Date: December 22, 2025
Codebase: k8s.io/kubernetes (master branch)
Commit: 9720186a466cc627b0417433fb1f66cd1dd96f94
Vendor Size: 68 MB (4,349 Go files across 1,215 directories)
This is a completely fresh, blind analysis - discovered independently without referencing prior assessments. The analysis identifies:
- Zero-usage packages - vendored but never imported by k8s code
- Single-use packages - imported in only 1 file
- Transitive-only chains - packages only used by other vendor code
- Duplicate libraries - multiple packages serving the same purpose
- Inlinable micro-packages - tiny utilities that could be copied
| Category | Discovery | Estimated Savings |
|---|---|---|
| etcd server transitive chain | 6+ packages only used by etcd/server | ~600 KB |
| Semver duplication | 3 libraries, only 1 actually used | 2 redundant packages |
| Antlr4 (CEL parser) | 560 KB, vendor-only usage | Unavoidable (CEL dep) |
| Smallest inlinable packages | 5 packages under 200 LOC | 5 deps removable |
| Protobuf triplication | 3 implementations required | Unavoidable |
These packages exist in vendor but are never imported by any Kubernetes-owned code:
These packages are ONLY imported by go.etcd.io/etcd/server/v3/*:
| Package | Size | Imported By |
|---|---|---|
github.com/tmc/grpc-websocket-proxy |
20 KB | etcd/server/embed |
github.com/xiang90/probing |
24 KB | etcd/server/rafthttp |
github.com/soheilhy/cmux |
56 KB | etcd/server/embed |
github.com/dustin/go-humanize |
64 KB | etcd/server (10 files) |
github.com/jonboulle/clockwork |
60 KB | etcd/server (8 files) |
github.com/golang-jwt/jwt |
160 KB | etcd/server/auth |
Total: ~384 KB of packages only used by etcd server internals
| Package | Size | Imported By |
|---|---|---|
github.com/cenkalti/backoff |
44 KB | OTEL retry only |
github.com/NYTimes/gziphandler |
56 KB | kube-openapi handler only |
github.com/antlr4-go/antlr |
560 KB | cel-go parser only |
github.com/kylelemons/godebug |
? | prometheus testutil only |
github.com/coreos/go-semver |
28 KB | etcd only |
github.com/Masterminds/semver |
36 KB | ginkgo internal only |
| Package | LOC | Single Use Location |
|---|---|---|
github.com/armon/go-socks5 |
~200 | apimachinery/pkg/util/httpstream/spdy/roundtripper_test.go |
github.com/fatih/camelcase |
90 | kubectl/pkg/describe/describe.go |
github.com/beorn7/perks/quantile |
? | prometheus summary (vendor) |
github.com/felixge/httpsnoop |
100 | vendor only |
github.com/JeffAshton/win_pdh |
? | kubelet/winstats/perfcounters.go (Windows only) |
Discovered by scanning all vendor packages for LOC:
| Package | Total LOC | Files | Complexity |
|---|---|---|---|
github.com/josharian/intern |
44 | 1 | Trivial string interning |
github.com/lithammer/dedent |
49 | 1 | Regex whitespace removal |
github.com/inconshreveable/mousetrap |
58 | 2 | Windows trap detection |
github.com/mitchellh/go-wordwrap |
83 | 1 | Word-boundary line wrapping |
github.com/fatih/camelcase |
90 | 1 | CamelCase splitting |
github.com/MakeNowJust/heredoc |
105 | 1 | Here-doc processing |
github.com/mohae/deepcopy |
125 | 1 | Deep copy via reflection |
github.com/munnerz/goautoneg |
189 | 1 | HTTP content negotiation |
github.com/stoewer/go-strcase |
191 | 5 | Case conversion |
| Package | Non-Vendor Imports | Recommendation |
|---|---|---|
josharian/intern |
0 (easyjson only) | Keep (transitive) |
lithammer/dedent |
44 files | INLINE - heavily used |
inconshreveable/mousetrap |
0 (cobra only) | Keep (transitive) |
mitchellh/go-wordwrap |
2 files | INLINE - kubectl only |
fatih/camelcase |
1 file | INLINE - single use |
MakeNowJust/heredoc |
1 file | INLINE - single use |
mohae/deepcopy |
0 (vendor only) | Keep (transitive) |
munnerz/goautoneg |
3 files | Consider inlining |
stoewer/go-strcase |
0 (cel-go only) | Keep (transitive) |
| Library | Size | Non-Vendor Usage |
|---|---|---|
github.com/blang/semver/v4 |
56 KB | 28 files - actual usage |
github.com/coreos/go-semver |
28 KB | 0 files - etcd transitive |
github.com/Masterminds/semver/v3 |
36 KB | 0 files - ginkgo transitive |
Finding: Only blang/semver is used by Kubernetes. The other two are transitive dependencies.
