From 10160def51e98678818ad90bbae6d92aa131d08d Mon Sep 17 00:00:00 2001
From: Samrat Mukherjee <samratmuk@blackduck.com>
Date: Tue, 18 Nov 2025 14:26:10 +0530
Subject: [PATCH 1/5] (fix)gradle - ignore (c) lines in the report

---
 .../inspection/parse/GradleReportConfigurationParser.java     | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/detectable/src/main/java/com/blackduck/integration/detectable/detectables/gradle/inspection/parse/GradleReportConfigurationParser.java b/detectable/src/main/java/com/blackduck/integration/detectable/detectables/gradle/inspection/parse/GradleReportConfigurationParser.java
index 88e7a51d6c..27293df538 100644
--- a/detectable/src/main/java/com/blackduck/integration/detectable/detectables/gradle/inspection/parse/GradleReportConfigurationParser.java
+++ b/detectable/src/main/java/com/blackduck/integration/detectable/detectables/gradle/inspection/parse/GradleReportConfigurationParser.java
@@ -21,7 +21,9 @@ public GradleConfiguration parse(String header, List<String> dependencyLines, Ma
         configuration.setUnresolved(parseUnresolved(header));
         List<GradleTreeNode> children = new ArrayList<>();
         for (String line: dependencyLines) {
-           children.add(parser.parseLine(line, metadata));
+            if (!line.trim().endsWith("(c)")) {
+                children.add(parser.parseLine(line, metadata));
+            }
         }
         configuration.setChildren(children);
 

From fa91e78e58c3e320799ef94b2ee596039b058718 Mon Sep 17 00:00:00 2001
From: Samrat Mukherjee <samratmuk@blackduck.com>
Date: Thu, 20 Nov 2025 14:41:14 +0530
Subject: [PATCH 2/5] use constant GRADLE_CONSTRAINT_SUFFIX

---
 .../inspection/parse/GradleReportConfigurationParser.java      | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/detectable/src/main/java/com/blackduck/integration/detectable/detectables/gradle/inspection/parse/GradleReportConfigurationParser.java b/detectable/src/main/java/com/blackduck/integration/detectable/detectables/gradle/inspection/parse/GradleReportConfigurationParser.java
index 27293df538..c3c4aa329a 100644
--- a/detectable/src/main/java/com/blackduck/integration/detectable/detectables/gradle/inspection/parse/GradleReportConfigurationParser.java
+++ b/detectable/src/main/java/com/blackduck/integration/detectable/detectables/gradle/inspection/parse/GradleReportConfigurationParser.java
@@ -11,6 +11,7 @@
 
 public class GradleReportConfigurationParser {
     private static final String UNRESOLVED_SUFFIX = "(n)";
+    private static final String GRADLE_CONSTRAINT_SUFFIX = "(c)";
 
     private final GradleReportLineParser parser = new GradleReportLineParser();
 
@@ -21,7 +22,7 @@ public GradleConfiguration parse(String header, List<String> dependencyLines, Ma
         configuration.setUnresolved(parseUnresolved(header));
         List<GradleTreeNode> children = new ArrayList<>();
         for (String line: dependencyLines) {
-            if (!line.trim().endsWith("(c)")) {
+            if (!line.trim().endsWith(GRADLE_CONSTRAINT_SUFFIX)) {
                 children.add(parser.parseLine(line, metadata));
             }
         }

From 3f4afed7cd7d46f4b6b8b9632774624771dcce61 Mon Sep 17 00:00:00 2001
From: Samrat Mukherjee <samratmuk@blackduck.com>
Date: Thu, 20 Nov 2025 15:12:59 +0530
Subject: [PATCH 3/5] add functional test cases

---
 .../GradleReportParserFunctionalTest.java       | 14 ++++++++++++++
 .../gradle/constraints_dependencyGraph.txt      | 17 +++++++++++++++++
 2 files changed, 31 insertions(+)
 create mode 100644 detectable/src/test/resources/detectables/functional/gradle/constraints_dependencyGraph.txt

diff --git a/detectable/src/test/java/com/blackduck/integration/detectable/detectables/gradle/functional/GradleReportParserFunctionalTest.java b/detectable/src/test/java/com/blackduck/integration/detectable/detectables/gradle/functional/GradleReportParserFunctionalTest.java
index 356a4a2c79..3d26ca3f28 100644
--- a/detectable/src/test/java/com/blackduck/integration/detectable/detectables/gradle/functional/GradleReportParserFunctionalTest.java
+++ b/detectable/src/test/java/com/blackduck/integration/detectable/detectables/gradle/functional/GradleReportParserFunctionalTest.java
@@ -114,4 +114,18 @@ void testUnresolvedConfigurations() {
 
