions of the module are blocked.\n    # Uses semver constraint syntax. When omitted, all versions are blocked.\n    version: \"\u003c= 1.1.0\"\n    reason: \"old versions have a known bug.\"\n\n  - module: \"github.com/badcompany/.*\"\n    match-type: regex\n    reason: \"No badcompany packages are permitted.\"\n\n# Blocks 'replace' directives using local filesystem paths to prevent\n# accidental commits of dev overrides. Sibling modules in multi-module\n# repos are automatically detected and permitted.\nlocal_replace_directives: true\n```\n\n### Field reference\n\n#### Top-level fields\n\n| Field | Type | Default | Description |\n|---|---|---|---|\n| `allowed` | list | *(none)* | Modules that are permitted. When non-empty, anything not matched is blocked. |\n| `blocked` | list | *(none)* | Modules that are explicitly blocked. |\n| `local_replace_directives` | bool | `false` | Block any module whose `replace` directive points to a local filesystem path. Multi-module repo aware: sibling modules whose replacement path contains a matching `go.mod` are not blocked. |\n\n#### `allowed` / `blocked` entry fields\n\n| Field | Type | Description |\n|---|---|---|\n| `module` | string | The module path to match against. |\n| `match-type` | `exact` \\| `prefix` \\| `regex` | How `module` is matched against dependency paths. Defaults to `exact`. |\n| `version` | semver constraint string | Restricts the rule to specific versions (e.g. `\u003c= 1.2.0`, `\u003e= 2.0.0`). When omitted, all versions match. |\n| `recommendations` | list of module paths | *(blocked only)* Alternative modules to suggest in the lint error. If the module being linted is itself in this list, the block is skipped. |\n| `reason` | string | *(blocked only)* Human-readable explanation appended to the lint error. |\n\n#### Match type precedence\n\nWhen multiple rules can match the same module the following precedence applies:\n\n1. **Exact match** — highest priority; wins over prefix and regex.\n2. **Prefix match** — next priority; longest matching prefix wins.\n3. **Regex match** — lowest priority; evaluated in alphabetical key order; first match wins.\n\n## Example .gomodguard.yaml Files\n\nThe following example configuration files are available:\n\n- [examples/alloptions/.gomodguard.yaml](examples/alloptions/.gomodguard.yaml)\n- [examples/allowedversion/.gomodguard.yaml](examples/allowedversion/.gomodguard.yaml)\n- [examples/emptyallowlist/.gomodguard.yaml](examples/emptyallowlist/.gomodguard.yaml)\n- [examples/indirectdep/.gomodguard.yaml](examples/indirectdep/.gomodguard.yaml)\n- [examples/majorversion/.gomodguard.yaml](examples/majorversion/.gomodguard.yaml)\n- [examples/regexversion/.gomodguard.yaml](examples/regexversion/.gomodguard.yaml)\n- [examples/regextest/.gomodguard.yaml](examples/regextest/.gomodguard.yaml)\n\n### Migrating from v1\n\nIf you have a v1 `.gomodguard.yaml` file, you can automatically migrate it to the new v2 schema by running:\n\n```\ngomodguard migrate \u003e .gomodguard-v2.yaml\nmv .gomodguard-v2.yaml .gomodguard.yaml\n```\n\n## Usage\n\n```\n╰─ gomodguard -help\nUsage: gomodguard \u003cfile\u003e [files...]\nAlso supports package syntax but will use it in relative path, i.e. ./pkg/...\n\nCommands:\n  (default)  Lint Go module dependencies using the configuration file\n  migrate    Convert a v1 .gomodguard.yaml config file to v2 format and print to stdout\n\nFlags:\n  -f string\n    \tReport results to the specified file. A report type must also be specified\n  -file string\n\n  -h\tShow this help text\n  -help\n\n  -i int\n    \tExit code when issues were found (default 2)\n  -issues-exit-code int\n    \t (default 2)\n  -n\tDon't lint test files\n  -no-test\n\n  -r string\n    \tReport results to one of the following formats: checkstyle. A report file destination must also be specified\n  -report string\n\n  -version\n    \tPrint the version\n```\n\n## Example\n\n```\n╰─ cd examples/alloptions\n╰─ gomodguard -r checkstyle -f gomodguard-checkstyle.xml ./...\n\ninfo: allowed modules, [github.com/Masterminds/semver/v3 github.com/go-xmlfmt/xmlfmt golang.org gopkg.in/yaml.v3]\ninfo: blocked modules, [github.com/gofrs/uuid github.com/mitchellh/go-homedir github.com/uudashr/go-module]\nblocked_example.go:6:1 import of package `github.com/gofrs/uuid` is blocked because the module is in the blocked modules list. `github.com/ryancurrah/gomodguard` is a recommended module. testing if module is not blocked when it is recommended.\nblocked_example.go:7:1 import of package `github.com/mitchellh/go-homedir` is blocked because the module is in the blocked modules list. version `v1.1.0` is blocked because it does not meet the version constraint `\u003c=1.1.0`. testing if blocked version constraint works.\nblocked_example.go:8:1 import of package `github.com/uudashr/go-module` is blocked because the module is in the blocked modules list. `golang.org/x/mod` is a recommended module. `mod` is the official go.mod parser library.\n```\n\nResulting checkstyle file\n\n```\n╰─ cat gomodguard-checkstyle.xml\n\n\u003c?xml version=\"1.0\" encoding=\"UTF-8\"?\u003e\n\u003ccheckstyle version=\"1.0.0\"\u003e\n  \u003cfile name=\"blocked_example.go\"\u003e\n    \u003cerror line=\"6\" column=\"1\" severity=\"error\" message=\"import of package `github.com/gofrs/uuid` is blocked because the module is in the blocked modules list. `github.com/ryancurrah/gomodguard` is a recommended module. testing if module is not blocked when it is recommended.\" source=\"gomodguard\"\u003e\u003c/error\u003e\n    \u003cerror line=\"7\" column=\"1\" severity=\"error\" message=\"import of package `github.com/mitchellh/go-homedir` is blocked because the module is in the blocked modules list. version `v1.1.0` is blocked because it does not meet the version constraint `\u0026lt;=1.1.0`. testing if blocked version constraint works.\" source=\"gomodguard\"\u003e\u003c/error\u003e\n    \u003cerror line=\"8\" column=\"1\" severity=\"error\" message=\"import of package `github.com/uudashr/go-module` is blocked because the module is in the blocked modules list. `golang.org/x/mod` is a recommended module. `mod` is the official go.mod parser library.\" source=\"gomodguard\"\u003e\u003c/error\u003e\n  \u003c/file\u003e\n\u003c/checkstyle\u003e\n```\n\n## Install\n\n```\ngo install github.com/ryancurrah/gomodguard/v2/cmd/gomodguard@latest\n```\n\n## Develop\n\n```\ngit clone https://github.com/ryancurrah/gomodguard.git \u0026\u0026 cd gomodguard/cmd/gomodguard\n\ngo build -o gomodguard main.go\n```\n\n## License\n\n**MIT**\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fryancurrah%2Fgomodguard","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fryancurrah%2Fgomodguard","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fryancurrah%2Fgomodguard/lists"}