Skip to content
This repository was archived by the owner on May 27, 2025. It is now read-only.
/ danger-kotlin-dependencies-check Public archive

Plugin for danger-kotlin for checking project dependencies (e.g. new available updates or vulnerabilities)

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

AckeeCZ/danger-kotlin-dependencies-check

BranchesTags

Repository files navigation

DEPRECATED

This library is no longer maintained and repository is archived. The reason is that it turned out that checking dependencies during unrelated merge requests is not convenient and we have switched to a different solution.

Maven Central

danger-kotlin dependencies check plugin

Plugin for danger-kotlin for checking project dependencies (e.g. new available updates or vulnerabilities). Plugin relies on these Gradle plugins to be available on the project:

Plugin runs Gradle tasks above, collects results and reports outdated dependencies as warnings and vulnerable dependencies as warnings if there is no update available, the dependency is transitive (update is unknown) or fails pipeline if there is a vulnerability and update to a newer version is available. All of this can be suppressed for cases such as false positives or other valid reasons.

Installation

Put

@file:DependsOn("io.github.ackeecz:danger-kotlin-dependencies-check:x.y.z")

to the top of your Dangerfile

Usage

First you need to register the plugin via

register plugin DependenciesCheckPlugin

and then you can use it through it's single public method

DependenciesCheckPlugin.checkDependencies(config)

checkDependencies method accepts Config object where you can specify various configurations of the plugin such as suppressions of outdated dependencies or vulnerabilities reports. See io.github.ackeecz.danger.dependenciescheck.config.Config class for more details.

Example Dangerfile

@file:DependsOn("io.github.ackeecz:danger-kotlin-dependencies-check:x.y.z")

import io.github.ackeecz.danger.dependenciescheck.config.Config
import io.github.ackeecz.danger.dependenciescheck.config.OutdatedDependencySuppression
import io.github.ackeecz.danger.dependenciescheck.DependenciesCheckPlugin

import systems.danger.kotlin.danger
import systems.danger.kotlin.register

register plugin DependenciesCheckPlugin

danger(args) {
    val config = Config(
        outdatedDependenciesConfig = Config.OutdatedDependencies(
            suppressions = listOf(
                OutdatedDependencySuppression(fullyQualifiedNameWithVersion = "com.squareup.retrofit2:retrofit:2.4.0"),
            ),
        ),
    )
    DependenciesCheckPlugin.checkDependencies(config)
}

This will perform dependencies check and configures a plugin to suppress an outdated dependency report for Retrofit.

About

Plugin for danger-kotlin for checking project dependencies (e.g. new available updates or vulnerabilities)

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

No packages published

Contributors 2

  •  
  •  

Languages