Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Dependency Management in Gradle 5 and Beyond

Kotlin User Group Hamburg
February 20, 2019
Programming
0
290

Dependency Management in Gradle 5 and Beyond

"The Java ecosystem allows developers to profit from a large pool of reusable libraries. Traditionally, the platform-independence of Java always made it easy to publish and share ready-to-use libraries. As Kotlin and Android developers, we also profit from this existing catalogue of libraries. However, new challenges for dealing with dependencies in the JVM world emerged over the past years, as software systems grew further in complexity and new platforms, such as Kotlin or Android, emerged.
Dependency management is one of the major functionalities of the Gradle Build Tool.
Gradle 5 offers a number of new stable features to support developers in managing dependencies – and more can be expected soon."

by Jendrik Johannes
presented on February 20, 2019 @codecentric

Kotlin User Group Hamburg

February 20, 2019
Tweet

More Decks by Kotlin User Group Hamburg

See All by Kotlin User Group Hamburg
Structure your Project with Gradle by using Kotlin Everywhere
kotlinhh
1
79
Improving your Android Gradle experience with Kotlin
kotlinhh
0
42
Refactoring Legacy Code with Kotlin and Coroutines
kotlinhh
1
230
Building SDKs - The Kotlin Way
kotlinhh
1
37
Concurrency with Coroutines and Actors
kotlinhh
0
35
Fight cold startup times for Kotlin lambdas with GraalVM
kotlinhh
0
190
Microservices with Kotlin and Ktor
kotlinhh
2
90
What's up next for Kotlin?
kotlinhh
1
160
Kotlin's Hidden Costs, Revisited
kotlinhh
0
160

Other Decks in Programming

See All in Programming
タイムゾーンの奥地は思ったよりも闇深いかもしれない
suguruooki
1
640
RubyKaigi Dev Meeting 2025
tenderlove
1
130
Coding Experience Cpp vs Csharp - meetup app osaka@9
harukasao
0
740
MCP調べてみました! / Exploring MCP
uhzz
2
2.3k
Optimizing JRuby 10
headius
0
300
State of Namespace
tagomoris
4
1.4k
AWS で実現する 安全な AI エージェントの作り方 〜 Bedrock Engineer の実装例を添えて 〜 / how-to-build-secure-ai-agents
gawa
8
800
AI Coding Agent Enablement - エージェントを自走させよう
yukukotani
14
6k
RuboCop: Modularity and AST Insights
koic
2
440
Dissecting and Reconstructing Ruby Syntactic Structures
ydah
0
640
Being an ethical software engineer
xgouchet
PRO
0
210
Kamal 2 – Get Out of the Cloud
aleksandrov
1
190

Featured

See All Featured
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
19
1.1k
The Straight Up "How To Draw Better" Workshop
denniskardys
232
140k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
29
9.4k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
Optimizing for Happiness
mojombo
377
70k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
231
53k
Testing 201, or: Great Expectations
jmmastey
42
7.5k
Embracing the Ebb and Flow
colly
85
4.6k
Building an army of robots
kneath
304
45k
Git: the NoSQL Database
bkeepers
PRO
430
65k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
26k
Raft: Consensus for Rubyists
vanstee
137
6.9k

Transcript

  1. Dependency Management in Gradle 5 and beyond Jendrik Johannes, Gradle

  2. PRODUCER A Model of Software Reuse

  3. PRODUCER CONSUMER A Model of Software Reuse

  4. PRODUCER CONSUMER REPOSITORY push software component component metadata A Model

    of Software Reuse

  5. PRODUCER CONSUMER REPOSITORY push software component component metadata pull component

    metadata software component A Model of Software Reuse

  6. Chapter 1: Versioning of Software Components Chapter 2: Different Variants

    of Software Components Chapter 3: Dealing with an imperfect World

  7. Chapter 1: Versioning of Software Components Chapter 2: Different Variants

    of Software Components Chapter 3: Dealing with an imperfect World

  8. PRODUCER CONSUMER REPOSITORY push software component component metadata pull component

    metadata software component

  9. PRODUCER CONSUMER REPOSITORY push software component component metadata pull component

    metadata software component NULL 8 FUFFZEHN // BANK !

  10. PRODUCER CONSUMER REPOSITORY push software component component metadata pull component

    metadata software component NULL 8 FUFFZEHN // BANK SantaSoft " !

