{"id":17993501,"url":"https://github.com/stempler/gradle-versioneye-plugin","last_synced_at":"2025-03-26T01:32:14.492Z","repository":{"id":16161893,"uuid":"18907998","full_name":"stempler/gradle-versioneye-plugin","owner":"stempler","description":"Plugin for Gradle to update your project's dependencies status on www.versioneye.com","archived":false,"fork":false,"pushed_at":"2018-10-22T10:10:31.000Z","size":241,"stargazers_count":31,"open_issues_count":3,"forks_count":5,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-03-21T01:34:02.750Z","etag":null,"topics":["gradle","gradle-plugin","versioneye"],"latest_commit_sha":null,"homepage":"","language":"Groovy","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/stempler.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGES.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2014-04-18T08:50:03.000Z","updated_at":"2021-02-22T16:17:24.000Z","dependencies_parsed_at":"2022-09-08T11:34:10.558Z","dependency_job_id":null,"html_url":"https://github.com/stempler/gradle-versioneye-plugin","commit_stats":null,"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stempler%2Fgradle-versioneye-plugin","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stempler%2Fgradle-versioneye-plugin/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stempler%2Fgradle-versioneye-plugin/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stempler%2Fgradle-versioneye-plugin/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/stempler","download_url":"https://codeload.github.com/stempler/gradle-versioneye-plugin/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245572007,"owners_count":20637431,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["gradle","gradle-plugin","versioneye"],"created_at":"2024-10-29T20:11:43.293Z","updated_at":"2025-03-26T01:32:14.181Z","avatar_url":"https://github.com/stempler.png","language":"Groovy","funding_links":[],"categories":[],"sub_categories":[],"readme":"gradle-versioneye-plugin\n========================\n\nPlugin for [Gradle](http://www.gradle.org/) to update your project dependencies status on [VersionEye](https://www.versioneye.com) based on the resolved dependency configurations of your Gradle project.\n\nIt works quite similar to the [VersionEye plugin for Maven](https://github.com/versioneye/versioneye_maven_plugin).\n\n[![Dependency Status](https://www.versioneye.com/java/org.standardout:gradle-versioneye-plugin/badge.svg)](https://www.versioneye.com/java/org.standardout:gradle-versioneye-plugin)\n\nMinimum Requirement\n-----\n\nThe VersionEye servers are using [LetsEncrypt](https://letsencrypt.org/) for SSL certificates. Old Java versions don't support that certificate. The minimum required version is 8u101. More details on [StackOverflow](https://stackoverflow.com/questions/34110426/does-java-support-lets-encrypt-certificates/34111150#34111150).\n\nUsage\n-----\n\nThe simplest way to apply the plugin to your Gradle build is to use the **Gradle 2.1** plugin mechanism:\n\n```groovy\nplugins {\n    id \"org.standardout.versioneye\" version \"1.5.0\"\n}\n```\n\nFor **Gradle 1.x and 2.0** add the artifact to your buildscript classpath via jCenter or Maven Central:\n\n```groovy\nbuildscript {\n\trepositories {\n\t\tjcenter()\n\t}\n\tdependencies {\n\t\tclasspath 'org.standardout:gradle-versioneye-plugin:1.5.0'\n\t}\n}\n\napply plugin: 'org.standardout.versioneye'\n```\n\n### API key\n\nYou need to provide your [VersionEye](https://www.versioneye.com) API key for the plugin to be able to communicate with the VersionEye API. You do this through a Gradle property, e.g. by specifying it in the **gradle.properties** file in **~/.gradle/** or the project directory, or via the command line. However, it is strongly recommended not to place it somewhere where it is publicly accessible (e.g. in a public GitHub repository).\n\n```\nversioneye.api_key=1234567890abcdef\n```\n\nIf logged in to VersionEye, you can get or generate your API key [here](https://www.versioneye.com/settings/api).\n\n\n#### Environment variable\n\nStarting from version 1.3, if no Gradle property for the API key is defined, the plugin will fall back to the value found in the `VERSIONEYE_API_KEY` environment variable.\n\n\n### Gradle tasks\n\nThe **versioneye** plugin comes with two main Gradle tasks that are relevant for you:\n\n* ***versioneye-create*** - Creates a project on [VersionEye](https://www.versioneye.com) and write the project ID to your project's **gradle.properties** (so they can be used with ***versioneye-update***)\n* ***versioneye-update*** - Updates the dependencies for the project on [VersionEye](https://www.versioneye.com) that is identified by the project ID and your API key\n\nAlternatively you can use the CamelCase versions of these tasks, ***versionEyeCreate*** and ***versionEyeUpdate*** which can be abbreviated on the command line (see [the Gradle documentation](http://www.gradle.org/docs/current/userguide/tutorial_gradle_command_line.html)), e.g. `gradle vEU` or `gradle vEyeU` for executing ***versionEyeUpdate***.\n\nExample call creating a VersionEye project - in this case the API key is provided via the command line:\n\n```\ngradle -Pversioneye.api_key=1234567890abcdef -info versioneye-create\n```\n\n#### Additional checks\n\nBased on the information retrieved from VersionEye you can do a number of additional checks with the following tasks:\n\n* ***versionEyeLicenseCheck*** (since 1.3) - Check if there are any violations of your license white list\n* ***versionEyeSecurityCheck*** (since 1.3) - Check if there are any dependencies with known security vulnerabilities\n* ***versionEyeSecurityAndLicenseCheck*** (since 1.3) - Check both security vulnerabilities and license violations\n\nExecuting any of these tasks will update the project on VersionEye.