Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Log each resolved dependency and associated configuration path #113

Closed
bigdaz opened this issue Feb 10, 2024 · 0 comments
Closed

Log each resolved dependency and associated configuration path #113

bigdaz opened this issue Feb 10, 2024 · 0 comments
Milestone
v1.2.1

Comments

@bigdaz
Copy link
Member

bigdaz commented Feb 10, 2024
edited

Knowing the project(s) and configuration(s) that resolved a dependency is the first step in addressing dependency vulnerabilities. This can be difficult to determine in complex Gradle project. Build Scans and the dependency-resolution report can help, but these are not always the most convenient.

We should enable logging for the plugin that will print each resolved dependency together with the project and configuration that resolved it. A dependency resolved in multiple configurations will be printed multiple times.
@bigdaz bigdaz added this to the v1.3.0 milestone Feb 10, 2024
@bigdaz bigdaz changed the title Add debug mode that prints each resolved dependency and associated configuration path Log each resolved dependency and associated configuration path Feb 11, 2024
@bigdaz bigdaz modified the milestones: v1.3.0, v1.2.1 Feb 11, 2024
bigdaz added a commit that referenced this issue Feb 11, 2024
@bigdaz
Log resolved dependencies and associated configuration
786164e 
Info-level logging will make it easier to determine the source of a dependency
that appears in the graph.

Fixes #113
@bigdaz bigdaz closed this as completed in c8c776e Feb 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v1.2.1
Development

No branches or pull requests
1 participant
@bigdaz