  11. NULL 8 FUFFZEHN // BANK

  12. XMasTree by SantaSoft Open-source out-of-the-box Christmas trees for Java! From

    Christmas tree lovers for Christmas tree lovers! Maven dependencies { // just add your tree... implementation(“com.santasoft.xmastree:tree-swing:1.0”) // ...and decorate it as you like implementation(“com.santasoft.xmastree:lights-swing:1.0”) } Gradle // inject it in your UI code com.santasoft.xmastree.Tree.compose(container)
  13. None
  14. None
  15. None
  16. None

  17. NULL 8 FUFFZEHN // BANK

  18. XMasTree by SantaSoft Open-source out-of-the-box Christmas trees for Java! From

    Christmas tree lovers for Christmas tree lovers! Maven dependencies { // just add your tree... implementation(“com.santasoft.xmastree:tree-swing:2.0”) // ...and decorate it as you like implementation(“com.santasoft.xmastree:lights-swing:2.0”) } Gradle // inject it in your UI code com.santasoft.xmastree.Tree.compose(container) 2.0 W ITH FLASHY LIGHTS!
  19. None
  20. None

  21. Why did the Christmas tree crash? tree:1.0 lights:1.0 ornaments:1.0 train:1.0

    tree:2.0 lights:2.0 ornaments:2.0 train:2.0 component repository

  22. component repository Why did the Christmas tree crash? tree:1.0 lights:1.0

    null8fuffzehn-desktop ornaments:1.0 train:1.0 tree:2.0 lights:2.0 ornaments:2.0 train:2.0

  23. component repository Why did the Christmas tree crash? tree:1.0 lights:1.0

    null8fuffzehn-desktop ornaments:1.0 train:1.0 tree:2.0 lights:2.0 ornaments:2.0 train:2.0

  24. component repository Why did the Christmas tree crash? tree:1.0 lights:1.0

    null8fuffzehn-desktop ornaments:1.0 train:1.0 tree:2.0 lights:2.0 ornaments:2.0 train:2.0

  25. component repository Why did the Christmas tree crash? tree:1.0 lights:1.0

    null8fuffzehn-desktop ornaments:1.0 train:1.0 tree:2.0 lights:2.0 ornaments:2.0 train:2.0

  26. component repository Why did the Christmas tree crash? tree:1.0 lights:1.0

    null8fuffzehn-desktop ornaments:1.0 train:1.0 tree:2.0 lights:2.0 ornaments:2.0 train:2.0

  27. component repository Why did the Christmas tree crash? tree:1.0 lights:1.0

    null8fuffzehn-desktop ornaments:1.0 train:1.0 tree:2.0 lights:2.0 ornaments:2.0 train:2.0 conflict !

  28. component repository Dependency Constraints tree:1.0 lights:1.0 ornaments:1.0 train:1.0 tree:2.0 lights:2.0

    ornaments:2.0 train:2.0 depends-on

  29. component repository Dependency Constraints tree:1.0 lights:1.0 ornaments:1.0 train:1.0 tree:2.0 lights:2.0

    ornaments:2.0 train:2.0 depends-on (requires + constraints) constraints

  30. component repository Dependency Constraints save Christmas tree:1.0 lights:1.0 ornaments:1.0 train:1.0

    tree:2.0 lights:2.0 ornaments:2.0 train:2.0 depends-on (requires + constraints) constraints null8fuffzehn-desktop

  31. component repository Dependency Constraints save Christmas tree:1.0 lights:1.0 ornaments:1.0 train:1.0

    tree:2.0 lights:2.0 ornaments:2.0 train:2.0 depends-on (requires + constraints) constraints null8fuffzehn-desktop

  32. com.santasoft.xmastree:tree-swing:2.0 github.com/gradle/gradle/blob/master/subprojects/docs/src/ docs/design/gradle-module-metadata-specification.md { "component": { "group": "com.santasoft.xmastree", "module": "tree-swing",

    "version": "2.0", }, ... "dependencyConstraints": [ { "group": "com.santasoft.xmastree", "module": "lights-swing", "version": { "requires": "2.0" } }, { "group": "com.santasoft.xmastree", "module": "ornaments-swing", "version": { "requires": "2.0" } }, { "group": "com.santasoft.xmastree", "module": "train-swing", "version": { "requires": "2.0" } } ], ... } component repository — tree-swing-2.0.jar — tree-swing-2.0.pom — tree-swing-2.0.module

  33. Chapter 1: Versioning of Software Components Chapter 2: Different Variants

    of Software Components Chapter 3: Dealing with an imperfect World

  34. NULL 8 FUFFZEHN // BANK

  35. NULL 8 FUFFZEHN // BANK

  36. Gradle_Android XMasTree by SantaSoft Open-source out-of-the-box Christmas trees for Java!

    From Christmas tree lovers for Christmas tree lovers! Maven dependencies { // just add your tree... implementation(“com.santasoft.xmastree:tree-swing:2.0”) // ...and decorate it as you like implementation(“com.santasoft.xmastree:lights-swing:2.0”) } Gradle // inject it in your UI code com.santasoft.xmastree.Tree.compose(container) NOW ALSO FOR ANDROID! 2.0 W ITH FLASHY LIGHTS!

