-
Notifications
You must be signed in to change notification settings - Fork 0
/
build.gradle.kts
103 lines (90 loc) · 5.57 KB
/
build.gradle.kts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
plugins {
java
}
repositories {
mavenCentral()
}
// Jackson releases: https://github.com/FasterXML/jackson/wiki/Jackson-Releases
// Usually, we don't like to code to a dynamic version ("+" sign), but because we are using a lock file, we still have
// a complete understading of the resolved dependencies. The lock file is version controlled and should be reviewed
// before committing changes.
val jacksonBomVersion = "2.17.+"
// Let's try to force a downgrade to a specific version of jackson-databind which is different from what is defined in the BOM
val jacksonDatabindVersion = "2.17.1"
dependencies {
/*
Importing a Maven BOM enables convenience and safety with managing transitive dependencies. In this case, it
lets us omit the versions of Jackson dependency declarations declared later in this 'dependencies' block. That's
nice! Also, the versions of Jackson dependencies that it automatically uses are a set of "known to work well
together" versions. This is a useful safeguard that should reduce our chances of getting unwelcome problems like
a NoClassDefFoundError exception at runtime.
Read about Gradle's support for Maven BOMs at https://docs.gradle.org/current/userguide/platforms.html#sub:bom_import
*/
implementation(platform("com.fasterxml.jackson:jackson-bom:$jacksonBomVersion"))
/*
Notice how we don't have to declare a version in these dependency declarations! This is because the earlier Maven
BOM import already defines specific versions for each of these dependencies.
*/
implementation("com.fasterxml.jackson.core:jackson-annotations")
implementation("com.fasterxml.jackson.core:jackson-core")
implementation("com.fasterxml.jackson.module:jackson-module-parameter-names")
implementation("com.fasterxml.jackson.dataformat:jackson-dataformat-csv")
/*
In this contrived case, we want to override the version of the 'jackson-databind' dependency that is defined in
the Maven BOM. Instead of using this version, for whatever reason, we want to downgrade to a lower version of
this dependency for compilation and runtime. We can accomplish that by using the "strictly" rule. Read about this
feature at https://docs.gradle.org/current/userguide/rich_versions.html#sec:strict-version
*/
implementation("com.fasterxml.jackson.core:jackson-databind") {
version {
strictly(jacksonDatabindVersion)
}
}
/*
Finally, when all is said and done, Gradle will resolve our dependencies to the following versions. This is the
output of the command `./gradlew dependencies --configuration compileClasspath`:
> Task :dependencies
------------------------------------------------------------
Root project 'consuming-a-maven-bom'
------------------------------------------------------------
compileClasspath - Compile classpath for source set 'main'.
+--- com.fasterxml.jackson:jackson-bom:2.17.+ -> 2.17.2
| +--- com.fasterxml.jackson.core:jackson-annotations:2.17.2 (c)
| +--- com.fasterxml.jackson.core:jackson-core:2.17.2 (c)
| +--- com.fasterxml.jackson.core:jackson-databind:2.17.2 -> 2.17.1 (c)
| +--- com.fasterxml.jackson.dataformat:jackson-dataformat-csv:2.17.2 (c)
| \--- com.fasterxml.jackson.module:jackson-module-parameter-names:2.17.2 (c)
+--- com.fasterxml.jackson.core:jackson-annotations -> 2.17.2
| \--- com.fasterxml.jackson:jackson-bom:2.17.2 (*)
+--- com.fasterxml.jackson.core:jackson-core -> 2.17.2
| \--- com.fasterxml.jackson:jackson-bom:2.17.2 (*)
+--- com.fasterxml.jackson.module:jackson-module-parameter-names -> 2.17.2
| +--- com.fasterxml.jackson.core:jackson-core:2.17.2 (*)
| +--- com.fasterxml.jackson.core:jackson-databind:2.17.2 -> 2.17.1
| | +--- com.fasterxml.jackson.core:jackson-annotations:2.17.1 -> 2.17.2 (*)
| | +--- com.fasterxml.jackson.core:jackson-core:2.17.1 -> 2.17.2 (*)
| | \--- com.fasterxml.jackson:jackson-bom:2.17.1 -> 2.17.2 (*)
| \--- com.fasterxml.jackson:jackson-bom:2.17.2 (*)
+--- com.fasterxml.jackson.dataformat:jackson-dataformat-csv -> 2.17.2
| +--- com.fasterxml.jackson.core:jackson-databind:2.17.2 -> 2.17.1 (*)
| +--- com.fasterxml.jackson.core:jackson-annotations:2.17.2 (*)
| +--- com.fasterxml.jackson.core:jackson-core:2.17.2 (*)
| \--- com.fasterxml.jackson:jackson-bom:2.17.2 (*)
+--- com.fasterxml.jackson.core:jackson-databind:{strictly 2.17.1} -> 2.17.1 (*)
+--- com.fasterxml.jackson.core:jackson-databind:{strictly 2.17.1} -> 2.17.1 (c)
+--- com.fasterxml.jackson.dataformat:jackson-dataformat-csv:{strictly 2.17.2} -> 2.17.2 (c)
+--- com.fasterxml.jackson.core:jackson-core:{strictly 2.17.2} -> 2.17.2 (c)
+--- com.fasterxml.jackson.module:jackson-module-parameter-names:{strictly 2.17.2} -> 2.17.2 (c)
+--- com.fasterxml.jackson:jackson-bom:{strictly 2.17.2} -> 2.17.2 (c)
\--- com.fasterxml.jackson.core:jackson-annotations:{strictly 2.17.2} -> 2.17.2 (c)
(c) - A dependency constraint, not a dependency. The dependency affected by the constraint occurs elsewhere in the tree.
(*) - Indicates repeated occurrences of a transitive dependency subtree. Gradle expands transitive dependency subtrees only once per project; repeat occurrences only display the root of the subtree, followed by this annotation.
*/
}
/*
As a convenience, we can enable dependency locking so that we can look at the generated `gradle.lockfile` file to see
the resolved dependencies.
*/
dependencyLocking {
lockAllConfigurations()
}