| Library | Size | Purpose |
|---|---|---|
google.golang.org/protobuf |
1.4 MB | Modern official |
github.com/golang/protobuf |
152 KB | Legacy shim |
github.com/gogo/protobuf |
1.3 MB | Performance (etcd, prometheus, containerd) |
Finding: All three are required. gogo/protobuf is needed by etcd, prometheus, and containerd APIs.
| Library | Size | Non-Vendor Usage |
|---|---|---|
github.com/sirupsen/logrus |
160 KB | 25 files |
go.uber.org/zap |
600 KB | ~12 files (via zapr) |
github.com/go-logr/logr |
216 KB | 61 files |
Finding: Multiple logging abstractions coexist. klog/logr is primary, zap is for JSON output.
go.etcd.io/etcd/server/v3 (1.9 MB, 231 files)
├── Brings in: bbolt (388 KB)
├── Brings in: raft (472 KB)
├── Brings in: grpc-websocket-proxy (20 KB)
├── Brings in: probing (24 KB)
├── Brings in: cmux (56 KB)
├── Brings in: go-humanize (64 KB)
├── Brings in: clockwork (60 KB)
├── Brings in: golang-jwt (160 KB)
└── Brings in: coreos/go-semver (28 KB)
Critical Finding: etcd/server is only imported by 2 test files:
staging/src/k8s.io/apiserver/pkg/storage/etcd3/testserver/test_server.gostaging/src/k8s.io/apiserver/pkg/storage/etcd3/store_test.go
Total transitive bloat from etcd/server: ~3.2 MB
github.com/google/cel-go (2.0 MB)
└── Brings in: antlr4-go/antlr (560 KB)
Finding: antlr4 is required for CEL expression parsing. No alternative.
go.opentelemetry.io/otel (3.2 MB)
└── Brings in: cenkalti/backoff (44 KB) - retry logic
From blind analysis of all non-vendor imports:
| Package | Import Count | Notes |
|---|---|---|
github.com/google/go-cmp/cmp |
509 | Test comparisons |
github.com/onsi/ginkgo/v2 |
455 | BDD testing |
github.com/stretchr/testify/assert |
384 | Assertions |
github.com/onsi/gomega |
330 | Matchers |
github.com/stretchr/testify/require |
270 | Required assertions |
github.com/spf13/cobra |
239 | CLI framework |
github.com/spf13/pflag |
216 | Flags |
github.com/google/cel-go/common/types/ref |
125 | CEL types |
github.com/google/cadvisor/info/v1 |
102 | Container metrics |
github.com/google/cel-go/cel |
81 | CEL API |
github.com/prometheus/client_golang/prometheus |
69 | Metrics |
| Package | File Count | Files |
|---|---|---|
github.com/mitchellh/go-wordwrap |
2 | kubectl help_flags_printer, term_writer |
github.com/peterbourgon/diskv |
2 | client-go disk cache |
github.com/coredns/corefile-migration |
2 | kubeadm dns migration |
github.com/jonboulle/clockwork |
2 | kubectl diff, patcher (non-etcd) |
github.com/ishidawataru/sctp |
3 | agnhost test images only |
github.com/exponent-io/jsonpath |
2 | kubectl schema, patch_test |
github.com/robfig/cron |
3 | cronjob controller |
| Directory | Size |
|---|---|
github.com/google/ |
4.8 MB |
github.com/onsi/ |
1.5 MB |
github.com/prometheus/ |
1.4 MB |
github.com/gogo/protobuf/ |
1.3 MB |
github.com/vishvananda/ |
1.0 MB |
github.com/containerd/ |
720 KB |
github.com/grpc-ecosystem/ |
692 KB |
github.com/opencontainers/ |
680 KB |
github.com/spf13/ |
632 KB |
github.com/stretchr/ |
568 KB |
github.com/antlr4-go/ |
560 KB |
github.com/Microsoft/ |
520 KB |
github.com/moby/ |
356 KB |
github.com/fxamacker/ |
352 KB |
github.com/json-iterator/ |
344 KB |
| Directory | Size |
|---|---|
golang.org/x/ |
23 MB |
github.com/ |
21 MB |
sigs.k8s.io/ |
7.0 MB |
go.etcd.io/ |
4.7 MB |
google.golang.org/ |
4.0 MB |
go.opentelemetry.io/ |
3.7 MB |
k8s.io/ |
2.2 MB |
| Action | Savings | Effort |
|---|---|---|
Inline lithammer/dedent (49 LOC) |
1 dep | 1 hour |
Inline fatih/camelcase (90 LOC) |
1 dep | 1 hour |
Inline mitchellh/go-wordwrap (83 LOC) |
1 dep | 1 hour |
Inline MakeNowJust/heredoc (105 LOC) |
1 dep | 1 hour |
Total: 4 dependencies, ~4 hours work
The entire etcd/server module (1.9 MB + ~1.3 MB transitive) is only used for test infrastructure.