  37. Gradle XMasTree by SantaSoft Open-source out-of-the-box Christmas trees for Java!

    From Christmas tree lovers for Christmas tree lovers! Maven dependencies { // just add your tree... implementation(“com.santasoft.xmastree:tree-android:2.0”) // ...and decorate it as you like implementation(“com.santasoft.xmastree:lights-android:2.0”) } // inject it in your UI code com.santasoft.xmastree.Tree.compose(container) Gradle_Android NOW ALSO FOR ANDROID! 2.0 W ITH FLASHY LIGHTS!
  38. None
  39. None
  40. None

  41. component repository Modeling Platforms as Variants tree-swing lights-swing null8fuffzehn-desktop ornaments-swing

    train-swing tree-android lights-android null8fuffzehn-android ornaments-android train-android

  42. component repository Modeling Platforms as Variants tree-swing lights-swing ornaments-swing train-swing

    tree-android lights-android ornaments-android train-android null8fuffzehn-shared null8fuffzehn-desktop null8fuffzehn-android

  43. component repository Modeling Platforms as Variants tree-swing lights-swing ornaments-swing train-swing

    tree-android lights-android ornaments-android train-android null8fuffzehn-shared null8fuffzehn-desktop null8fuffzehn-android tree lights ornaments train variant ui-framework = swing variant ui-framework = android ui-framework = swing ui-framework = android

  44. component repository Modeling Platforms as Variants tree-swing lights-swing ornaments-swing train-swing

    tree-android lights-android ornaments-android train-android null8fuffzehn-shared null8fuffzehn-desktop null8fuffzehn-android tree lights ornaments train variant ui-framework = swing variant ui-framework = android ui-framework = swing ui-framework = android

  45. component repository Modeling Platforms as Variants tree-swing lights-swing ornaments-swing train-swing

    tree-android lights-android ornaments-android train-android null8fuffzehn-shared null8fuffzehn-desktop null8fuffzehn-android tree lights ornaments train variant ui-framework = swing variant ui-framework = android ui-framework = swing ui-framework = android

  46. Gradle_Android Gradle XMasTree by SantaSoft Open-source out-of-the-box Christmas trees for

    Java! From Christmas tree lovers for Christmas tree lovers! Maven // configure your tree dependencies { implementation(“com.santasoft.xmastree:lights”) } // choose your variant configurations.all { attributes { attribute(“ui-framework”, “android”) } } // inject it in your UI code com.santasoft.xmastree.Tree.compose(container) NOW ALSO FOR ANDROID! 2.0 W ITH FLASHY LIGHTS! NOW W ITH VARIANT SUPPORT! Gradle_Variants
  47. None
  48. None

  49. com.santasoft.xmastree:tree:2.0 github.com/gradle/gradle/blob/master/subprojects/docs/src/ docs/design/gradle-module-metadata-specification.md { "component": { "group": "com.santasoft.xmastree", "module": "tree",

    "version": "2.0", "attributes": { "org.gradle.status": "release" } }, "variants": [ { "name": "swing-api", "attributes": { "org.gradle.usage": "java-api", "ui-framework": "swing" }, "available-at": { "url": "../../tree-swing/2.0/tree-swing-2.0.module", "group": "com.santasoft.xmastree", "module": "tree-swing", "version": "2.0" } }, { "name": "android-api", "attributes": { "org.gradle.usage": "java-api", "ui-framework": "android" }, "available-at": { "url": "../../tree-swing/2.0/tree-android-2.0.module", "group": "com.santasoft.xmastree", "module": "tree-android", "version": "2.0" } } ] ... } component repository — tree-swing-2.0.module

  50. Chapter 1: Versioning of Software Components Chapter 2: Different Variants

    of Software Components Chapter 3: Dealing with the imperfect World

  51. NULL 8 FUFFZEHN // BANK

  52. What if the consumer has a different opinion than the

    producer?

  53. PRODUCER CONSUMER REPOSITORY push software component component metadata pull component

    metadata software component NULL 8 FUFFZEHN // BANK SantaSoft " ! What if the consumer has a different opinion than the producer?

