gradle

Clone Tools
  • last updated a few seconds ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Replace LinkedLists with ArrayLists where possible

  1. … 71 more files in changeset.
Address compiler warnings in 'signing' subproject

    • -4
    • +6
    ./plugins/signing/SigningExtension.java
  1. … 1 more file in changeset.
Address compiler warnings in 'signing' subproject

    • -4
    • +6
    ./plugins/signing/SigningExtension.java
  1. … 1 more file in changeset.
Address compiler warnings in 'signing' subproject

    • -4
    • +6
    ./plugins/signing/SigningExtension.java
  1. … 1 more file in changeset.
Use plugins DSL in Javadoc code snippets

    • -2
    • +6
    ./plugins/signing/SigningExtension.java
  1. … 47 more files in changeset.
Use plugins DSL in Javadoc code snippets

    • -2
    • +6
    ./plugins/signing/SigningExtension.java
  1. … 47 more files in changeset.
Fixes for previous commit.

    • -5
    • +4
    ./plugins/signing/SigningExtension.java
  1. … 4 more files in changeset.
Fixes for previous commit.

    • -5
    • +4
    ./plugins/signing/SigningExtension.java
  1. … 4 more files in changeset.
Fixes for previous commit.

    • -5
    • +4
    ./plugins/signing/SigningExtension.java
  1. … 4 more files in changeset.
Replace several usages of direct `FileCollection` implementation instantiation with a factory method. Attempt to use the public API when the usage lives in a plugin.

    • -16
    • +7
    ./plugins/signing/SignOperation.java
  1. … 15 more files in changeset.
Replace several usages of direct `FileCollection` implementation instantiation with a factory method. Attempt to use the public API when the usage lives in a plugin.

    • -16
    • +7
    ./plugins/signing/SignOperation.java
  1. … 15 more files in changeset.
Replace several usages of direct `FileCollection` implementation instantiation with a factory method. Attempt to use the public API when the usage lives in a plugin.

    • -16
    • +7
    ./plugins/signing/SignOperation.java
    • -5
    • +4
    ./plugins/signing/SigningExtension.java
  1. … 18 more files in changeset.
Replace several usages of direct `FileCollection` implementation instantiation with a factory method. Attempt to use the public API when the usage lives in a plugin.

    • -16
    • +7
    ./plugins/signing/SignOperation.java
  1. … 15 more files in changeset.
Replace several usages of direct `FileCollection` implementation instantiation with a factory method. Attempt to use the public API when the usage lives in a plugin.

    • -16
    • +7
    ./plugins/signing/SignOperation.java
    • -5
    • +4
    ./plugins/signing/SigningExtension.java
  1. … 18 more files in changeset.
Replace several usages of direct `FileCollection` implementation instantiation with a factory method. Attempt to use the public API when the usage lives in a plugin.

    • -16
    • +7
    ./plugins/signing/SignOperation.java
  1. … 15 more files in changeset.
Remove limitation on snapshot signing

Now that there is no more attempt to tweak the content of the Gradle

Module Metadata file, there is no reason to prevent signing of Maven

snapshots.

Fixes #12070

    • -34
    • +0
    ./plugins/signing/InvalidSignature.java
  1. … 1 more file in changeset.
Fix Gradle Module Metadata referencing stale files

If a file is not published, then it shouldn't appear in GMM.

    • -1
    • +1
    ./plugins/signing/SigningExtension.java
  1. … 3 more files in changeset.
Fix Gradle Module Metadata referencing stale files

If a file is not published, then it shouldn't appear in GMM.

    • -1
    • +1
    ./plugins/signing/SigningExtension.java
  1. … 3 more files in changeset.
Do not publish stale signature files

This commit fixes the publication of stale signature files:

prior to this change it was possible that a signature generated

in a previous build for a different artifact was uploaded even

if no signature was generated during the build, which would

lead to inconsistent publications.

In addition, it makes it an error to publish something which

doesn't have the main artifact created (or, at least up-to-date)

in this build. In other words, if the task which generates the

main artifact is disabled, it's an error to publish.

Other stale artifacts are going to be ignored.

