build.gradle.kts 6.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157
  1. import com.github.benmanes.gradle.versions.updates.DependencyUpdatesTask
  2. plugins {
  3. `java-platform`
  4. id("com.github.ben-manes.versions")
  5. }
  6. data class DependencySet(val group: String, val version: String, val modules: List<String>)
  7. val dependencyVersions = hashMapOf<String, String>()
  8. rootProject.extra["versions"] = dependencyVersions
  9. // this line is managed by .github/scripts/update-sdk-version.sh
  10. val otelSdkVersion = "1.25.0"
  11. val otelSdkAlphaVersion = otelSdkVersion.replaceFirst("(-SNAPSHOT)?$".toRegex(), "-alpha$1")
  12. // Need both BOM and groovy jars
  13. val groovyVersion = "4.0.11"
  14. // We don't force libraries we instrument to new versions since we compile and test against specific
  15. // old baseline versions but we do try to force those libraries' transitive dependencies to new
  16. // versions where possible so that we don't end up with explosion of dependency versions in
  17. // Intellij, which causes Intellij to spend lots of time indexing all of those different dependency
  18. // versions, and makes debugging painful because Intellij has no idea which dependency version's
  19. // source to use when stepping through code.
  20. //
  21. // Sometimes libraries we instrument do require a specific version of a transitive dependency and
  22. // that can be applied in the specific instrumentation gradle file, e.g.
  23. // configurations.testRuntimeClasspath.resolutionStrategy.force "com.google.guava:guava:19.0"
  24. val DEPENDENCY_BOMS = listOf(
  25. "com.fasterxml.jackson:jackson-bom:2.15.0",
  26. "com.google.guava:guava-bom:31.1-jre",
  27. "org.apache.groovy:groovy-bom:${groovyVersion}",
  28. "io.opentelemetry:opentelemetry-bom:${otelSdkVersion}",
  29. "io.opentelemetry:opentelemetry-bom-alpha:${otelSdkAlphaVersion}",
  30. "org.junit:junit-bom:5.9.3",
  31. "org.testcontainers:testcontainers-bom:1.18.0",
  32. "org.spockframework:spock-bom:2.4-M1-groovy-4.0"
  33. )
  34. val autoServiceVersion = "1.0.1"
  35. val autoValueVersion = "1.10.1"
  36. val errorProneVersion = "2.18.0"
  37. val byteBuddyVersion = "1.14.4"
  38. val asmVersion = "9.5"
  39. val jmhVersion = "1.36"
  40. val mockitoVersion = "4.11.0"
  41. val slf4jVersion = "2.0.7"
  42. val CORE_DEPENDENCIES = listOf(
  43. "com.google.auto.service:auto-service:${autoServiceVersion}",
  44. "com.google.auto.service:auto-service-annotations:${autoServiceVersion}",
  45. "com.google.auto.value:auto-value:${autoValueVersion}",
  46. "com.google.auto.value:auto-value-annotations:${autoValueVersion}",
  47. "com.google.errorprone:error_prone_annotations:${errorProneVersion}",
  48. "com.google.errorprone:error_prone_core:${errorProneVersion}",
  49. "com.google.errorprone:error_prone_test_helpers:${errorProneVersion}",
  50. // When updating, also update conventions/build.gradle.kts
  51. "net.bytebuddy:byte-buddy:${byteBuddyVersion}",
  52. "net.bytebuddy:byte-buddy-dep:${byteBuddyVersion}",
  53. "net.bytebuddy:byte-buddy-agent:${byteBuddyVersion}",
  54. "net.bytebuddy:byte-buddy-gradle-plugin:${byteBuddyVersion}",
  55. "org.ow2.asm:asm:${asmVersion}",
  56. "org.ow2.asm:asm-tree:${asmVersion}",
  57. "org.openjdk.jmh:jmh-core:${jmhVersion}",
  58. "org.openjdk.jmh:jmh-generator-bytecode:${jmhVersion}",
  59. "org.mockito:mockito-core:${mockitoVersion}",
  60. "org.mockito:mockito-junit-jupiter:${mockitoVersion}",
  61. "org.mockito:mockito-inline:${mockitoVersion}",
  62. "org.slf4j:slf4j-api:${slf4jVersion}",
  63. "org.slf4j:slf4j-simple:${slf4jVersion}",
  64. "org.slf4j:log4j-over-slf4j:${slf4jVersion}",
  65. "org.slf4j:jcl-over-slf4j:${slf4jVersion}",
  66. "org.slf4j:jul-to-slf4j:${slf4jVersion}"
  67. )
  68. // See the comment above about why we keep this rather large list.
  69. // There are dependencies included here that appear to have no usages, but are maintained at
  70. // this top level to help consistently satisfy large numbers of transitive dependencies.
  71. val DEPENDENCIES = listOf(
  72. "ch.qos.logback:logback-classic:1.3.7", // 1.4+ requires Java 11+
  73. "com.github.stefanbirkner:system-lambda:1.2.1",
  74. "com.github.stefanbirkner:system-rules:1.19.0",
  75. "uk.org.webcompere:system-stubs-jupiter:2.0.2",
  76. "com.uber.nullaway:nullaway:0.10.10",
  77. "commons-beanutils:commons-beanutils:1.9.4",
  78. "commons-cli:commons-cli:1.5.0",
  79. "commons-codec:commons-codec:1.15",
  80. "commons-collections:commons-collections:3.2.2",
  81. "commons-digester:commons-digester:2.1",
  82. "commons-fileupload:commons-fileupload:1.5",
  83. "commons-io:commons-io:2.11.0",
  84. "commons-lang:commons-lang:2.6",
  85. "commons-logging:commons-logging:1.2",
  86. "commons-validator:commons-validator:1.7",
  87. "io.netty:netty:3.10.6.Final",
  88. "io.opentelemetry.contrib:opentelemetry-aws-xray-propagator:1.25.1-alpha",
  89. "io.opentelemetry.proto:opentelemetry-proto:0.19.0-alpha",
  90. "org.assertj:assertj-core:3.24.2",
  91. "org.awaitility:awaitility:4.2.0",
  92. "com.google.code.findbugs:annotations:3.0.1u2",
  93. "com.google.code.findbugs:jsr305:3.0.2",
  94. "org.apache.groovy:groovy:${groovyVersion}",
  95. "org.apache.groovy:groovy-json:${groovyVersion}",
  96. "org.codehaus.mojo:animal-sniffer-annotations:1.23",
  97. "org.junit-pioneer:junit-pioneer:1.9.1",
  98. "org.objenesis:objenesis:3.3",
  99. // Note that this is only referenced as "org.springframework.boot" in build files, not the artifact name.
  100. "org.springframework.boot:spring-boot-dependencies:2.7.5",
  101. "javax.validation:validation-api:2.0.1.Final",
  102. "org.snakeyaml:snakeyaml-engine:2.6"
  103. )
  104. javaPlatform {
  105. allowDependencies()
  106. }
  107. dependencies {
  108. for (bom in DEPENDENCY_BOMS) {
  109. api(enforcedPlatform(bom))
  110. val split = bom.split(':')
  111. dependencyVersions[split[0]] = split[2]
  112. }
  113. constraints {
  114. for (dependency in CORE_DEPENDENCIES) {
  115. api(dependency)
  116. val split = dependency.split(':')
  117. dependencyVersions[split[0]] = split[2]
  118. }
  119. for (dependency in DEPENDENCIES) {
  120. api(dependency)
  121. val split = dependency.split(':')
  122. dependencyVersions[split[0]] = split[2]
  123. }
  124. }
  125. }
  126. fun isNonStable(version: String): Boolean {
  127. val stableKeyword = listOf("RELEASE", "FINAL", "GA").any { version.toUpperCase().contains(it) }
  128. val regex = "^[0-9,.v-]+(-r)?$".toRegex()
  129. val isGuava = version.endsWith("-jre")
  130. val isStable = stableKeyword || regex.matches(version) || isGuava
  131. return isStable.not()
  132. }
  133. tasks {
  134. named<DependencyUpdatesTask>("dependencyUpdates") {
  135. revision = "release"
  136. checkConstraints = true
  137. rejectVersionIf {
  138. isNonStable(candidate.version)
  139. }
  140. }
  141. }