Options:
- Move test server to separate test-only module
- Use build tags to exclude from production
- Accept as test infrastructure cost
Potential savings: 3.2 MB vendor, significant binary reduction
| Package | Reason to Keep |
|---|---|
antlr4-go/antlr |
Required by CEL parser |
gogo/protobuf |
Required by etcd, prometheus, containerd |
coreos/go-semver |
etcd transitive (unavoidable with etcd) |
Masterminds/semver |
ginkgo transitive (test framework) |
| Package | Primary Consumer |
|---|---|
github.com/onsi/ginkgo/v2 |
e2e tests |
github.com/onsi/gomega |
e2e tests |
github.com/stretchr/testify |
unit tests |
github.com/armon/go-socks5 |
roundtripper_test.go |
| Package | Component |
|---|---|
github.com/coredns/ |
kubeadm only |
github.com/chai2010/gettext-go |
kubectl i18n only |
github.com/JeffAshton/win_pdh |
kubelet Windows only |
github.com/ishidawataru/sctp |
agnhost test images only |
github.com/robfig/cron |
cronjob controller only |
github.com/russross/blackfriday |
kubectl markdown help |
-
etcd/server is the biggest opportunity - 3.2 MB of vendor brought in for 2 test files
-
4 micro-packages can be trivially inlined - dedent, camelcase, wordwrap, heredoc (total ~330 LOC)
-
3 semver libraries exist, only 1 is used - blang/semver is the real one; coreos and Masterminds are transitive
-
3 protobuf implementations are required - ecosystem dependencies prevent consolidation
-
antlr4 (560 KB) is unavoidable - required for CEL expression parsing
-
~384 KB of packages are only used by etcd/server internals - would be removed if etcd/server were isolated
| Priority | Action | Impact |
|---|---|---|
| 1 | Inline 4 micro-packages | -4 deps, trivial |
| 2 | Investigate etcd server test isolation | -3.2 MB potential |
| 3 | Document why 3 protobuf impls needed | Prevents future confusion |
| 4 | Accept CEL/antlr cost | Unavoidable for validation |
Freshly discovered through blind analysis of k8s.io/kubernetes vendor directory Analysis performed: December 22, 2025
Use the following prompt with Claude Code to regenerate this analysis on a newer commit:
Perform a fresh, blind analysis of the Kubernetes vendor directory to identify dependency reduction opportunities. Do NOT reference any prior analysis - discover everything independently.
Analyze and report on:
1. **Vendor overview**: Total size, file counts, directory structure breakdown
2. **Zero-usage packages**: Find vendored packages that are NEVER imported by any k8s.io/* code (only by other vendor code). Use grep to verify import counts.
3. **Single-use packages**: Packages imported by only 1-2 non-vendor files
4. **Transitive dependency chains**: Map which large packages (etcd/server, CEL, OTEL) bring in which smaller packages that wouldn't otherwise be needed
5. **Smallest packages by LOC**: Find packages under 200 lines that could potentially be inlined
6. **Duplicate libraries**: Identify multiple libraries serving the same purpose (semver, logging, protobuf, etc.)
7. **Top imported packages**: Count imports to find most/least used dependencies
For each finding, provide:
- Package path and size (use `du -sh`)
- Actual import count (use grep on non-vendor .go files)
- What imports it (vendor-only vs k8s code)
- Actionable recommendation
Output as a markdown report with tables, organized by category. Include the git commit hash for reproducibility.
Be thorough - scan the actual vendor directory, count real imports, verify claims with grep. This should take 15-20 minutes of analysis.