Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/autonomousapps/dependency-analysis-gradle-plugin

Gradle plugin for JVM projects written in Java, Kotlin, Groovy, or Scala; and Android projects written in Java or Kotlin. Provides advice for managing dependencies and other applied plugins
https://github.com/autonomousapps/dependency-analysis-gradle-plugin

android gradle-plugin groovy java jvm kotlin scala

Last synced: 2 days ago
JSON representation

Gradle plugin for JVM projects written in Java, Kotlin, Groovy, or Scala; and Android projects written in Java or Kotlin. Provides advice for managing dependencies and other applied plugins

Awesome Lists containing this project

README 

        
image::https://img.shields.io/maven-metadata/v.svg?label=release&metadataUrl=https%3A%2F%2Frepo1.maven.org%2Fmaven2%2Fcom%2Fautonomousapps%2Fdependency-analysis%2Fcom.autonomousapps.dependency-analysis.gradle.plugin%2Fmaven-metadata.xml[Latest version,link="https://mvnrepository.com/artifact/com.autonomousapps.dependency-analysis/com.autonomousapps.dependency-analysis.gradle.plugin"]

image::https://img.shields.io/nexus/s/com.autonomousapps/dependency-analysis-gradle-plugin?label=snapshot&server=https%3A%2F%2Foss.sonatype.org[Latest snapshot,link="https://oss.sonatype.org/#nexus-search;gav~com.autonomousapps.dependency-analysis~com.autonomousapps.dependency-analysis.gradle.plugin~~~~kw,versionexpand"]

image::https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin/workflows/Main/badge.svg[Build status,link="https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin/actions/workflows/push.yml?query=branch%3Amain"]



== Detect unused and misused dependencies

The Dependency Analysis Gradle Plugin (DAGP, née Dependency Analysis Android Gradle Plugin) detects the following:



1. Unused dependencies.

2. Used transitive dependencies (which you may want to declare directly).

3. Dependencies declared on the wrong configuration (`api` vs `implementation` vs `compileOnly`, etc.).



As a side effect, the plugin can also tell you your project's ABI, and produces graphviz files representing various

views of your dependency graph, among other things. These side effects are currently mostly undocumented internal

behaviors, but they may be interesting for some advanced users.



== Build health



In addition to the dependency-related advice (see above), DAGP provides other advice to help maintain your "build health." This includes the detection of:



1. Unnecessary plugins (currently only `kapt`).

2. Subprojects ("modules") that unnecessarily use the Android plugin, and could instead be "normal" JVM libraries.



== Compatibilities



Please see the https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin/wiki/Compatibilities-&-Limitations[wiki] for information on the versions of Gradle, the Android Gradle Plugin, etc., that this plugin is compatible with.



== Add to your project and use

For detailed instructions, see

https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin/wiki/Adding-to-your-project[the wiki].



The simplest approach is to add the following:



.root settings.gradle[.kts]

[source,groovy]

----

plugins {

  id("com.autonomousapps.build-health") version "<>"

}

----



IMPORTANT: If your project uses Kotlin or Android (or both), then those plugins must also be loaded in the settings

script classloader (or a parent). See

https://github.com/autonomousapps/dependency-analysis-gradle-plugin/wiki/Adding-to-your-project[the wiki] for more information



For a quick start, just run the following:



----

./gradlew buildHealth

----



You will probably see output like the following:



----

> Task :buildHealth FAILED



FAILURE: Build failed with an exception.



* What went wrong:

Execution failed for task ':buildHealth'.

> There were dependency violations. See report at file:///path/to/project/build/reports/dependency-analysis/build-health-report.txt

----



If you wish to have this (potentially very long) report printed to console, add this to your `gradle.properties` file:



.gradle.properties

[source]

----

dependency.analysis.print.build.health=true

----



== More advanced usage



You do not have to apply this plugin to all projects via the settings script. It can also be applied to only specific

subprojects. In this case, it must also be applied to the root build script.



.root build.gradle[.kts]

[source,groovy]

----

plugins {

  id("com.autonomousapps.dependency-analysis") version "<>"

}

----



.sub/project/build.gradle[.kts]

[source,groovy]

----

plugins {

  id("com.autonomousapps.dependency-analysis")

}

----



IMPORTANT: If your project uses Kotlin or Android (or both), then those plugins must also be loaded in the root build

script classloader (or a parent). See

https://github.com/autonomousapps/dependency-analysis-gradle-plugin/wiki/Adding-to-your-project[the wiki] for more information



=== Project Health



The analysis can be run against individual modules with the `projectHealth` task. For example:



----

./gradlew app:projectHealth

----



=== Fix dependency issues automatically



It is common for the plugin to report many issues with your project's dependency declarations. Since fixing manually can

be tedious, the plugin also provides a task to auto-remediate all issues.



