-
-
Notifications
You must be signed in to change notification settings - Fork 107
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Report hardcoded and dynamic dependencies versions #126
Comments
After some dogfooding, here's what I found out: Reporting hardcoded versions on the fly (when version placeholder replacement is performed) is not good, because it makes warnings recurrent, even though they might be irrelevant if you need to have a specific old version for a module in your project (e.g. an Android 4+ and plain JVM mixed project that would need to use two different OkHttp versions). Also, having tons of warnings is not a good user/developer experience either as it can feel overwhelming, especially for onboarding users that did not ask to find all the issues. So, I have a plan:
|
To help users migrate to versions defined in
versions.properties
from hardcoded versions in gradle scripts or buildSrc, we should, by default, report separately these, and hardcoded version ranges, allowing to disable these two reports separately.These reports would simply appear in
versions.properties
as comments, with commented version properties to use in the case of hardcoded versions. The report header would include instructions to replace hardcoded versions with the version placeholder.In the case of version ranges, there would be a warning as to why it's dangerous to use version ranges, and instructions too.
Further improvement could automatically find fully hardcoded versions in
build.gradle(.kts)
files and replace them with the version placeholder, and suggest using "Replace in Path" IDE feature (cmd/ctrl + shift + F) with file and string literal filter otherwise.A possibility is also to search and replace automatically in buildSrc files named like
dependencies
,libs
,libraries
orversions
, and and offer to replace it all by version placeholders andversions.properties
values.The text was updated successfully, but these errors were encountered: