Clone Tools
  • last updated a few seconds ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Tests showing the issue with legacy artifact selection

Issue #11825

    • -0
    • +120
    ./resolve/compatibility/ArtifactAndClassifierCompatibilityIntegrationTest.groovy
Tests showing the issue with legacy artifact selection

Issue #11825

    • -0
    • +120
    ./resolve/compatibility/ArtifactAndClassifierCompatibilityIntegrationTest.groovy
Add test (not yet reproducing the issue)

    • -0
    • +37
    ./resolve/VersionConflictResolutionIntegrationTest.groovy
Add test (not yet reproducing the issue)

    • -0
    • +37
    ./resolve/VersionConflictResolutionIntegrationTest.groovy
Add test to reproduce exception on reselection

    • -0
    • +34
    ./resolve/VersionConflictResolutionIntegrationTest.groovy
Fix circular dependencies when project have the same name

Before this commit, during dependency resolution, a synthetic

module version identifier was generated by project, using the

group and name of the project. However, it's possible for a

project in gradle to have the same name as another in the

same build, leading to duplicates. In this case the projects

were mixed together and lead to a circular dependency.

This commit fixes the problem by making sure we generate

distinct module version identifiers for such projects, by

using the full project path as the name instead of the short

name.

This also makes it possible to publish valid publications

when using the maven or ivy publish plugins. However, we detect

this problem early and warn the user that they should overwrite

the project identity in this case.

    • -0
    • +45
    ./resolve/ProjectDependencyResolveIntegrationTest.groovy
  1. … 14 more files in changeset.
Fix circular dependencies when project have the same name

Before this commit, during dependency resolution, a synthetic

module version identifier was generated by project, using the

group and name of the project. However, it's possible for a

project in gradle to have the same name as another in the

same build, leading to duplicates. In this case the projects

were mixed together and lead to a circular dependency.

This commit fixes the problem by making sure we generate

distinct module version identifiers for such projects, by

using the full project path as the name instead of the short

name.

This also makes it possible to publish valid publications

when using the maven or ivy publish plugins. However, we detect

this problem early and warn the user that they should overwrite

the project identity in this case.

    • -0
    • +45
    ./resolve/ProjectDependencyResolveIntegrationTest.groovy
  1. … 14 more files in changeset.
Fix circular dependencies when project have the same name

Before this commit, during dependency resolution, a synthetic

module version identifier was generated by project, using the

group and name of the project. However, it's possible for a

project in gradle to have the same name as another in the

same build, leading to duplicates. In this case the projects

were mixed together and lead to a circular dependency.

This commit fixes the problem by making sure we generate

distinct module version identifiers for such projects, by

using the full project path as the name instead of the short

name.

This also makes it possible to publish valid publications

when using the maven or ivy publish plugins. However, we detect

this problem early and warn the user that they should overwrite

the project identity in this case.

    • -0
    • +45
    ./resolve/ProjectDependencyResolveIntegrationTest.groovy
  1. … 14 more files in changeset.
Make some error messages clearer

    • -0
    • +5
    ./resolve/verification/AbstractDependencyVerificationIntegTest.groovy
    • -7
    • +3
    ./resolve/verification/DependencyVerificationIntegrityCheckIntegTest.groovy
    • -7
    • +7
    ./resolve/verification/DependencyVerificationSignatureCheckIntegTest.groovy
  1. … 2 more files in changeset.
Make some error messages clearer

    • -0
    • +5
    ./resolve/verification/AbstractDependencyVerificationIntegTest.groovy
    • -7
    • +3
    ./resolve/verification/DependencyVerificationIntegrityCheckIntegTest.groovy
    • -7
    • +7
    ./resolve/verification/DependencyVerificationSignatureCheckIntegTest.groovy
  1. … 2 more files in changeset.
Break erroneous cycle if a component depending on itself is evicted (#11811)

    • -0
    • +34
    ./resolve/VersionConflictResolutionIntegrationTest.groovy
  1. … 1 more file in changeset.
Break erroneous cycle if a component depending on itself is evicted

    • -0
    • +34
    ./resolve/VersionConflictResolutionIntegrationTest.groovy
  1. … 1 more file in changeset.
Update module resolve state before accessing it recursively

    • -0
    • +34
    ./resolve/VersionConflictResolutionIntegrationTest.groovy
  1. … 1 more file in changeset.
Make sure module resolve state is correct when accessed recursively

    • -0
    • +32
    ./resolve/VersionConflictResolutionIntegrationTest.groovy
  1. … 1 more file in changeset.
good state

    • -0
    • +32
    ./resolve/VersionConflictResolutionIntegrationTest.groovy
Add test that reproduces #11844

    • -0
    • +35
    ./resolve/VersionConflictResolutionIntegrationTest.groovy
Add test case for serialization issue with recursion

    • -0
    • +33
    ./resolve/VersionConflictResolutionIntegrationTest.groovy
Fix verification of dependencies resolved in buildFinished

Previously it was possible that a user hook (buildFinished)

was executed _after_ the verification code was done. With

this commit this is no longer possible.

    • -0
    • +36
    ./resolve/verification/DependencyVerificationSignatureCheckIntegTest.groovy
    • -2
    • +47
    ./resolve/verification/DependencyVerificationSignatureWriteIntegTest.groovy
    • -3
    • +3
    ./resolve/verification/DependencyVerificationWritingIntegTest.groovy
  1. … 8 more files in changeset.
Fix verification of dependencies resolved in buildFinished

Previously it was possible that a user hook (buildFinished)

was executed _after_ the verification code was done. With

this commit this is no longer possible.

    • -0
    • +36
    ./resolve/verification/DependencyVerificationSignatureCheckIntegTest.groovy
    • -2
    • +47
    ./resolve/verification/DependencyVerificationSignatureWriteIntegTest.groovy
    • -3
    • +3
    ./resolve/verification/DependencyVerificationWritingIntegTest.groovy
  1. … 5 more files in changeset.
Fix verification of dependencies resolved in buildFinished

Previously it was possible that a user hook (buildFinished)

was executed _after_ the verification code was done. With

this commit this is no longer possible.

    • -0
    • +36
    ./resolve/verification/DependencyVerificationSignatureCheckIntegTest.groovy
    • -2
    • +47
    ./resolve/verification/DependencyVerificationSignatureWriteIntegTest.groovy
    • -3
    • +3
    ./resolve/verification/DependencyVerificationWritingIntegTest.groovy
  1. … 8 more files in changeset.
Rework error message in case verification loading fails

As #11775 shows that dependency verification initialization

may fail for a different reason than not being able to parse

the file, the exception is more generic and the cause will

give the details.

    • -2
    • +3
    ./resolve/verification/DependencyVerificationIntegrityCheckIntegTest.groovy
  1. … 2 more files in changeset.
Rework error message in case verification loading fails

As #11775 shows that dependency verification initialization

may fail for a different reason than not being able to parse

the file, the exception is more generic and the cause will

give the details.

    • -2
    • +3
    ./resolve/verification/DependencyVerificationIntegrityCheckIntegTest.groovy
  1. … 2 more files in changeset.
Add support for key fingerprints

In order to provide maximum security, it's now possible to use full key

fingerprints, in addition to long (64-bit) key ids, in trusted or ignored

keys.

It doesn't matter what format is used: if a trusted key uses a long id,

then it's possible that if there's a key collision, an artifact would be

trusted even if it shouldn't. If a fingerprint is used instead, then we

would use the full fingerprint for verification.

It's worth nothing that PGP doesn't provide the full fingerprint in signatures

for the key issuer. This means that when we're going to download keys, we

will still use the long ids.

Fixes #11770

    • -2
    • +3
    ./resolve/verification/AbstractSignatureVerificationIntegrationTest.groovy
    • -23
    • +131
    ./resolve/verification/DependencyVerificationSignatureCheckIntegTest.groovy
    • -6
    • +5
    ./resolve/verification/DependencyVerificationSignatureWriteIntegTest.groovy
  1. … 17 more files in changeset.
Add support for key fingerprints

In order to provide maximum security, it's now possible to use full key

fingerprints, in addition to long (64-bit) key ids, in trusted or ignored

keys.

It doesn't matter what format is used: if a trusted key uses a long id,

then it's possible that if there's a key collision, an artifact would be

trusted even if it shouldn't. If a fingerprint is used instead, then we

would use the full fingerprint for verification.

It's worth nothing that PGP doesn't provide the full fingerprint in signatures

for the key issuer. This means that when we're going to download keys, we

will still use the long ids.

Fixes #11770

    • -2
    • +3
    ./resolve/verification/AbstractSignatureVerificationIntegrationTest.groovy
    • -23
    • +131
    ./resolve/verification/DependencyVerificationSignatureCheckIntegTest.groovy
    • -6
    • +5
    ./resolve/verification/DependencyVerificationSignatureWriteIntegTest.groovy
  1. … 17 more files in changeset.
Fix for previous commit.

    • -10
    • +8
    ./resolve/transform/ArtifactTransformParallelIntegrationTest.groovy
    • -21
    • +16
    ./resolve/transform/TransformationLoggingIntegrationTest.groovy
Fix for previous commit.

    • -10
    • +8
    ./resolve/transform/ArtifactTransformParallelIntegrationTest.groovy
    • -21
    • +16
    ./resolve/transform/TransformationLoggingIntegrationTest.groovy
Serialize the artifact metadata for an `ArtifactCollection` instance to the instant execution cache.

    • -10
    • +8
    ./resolve/transform/ArtifactTransformParallelIntegrationTest.groovy
    • -21
    • +16
    ./resolve/transform/TransformationLoggingIntegrationTest.groovy
  1. … 9 more files in changeset.
Serialize the artifact metadata for an `ArtifactCollection` instance to the instant execution cache.

    • -10
    • +8
    ./resolve/transform/ArtifactTransformParallelIntegrationTest.groovy
    • -21
    • +16
    ./resolve/transform/TransformationLoggingIntegrationTest.groovy
  1. … 9 more files in changeset.
Fix for previous commit.

    • -13
    • +12
    ./resolve/api/ArtifactCollectionIntegrationTest.groovy
    • -68
    • +63
    ./resolve/transform/ArtifactTransformCachingIntegrationTest.groovy
Fix for previous commit.

    • -13
    • +12
    ./resolve/api/ArtifactCollectionIntegrationTest.groovy
    • -68
    • +63
    ./resolve/transform/ArtifactTransformCachingIntegrationTest.groovy