\n\n\n### Project configuration\n\n#### VersionEye project\n\nOnce you create a VersionEye project with ***versioneye-create***, it will add the `versioneye.projectid` property to the **gradle.properties** file in your project directory. But you can also provide these settings manually in any way Gradle supports specifying properties (e.g. if you already have an existing VersionEye project).\n\n\n#### Organisation and Team\n\nWhen creating a project you can directly associate it with a specific organisation and team.\nAll you need to do is provide the corresponding Gradle properties for ***versioneye-create***:\n\n* ***versioneye.organisation*** - the organisation namespace\n* ***versioneye.team*** - the team name\n\nThese properties can be defined via **gradle.properties** file or via the command line, for example:\n\n```\ngradle -Pversioneye.api_key=1234567890abcdef -Pversioneye.organisation=myorg -Pversioneye.team=myteam versioneye-create\n```\n\n\n#### Which dependencies?\n\nThere are two main modes, you can use only the **declared** dependencies or additionally the **transitive** dependencies:\n\n* **declared** - only first level dependencies are included (default)\n* **transitive** - the declared and all transitive dependencies\n\nConfiguration example:\n```groovy\nversioneye {\n  dependencies = transitive\n}\n```\n\nTo further customize which dependencies are analyzed, you can exclude specific configurations, for example to exclude the dependencies that are only needed for tests with the Gradle Java plugin:\n```groovy\nversioneye {\n  exclude 'testCompile', 'testRuntime'\n}\n```\n\nPlease note that if you exclude a configuration that is extended by another configuration that you did not exclude, this will have no effect (e.g. if you exclude *runtime* but don't exclude *testRuntime*).\n\n**Tip:** If there are dependencies showing up you have no idea where they are coming from, use `gradle dependencies` to get an overview of all configurations and the dependencies contained in them. Use it to identifiy the configurations that you don't want to include.\n\nSince version 1.3, the plugins that you use for your build script are also included in the dependencies reported to VersionEye. If you don't want that, you can disable this feature in the configuration:\n\n```groovy\nversioneye {\n  includePlugins = false\n}\n```\n\n\n##### Multi-project builds (since 1.4)\n\nIf you have a multi-build project that you want to handle as one single VersionEye project, you should apply the plugin only to the root project and configure the plugin to include dependencies from sub-projects as well:\n\n```groovy\nversioneye {\n  includeSubProjects = true\n}\n```\n\n\n#### Unknown licenses\n\nIf you want the license check to fail when dependencies with unknown license are encountered, you need to enable it in the configuration like this:\n\n```groovy\nversioneye {\n  licenseCheckBreakByUnknown = true\n}\n```\n\n\n#### VersionEye Enterprise\n\nIf you want to connect to a VersionEye Enterprise installation instead of *versioneye.com*, you can adapt the base URL used to access the API:\n\n```groovy\nversioneye {\n  baseUrl = 'https://www.versioneye.com' // this is the default\n}\n```\n\n\n#### Dependency scopes\n\nThe dependency scope in VersionEye is used to organize dependencies in different groups, for instance compile time dependencies or test dependencies.\n\nYour project dependencies in Gradle are organised in dependency configurations, for instance in most projects there is a `compile` configuration. The dependency scope is determined based on the information in which configurations it is present.\nThe default strategy tries to identify the primary configuration of a dependency and use that as a scope.\nThis works best for standard project setups, so if you feel that you can provide a more optimal grouping, you can provide your own implementation.\n\nThe `DEFAULT` strategy is configured if you do not override the setting. Another provided strategy is the `CONFIGURATIONS` strategy.\nIt uses the configuration associations as is. You can enable it like this:\n\n```groovy\nversioneye {\n  determineScopeStrategy = CONFIGURATIONS\n}\n```\n\nYou can provide your own implementation by providing a closure that calculates an Iterable of scope names from the Set of configuration names.\nBuild script dependencies here have the configuration name `'plugin'` associated.\n\n```groovy\nversioneye {\n  determineScopeStrategy = { Set\u003cString\u003e configs -\u003e\n    def scopes = []\n\n    //TODO determine scopes based on the configuration names\n\n    scopes\n  }\n}\n```\n\n\n### Using the current SNAPSHOT\n\nIf you want to test the latest version with changes that have not been released yet, you can configure your project to use the latest SNAPSHOT:\n\n```groovy\nbuildscript {\n  repositories {\n    maven {\n      url 'http://oss.sonatype.org/content/repositories/snapshots/'\n    }\n    jcenter()\n  }\n  dependencies {\n    classpath 'org.standardout:gradle-versioneye-plugin:1.6.0-SNAPSHOT'\n  }\n}\n\napply plugin: 'org.standardout.versioneye'\n```\n\n\nLicense\n-----\n\n[The MIT License (MIT)](http://opensource.org/licenses/MIT)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstempler%2Fgradle-versioneye-plugin","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstempler%2Fgradle-versioneye-plugin","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstempler%2Fgradle-versioneye-plugin/lists"}