This change means that if one of the dependencies is no longer available to download, Unsee builds will break until you fix Unsee to either update the package path or rework the code to use another library.

Since Go has no central repository for packages like RubyGems (GitHub is probably the closest equivalent), it's usually recommended to vendor dependencies. If we're happy to risk new builds breaking at any time, this change is fine.

We have docker images already build at that point.
If any upstream repo is gone we need to address it quickly rather than keep an maintained copy of it and only notice when we try to update it.

@prymitive: The occasion where that approach falls short is when you need to cut a new release in a hurry, for example to fix a security issue. Unsee is intended as an internal tool, which mitigates that problem to some extent.

I think we should either document our expectations around this (i.e. Unsee is for internal use only in 'trusted' environments), or vendor our dependencies so we are in a position to cut 'hotfix' releases if needs be. My preference is for the latter.