Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Gradle plugin for JVM projects written in Java, Kotlin, Groovy, or Scala; and Android projects written in Java or Kotlin. Provides advice for managing dependencies and other applied plugins

License

NotificationsYou must be signed in to change notification settings

autonomousapps/dependency-analysis-gradle-plugin

Repository files navigation

Latest version
Latest snapshot
Build status

Detect unused and misused dependencies

The Dependency Analysis Gradle Plugin (DAGP, née Dependency Analysis Android Gradle Plugin) detects the following:

  1. Unused dependencies.

  2. Used transitive dependencies (which you may want to declare directly).

  3. Dependencies declared on the wrong configuration (api vsimplementation vscompileOnly, etc.).

As a side effect, the plugin can also tell you your project’s ABI, and produces graphviz files representing variousviews of your dependency graph, among other things. These side effects are currently mostly undocumented internalbehaviors, but they may be interesting for some advanced users.

Build health

In addition to the dependency-related advice (see above), DAGP provides other advice to help maintain your "build health." This includes the detection of:

  1. Unnecessary plugins (currently onlykapt).

  2. Subprojects ("modules") that unnecessarily use the Android plugin, and could instead be "normal" JVM libraries.

Compatibilities

Please see thewiki for information on the versions of Gradle, the Android Gradle Plugin, etc., that this plugin is compatible with.

Add to your project and use

For detailed instructions, seethe wiki.

The simplest approach is to add the following:

settings.gradle.kts
plugins {  id("com.autonomousapps.build-health") version"<<latest_version>>"}
Important
If your project uses Kotlin or Android (or both), then those plugins must also be loaded in the settingsscript classloader (or a parent). Seethe wiki for more information

For a quick start, just run the following:

./gradlew buildHealth

You will probably see output like the following:

> Task :buildHealth FAILEDFAILURE: Build failed with an exception.* What went wrong:Execution failed for task ':buildHealth'.> There were dependency violations. See report at file:///path/to/project/build/reports/dependency-analysis/build-health-report.txt

If you wish to have this (potentially very long) report printed to console, add this to yourgradle.properties file:

gradle.properties
dependency.analysis.print.build.health=true

Repositories

From 2.19.0 for releases, and 2.18.1-SNAPSHOT for snapshots, this plugin useshttps://central.sonatype.com. To add thisplugin to your project, use the following repositories.

settings.gradle.kts
pluginManagement {  repositories {// releases    mavenCentral()// snapshots    maven(url="https://central.sonatype.com/repository/maven-snapshots/")// Once you start using pluginManagement, you should explicitly add this,// unless you NEVER want to use this repository    gradlePluginPortal()  }}

More advanced usage

You do not have to apply this plugin to all projects via the settings script. It can also be applied to only specificsubprojects. In this case, it must also be applied to the root build script.

root build.gradle.kts
plugins {  id("com.autonomousapps.dependency-analysis") version"<<latest_version>>"}
sub/project/build.gradle.kts
plugins {  id("com.autonomousapps.dependency-analysis")}
Important
If your project uses Kotlin or Android (or both), then those plugins must also be loaded in the root buildscript classloader (or a parent). Seethe wiki for more information

Project Health

The analysis can be run against individual modules with theprojectHealth task. For example:

./gradlew app:projectHealth

Fix dependency issues automatically

It is common for the plugin to report many issues with your project’s dependency declarations. Since fixing manually canbe tedious, the plugin also provides a task to auto-remediate all issues.

./gradlew fixDependencies

ThefixDependencies task is registered on each project where the plugin is applied. Running it as above will run thetask in each subproject. See alsoOne click dependencies fix.

Fix only some dependency issues automatically

In some circumstances, it may be considered infeasible to resolve all issues in one pass. Maybe you have a very largeproject, or you publish libraries and you know that changing your dependency declarations will also change yourlibraries' metadata, which might break consumers. To support this use-case, the thefixDependencies task takes anoptional flag to tell it to, essentially, make only "safe" changes.

./gradlew fixDependencies --upgrade

With this flag in place, thefixDependencies task will not remove or "downgrade" any dependency declarations. It willonly add or "upgrade" declarations (e.g., fromimplementation toapi).

In an incremental rollout scenario, one could imagine using the--upgrade flag, then updating all consumers, thenfinally removing the flag and removing all unused dependencies.

Caveats

If the analysis has any bugs, then fixing the dependency declarations make break your build (but this is also the casewith manual fixes). If you encounter this, pleasefile an issue.

Additionally, the rewriting functionality is based on a simplified Gradle Groovy/Kotlin DSL grammar, which will fail inthe presence of complex build scripts. We plan to enhance the Gradle Kotlin DSL grammar soon, since it is the defaultbuild script language, but we have no current plans to do the same for Gradle Groovy DSL.

Reason

You may be curious why the plugin is emitting (or not emitting) advice regarding some dependency. You can ask it why:

./gradlew lib:reason --id com.squareup.okio:okio:2.2.2(1)> Task :lib:reason----------------------------------------You asked about the dependency 'com.squareup.okio:okio:2.2.2'.There is no advice regarding this dependency.----------------------------------------Shortest path from :lib to com.squareup.okio:okio:2.2.2::lib\--- com.squareup.okio:okio:2.2.2Source: main------------* Exposes class okio.BufferedSource (implies api).

  1. The version string is optional.

Basic configuration

For detailed information on how to configure the plugin, seethe wiki.

To configure the plugin, use thedependencyAnalysis extension.

build.gradle.kts
dependencyAnalysis {// Declare that the plugin should use typesafe project accessors. False by default.  useTypesafeProjectAccessors(true)// Configure ABI exclusion rules.  abi {... }// Configure the severity of issues, and exclusion rules, for potentially the entire project.  issues {... }// Configure issue reports.  reporting {// false by default. Setting to true results in// the advice report being emitted to console.    printBuildHealth(true)  }// Configure dependency structure rules (bundles, mapping, etc).  structure {... }// Configure usage rules.  usage {... }}

Publications

The following is a list of articles / blog posts that have been published discussing this plugin:

…​with more to come :)

This plugin has also been featured in these newsletters:

Podcast episodes about this plugin could be found here:

Youtube videos about this plugin:

About

Gradle plugin for JVM projects written in Java, Kotlin, Groovy, or Scala; and Android projects written in Java or Kotlin. Provides advice for managing dependencies and other applied plugins

Topics

Resources

License

Stars

Watchers

Forks

Sponsor this project

 

Packages

No packages published
[8]ページ先頭
©2009-2025 Movatter.jp