Could not determine the dependencies of task ':src:components:compileGroovy'. > Could not resolve all dependencies for configuration ':src:components:compileClasspath'. > Checksum/PGP violations detected on resolving configuration :src:components:runtimeClasspath Trusted PGP keys for group com.miglayout are [817ea1255546d6070a23aa00db45d3a62a183ce2], however artifact is signed by [764be739ddae10f4473fecf0aef385ed6ca815ae] only: com.miglayout:miglayout-core:11.2 (pgp=[764be739ddae10f4473fecf0aef385ed6ca815ae], sha512=[computation skipped]) com.miglayout:miglayout-swing:11.2 (pgp=[764be739ddae10f4473fecf0aef385ed6ca815ae], sha512=[computation skipped]) There might be more checksum violations, however, current configuration specifies the build to fail on the first violation. You might use the following properties: * -PchecksumIgnore temporary disables checksum-dependency-plugin (e.g. to try new dependencies) * -PchecksumUpdate updates checksum.xml and it will fail after the first violation so you can review the diff * -PchecksumUpdateAll (insecure) updates checksum.xml with all the new discovered checksums * -PchecksumFailOn=build_finish (insecure) It will postpone the failure till the build finish It will collect all the violations, however untrusted code might be executed (e.g. from a plugin) You can find updated checksum.xml file at D:\a\jmeter\jmeter\build\checksum\checksum.xml. You might add -PchecksumUpdate to update root checksum.xml file.