  54. component repository tree lights ornaments train What if the consumer

    has a different opinion than the producer? null8fuffzehn-desktop

  55. component repository tree lights ornaments train What if the consumer

    has a different opinion than the producer? null8fuffzehn-desktop Component Metadata Rule

  56. What if the producer “forgot” an important variant?

  57. Gradle_Variants Gradle_Android Gradle XMasTree by SantaSoft Open-source out-of-the-box Christmas trees

    for Java! From Christmas tree lovers for Christmas tree lovers! Maven // configure your tree dependencies { implementation(“com.santasoft.xmastree:lights”) } // choose your variant configurations.all { attributes { attribute(“ui-framework”, “gif”) } } // inject it in your UI code com.santasoft.xmastree.Tree.compose(container) NOW ALSO FOR ANDROID! 2.0 W ITH FLASHY LIGHTS! NOW W ITH VARIANT SUPPORT! NOW ALSO AS FLASHY GIF VARIANT! GIF

  58. component repository tree-swing lights-swing ornaments-swing train-swing tree-gif lights-gif null8fuffzehn-shared null8fuffzehn-gif

    tree lights ornaments train variant ui-framework = swing variant ui-framework = gif ui-framework = gif What if the producer “forgot” an important variant?

  59. component repository tree-swing lights-swing ornaments-swing train-swing tree-gif lights-gif null8fuffzehn-shared null8fuffzehn-gif

    tree lights ornaments train variant ui-framework = swing variant ui-framework = gif ui-framework = gif X What if the producer “forgot” an important variant?

  60. What if the producer “forgot” an important variant?

  61. What if the producer “forgot” an important variant? Artifact Transform

  62. component repository tree-swing lights-swing ornaments-swing train-swing tree-gif lights-gif null8fuffzehn-shared null8fuffzehn-gif

    tree lights ornaments train variant ui-framework = swing variant ui-framework = gif ui-framework = gif What if the producer “forgot” an important variant? train-gif transformed into

  63. Chapter 1: Versioning of Software Components Chapter 2: Different Variants

    of Software Components Chapter 3: Dealing with the imperfect World …and in the real world?

  64. https://docs.google.com/document/d/ 1NYGbfz56C0Oh4IGymXjeQUVK4FcRiqDbpc4vGLnDMrY

  65. https://docs.google.com/document/d/ 1NYGbfz56C0Oh4IGymXjeQUVK4FcRiqDbpc4vGLnDMrY

  66. https://github.com/gradle/gradle/blob/master/buildSrc/subprojects/configuration/src/main/kotlin/ org/gradle/gradlebuild/dependencies/DependenciesMetadataRulesPlugin.kt

  67. https://github.com/gradle/gradle/blob/master/buildSrc/subprojects/packaging/src/main/kotlin/ org/gradle/gradlebuild/packaging/MinifyTransform.kt

  68. Gradle Summit 2017
 Dependencies, distributed code and engineering velocity
 -

    Mike McGarr, Netflix https://www.youtube.com/watch?v=k_mPS_1JpXM

  69. Dependency Management in Gradle 5 and beyond Jendrik Johannes, Gradle

  70. Dependency Constraints dependencies { implementation("org.apache.httpcomponents:httpclient") constraints { implementation("org.apache.httpcomponents:httpclient:4.5.3") { because("previous

    versions have a bug impacting this application") } implementation("commons-codec:commons-codec:1.11") { because("version 1.9 pulled from httpclient has bugs affecting this application") } } }

  71. BOM/Platform support dependencies { // import a BOM implementation(platform( “org.springframework.boot:spring-boot-dependencies:1.5.8.RELEASE"))

    // define dependencies without versions implementation("com.google.code.gson:gson") implementation("dom4j:dom4j") }

  72. dependencies { // get recommended versions from the platform project

    api(platform(project(":platform"))) // no version required api("commons-httpclient:commons-httpclient") } Java Platform Plugin consumer plugins { `java-platform` } dependencies { constraints { // Platform declares some versions of libraries used in subprojects api("commons-httpclient:commons-httpclient:3.1") api("org.apache.commons:commons-lang3:3.8.1") } } producer

  73. (New) Maven Publish Plugin publishing { publications { create<MavenPublication>("maven") {

    groupId = "org.gradle.sample" artifactId = "project1-sample" version = "1.1" from(components["java"]) } } } enableFeaturePreview("GRADLE_METADATA") settings.gradle.kts

  74. Dependency Locking configurations.compileClasspath { resolutionStrategy.activateDependencyLocking() }

  75. Repository to dependency matching repositories { maven { url "https://repo.mycompany.com"

    content { includeGroupByRegex "com\\.mycompany.*" } } }

  76. Christmas Tree by Jordan Irwin – https://opengameart.org/content/christmas-tree-0 Compose your own

    Christmas trees: https://github.com/jjohannes/xmas-tree-reuse