Fixes #5136

    • -7
    • +23
    ./plugins/signing/SigningExtension.java
  1. … 36 more files in changeset.
Do not publish stale signature files

This commit fixes the publication of stale signature files:

prior to this change it was possible that a signature generated

in a previous build for a different artifact was uploaded even

if no signature was generated during the build, which would

lead to inconsistent publications.

In addition, it makes it an error to publish something which

doesn't have the main artifact created (or, at least up-to-date)

in this build. In other words, if the task which generates the

main artifact is disabled, it's an error to publish.

Other stale artifacts are going to be ignored.

Fixes #5136

    • -7
    • +23
    ./plugins/signing/SigningExtension.java
  1. … 37 more files in changeset.
Do not publish stale signature files

This commit fixes the publication of stale signature files:

prior to this change it was possible that a signature generated

in a previous build for a different artifact was uploaded even

if no signature was generated during the build, which would

lead to inconsistent publications.

In addition, it makes it an error to publish something which

doesn't have the main artifact created (or, at least up-to-date)

in this build. In other words, if the task which generates the

main artifact is disabled, it's an error to publish.

Other stale artifacts are going to be ignored.

Fixes #5136

    • -7
    • +23
    ./plugins/signing/SigningExtension.java
  1. … 37 more files in changeset.
Split the `signing` module

This commit splits the `signing` module into another `security`

project so that we can reuse some code for dependency verification.

It's worth noting that some of the classes had to remain in the `plugins`

package because they were public APIs.

Further effort to split them out may be done later.

    • -61
    • +0
    ./plugins/signing/signatory/Signatory.java
    • -27
    • +0
    ./plugins/signing/type/BinarySignatureType.java
  1. … 58 more files in changeset.
Split the `signing` module

This commit splits the `signing` module into another `security`

project so that we can reuse some code for dependency verification.

It's worth noting that some of the classes had to remain in the `plugins`

package because they were public APIs.

Further effort to split them out may be done later.

    • -61
    • +0
    ./plugins/signing/signatory/Signatory.java
    • -27
    • +0
    ./plugins/signing/type/BinarySignatureType.java
  1. … 58 more files in changeset.
Lazy illegal signing of snapshot module

Prior to this change, configuring signing in the build would always fail.

It now fails only if signing effectively happens.

    • -0
    • +34
    ./plugins/signing/InvalidSignature.java
  1. … 1 more file in changeset.
Lazy illegal signing of snapshot module

Prior to this change, configuring signing in the build would always fail.

It now fails only if signing effectively happens.

    • -0
    • +34
    ./plugins/signing/InvalidSignature.java
  1. … 1 more file in changeset.
Make it impossible to sign GMM file if snapshot

This commit, hopefully temporarily, makes it impossible to sign

a Gradle Module Metadata file if the version is a snapshot.

The reason is that the signature which would be produced would

be for the raw, unmodified module file. However, the final

file would be modified in case of a snapshot to include the

timestamp version instead of the `-SNAPSHOT` version for artifacts,

which means that the signature wouldn't match anymore.

To avoid this, we simply disallow signing in this case.

  1. … 1 more file in changeset.
Make it impossible to sign GMM file if snapshot

This commit, hopefully temporarily, makes it impossible to sign

a Gradle Module Metadata file if the version is a snapshot.

The reason is that the signature which would be produced would

be for the raw, unmodified module file. However, the final

file would be modified in case of a snapshot to include the

timestamp version instead of the `-SNAPSHOT` version for artifacts,

which means that the signature wouldn't match anymore.

To avoid this, we simply disallow signing in this case.

  1. … 1 more file in changeset.
Make it impossible to sign GMM file if snapshot

This commit, hopefully temporarily, makes it impossible to sign

a Gradle Module Metadata file if the version is a snapshot.

The reason is that the signature which would be produced would

be for the raw, unmodified module file. However, the final

file would be modified in case of a snapshot to include the

timestamp version instead of the `-SNAPSHOT` version for artifacts,

which means that the signature wouldn't match anymore.

To avoid this, we simply disallow signing in this case.

  1. … 1 more file in changeset.
Remove deprecated APIs

Remove use of deprecated API

Remove use of deprecated APIs in PluginBuilder

Replace use of archiveName with archiveFileName

Avoid more deprecated APIs

  1. … 64 more files in changeset.