----

./gradlew fixDependencies

----



The `fixDependencies` task is registered on each project where the plugin is applied. Running it as above will run the

task in each subproject. See also

https://dev.to/autonomousapps/one-click-dependencies-fix-191p[_One click dependencies fix_].



==== Fix only some dependency issues automatically



In some circumstances, it may be considered infeasible to resolve all issues in one pass. Maybe you have a very large

project, or you publish libraries and you know that changing your dependency declarations will also change your

libraries' metadata, which might break consumers. To support this use-case, the the `fixDependencies` task takes an

optional flag to tell it to, essentially, make only "safe" changes.



----

./gradlew fixDependencies --upgrade

----



With this flag in place, the `fixDependencies` task will not remove or "downgrade" any dependency declarations. It will

only add or "upgrade" declarations (e.g., from `implementation` to `api`).



In an incremental rollout scenario, one could imagine using the `--upgrade` flag, then updating all consumers, then

finally removing the flag and removing all unused dependencies.



==== Caveats



If the analysis has any bugs, then fixing the dependency declarations make break your build (but this is also the case

with manual fixes). If you encounter this, please

https://github.com/autonomousapps/dependency-analysis-gradle-plugin/issues/new/choose[file an issue].



Additionally, the rewriting functionality is based on a simplified Gradle Groovy/Kotlin DSL grammar, which will fail in

the presence of complex build scripts. We plan to enhance the Gradle Kotlin DSL grammar soon, since it is the default

build script language, but we have no current plans to do the same for Gradle Groovy DSL.



=== Reason



You may be curious why the plugin is emitting (or not emitting) advice regarding some dependency. You can ask it why:



----

./gradlew lib:reason --id com.squareup.okio:okio:2.2.2 <1>

> Task :lib:reason



----------------------------------------

You asked about the dependency 'com.squareup.okio:okio:2.2.2'.

There is no advice regarding this dependency.

----------------------------------------



Shortest path from :lib to com.squareup.okio:okio:2.2.2:

:lib

\--- com.squareup.okio:okio:2.2.2



Source: main

------------

* Exposes class okio.BufferedSource (implies api).

----

<1> The version string is optional.



=== Basic configuration



For detailed information on how to configure the plugin, see https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin/wiki/Customizing-plugin-behavior[the wiki].



To configure the plugin, use the https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin/blob/main/src/main/kotlin/com/autonomousapps/DependencyAnalysisExtension.kt[`dependencyAnalysis`] extension.



.build.gradle

[source,groovy]

----

dependencyAnalysis {

  // configuration goes here

}

----



== Publications

The following is a list of articles / blog posts that have been published discussing this plugin:



1. https://dev.to/autonomousapps/the-proper-care-and-feeding-of-your-gradle-build-d8g[The proper care and feeding of your Gradle build]

2. https://dev.to/autonomousapps/dependency-analysis-gradle-plugin-using-bytecode-analysis-to-find-unused-dependencies-509n[Dependency Analysis Gradle Plugin: Using bytecode analysis to find unused dependencies]

3. https://dev.to/autonomousapps/dependency-analysis-gradle-plugin-what-s-an-abi-3l2h[Dependency Analysis Gradle Plugin: What's an ABI?]

4. https://dev.to/autonomousapps/reducing-my-gradle-plugin-s-impact-on-configuration-time-a-journey-32h2[Reducing my Gradle plugin's impact on configuration time: A journey]

5. https://dev.to/autonomousapps/one-click-dependencies-fix-191p[One-click dependencies fix]



...with more to come :)



This plugin has also been featured in these newsletters:



1. https://newsletter.gradle.org/2024/10[Gradle, Oct 2024]

2. https://newsletter.gradle.com/2022/05[Gradle, May 2022]

3. https://newsletter.gradle.com/2020/09[Gradle, September 2020]

4. https://newsletter.gradle.com/2020/08[Gradle, August 2020]

5. https://androidweekly.net/issues/issue-423[Android Weekly, Issue #423]

6. https://newsletter.gradle.com/2020/07[Gradle, July 2020]

7. https://newsletter.gradle.com/2020/06[Gradle, June 2020]



Podcast episodes about this plugin could be found here:



1. https://thebakery.dev/31/[The Developers' Bakery, Episode #31]



Youtube videos about this plugin:



1. https://youtu.be/Lipf5piizZc[Understanding Gradle #28 – Clean Compile Classpaths with the Dependency Analysis Plugin]