         System.out.println(new GsonBuilder().setPrettyPrinting().create().toJson(codeLocation.get()));
     }
+
+    @Test
+    void testConstraintsAreFiltered() {
+        Optional<CodeLocation> codeLocation = buildCodeLocation("/gradle/constraints_dependencyGraph.txt", true);
+        Assertions.assertTrue(codeLocation.isPresent());
+        DependencyGraph graph = codeLocation.get().getDependencyGraph();
+
+        MavenGraphAssert graphAssert = new MavenGraphAssert(graph);
+        graphAssert.hasRootSize(1);
+        graphAssert.hasRootDependency("com.google.code.gson:gson:2.8.9");
+        graphAssert.hasNoDependency("org.apache.logging.log4j:log4j-api:2.17.1");
+        graphAssert.hasNoDependency("org.apache.commons:commons-collections4:4.4");
+        graphAssert.hasNoDependency("javax.servlet:javax.servlet-api:3.1.0");
+    }
 }
diff --git a/detectable/src/test/resources/detectables/functional/gradle/constraints_dependencyGraph.txt b/detectable/src/test/resources/detectables/functional/gradle/constraints_dependencyGraph.txt
new file mode 100644
index 0000000000..a9b4e38910
--- /dev/null
+++ b/detectable/src/test/resources/detectables/functional/gradle/constraints_dependencyGraph.txt
@@ -0,0 +1,17 @@
+------------------------------------------------------------
+Project :project
+------------------------------------------------------------
+
+archives - Configuration for archive artifacts. (n)
+No dependencies
+
+compile - Dependencies for source set 'main'. (n)
++--- org.apache.logging.log4j:log4j-api:2.17.1 (c)
++--- com.google.code.gson:gson:2.8.9
+|    \--- org.apache.httpcomponents:httpclient:4.5.13
+|         +--- commons-codec:commons-codec:1.11
+|         \--- javax.servlet:javax.servlet-api:3.1.0 (c)
+\--- org.apache.commons:commons-collections4:4.4 (c)
+
+(n) - Not resolved (configuration is not meant to be resolved)
+

From 145d22b6a6eae4e6e85fa1e92634ecba90cc6c03 Mon Sep 17 00:00:00 2001
From: blackduck-serv-builder <serv-builder@blackducksoftware.com>
Date: Fri, 21 Nov 2025 11:09:33 -0500
Subject: [PATCH 4/5] Release 11.1.0-SIGQA7-IDETECT-4760

---
 build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build.gradle b/build.gradle
index dbfdb1ff12..01684bdc1f 100644
--- a/build.gradle
+++ b/build.gradle
@@ -21,7 +21,7 @@ buildscript {
 
 group = 'com.blackduck.integration'
 
-version = '11.1.0-SIGQA7-SNAPSHOT'
+version = '11.1.0-SIGQA7-IDETECT-4760'
 
 apply plugin: 'com.blackduck.integration.solution'
 apply plugin: 'org.springframework.boot'

From 876815a8de32012591501ae94ae32683e97f0c0f Mon Sep 17 00:00:00 2001
From: blackduck-serv-builder <serv-builder@blackducksoftware.com>
Date: Fri, 21 Nov 2025 11:24:37 -0500
Subject: [PATCH 5/5] Using the next snapshot post release
 11.1.0-SIGQA8-IDETECT-4760-SNAPSHOT

---
 build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build.gradle b/build.gradle
index 01684bdc1f..15f4ca1e4a 100644
--- a/build.gradle
+++ b/build.gradle
@@ -21,7 +21,7 @@ buildscript {
 
 group = 'com.blackduck.integration'
 
-version = '11.1.0-SIGQA7-IDETECT-4760'
+version = '11.1.0-SIGQA8-IDETECT-4760-SNAPSHOT'
 
 apply plugin: 'com.blackduck.integration.solution'
 apply plugin: 'org.springframework.boot'