Skip to content
This repository has been archived by the owner on Feb 20, 2023. It is now read-only.

For #9644: restrict deps to specific repositories #9649

Merged
merged 4 commits into from
Apr 15, 2020
Merged

For #9644: restrict deps to specific repositories #9649

merged 4 commits into from
Apr 15, 2020

Conversation

mcomella
Copy link
Contributor

@mcomella mcomella commented Apr 3, 2020

See the issue for motivations and let me know if you have questions. After landing this, I intend to send an email to the team mentioning possible side effects (i.e. if you add a dependency but the ruleset didn't take it into account, it could fail until you update the rules but we haven't really had this problem on FFTV).

Pull Request checklist

  • Tests: This PR includes thorough tests or an explanation of why it does not
  • Screenshots: This PR includes screenshots or GIFs of the changes made or an explanation of why it does not
  • Accessibility: The code in this PR follows accessibility best practices or does not include any user facing features. In addition, it includes a screenshot of a successful accessibility scan to ensure no new defects are added to the product.

After merge

  • Milestone: Make sure issues finished by this pull request are added to the milestone of the version currently in development.

To download an APK when reviewing a PR:

  1. click on Show All Checks,
  2. click Details next to "Taskcluster (pull_request)" after it appears and then finishes with a green checkmark,
  3. click on the "Fenix - assemble" task, then click "Run Artifacts".
  4. the APK links should be on the left side of the screen, named for each CPU architecture

@mcomella
For mozilla-mobile#9644: remove unnecessary leanplum maven repository.
7250c75 
The docs say it is [1] "only needed for Android SDK versions below 4.3.0".
That is API 18 and our min SDK is 21.

[1]: https://docs.leanplum.com/reference#android-setup
@mcomella
For mozilla-mobile#9644: move buildscript block from :app to root pro…
50158c8 
…ject.

This will reduce the amount of duplication we need in specifying
restricted dependencies and centralize repository definitions. Since
we're a one project app, it shouldn't have a significant impact on
performance.
@mcomella
For mozilla-mobile#9644: restrict dependencies following FFTV config.
1392639 
However, there is a resolution error to be fixed in the next commit.

This is verbatim from FFTV except I removed the no-op "improve security
if code is refactored incorrectly" lines: these lines rarely changed and
I'm not that concerned. It might be better to simplify the
configuration.

Source:
  https://github.com/mozilla-mobile/firefox-tv/blob/62a2fa680c49beae271b55981d7afecc67d2aa21/buildSrc/src/main/java/org/mozilla/gradle/Dependencies.kt#L7
  https://github.com/mozilla-mobile/firefox-tv/blob/62a2fa680c49beae271b55981d7afecc67d2aa21/build.gradle#L31
@mcomella
For mozilla-mobile#9644: restrict firebase deps to google repo.
c94761b 
This fixes the resolution error from the previous PR.
@mcomella mcomella requested a review from pocmo April 8, 2020 17:46
@boek boek merged commit f0464b9 into mozilla-mobile:master Apr 15, 2020
@mcomella mcomella deleted the 9644-restrict-deps branch April 23, 2020 20:53
@mcomella mcomella mentioned this pull request Apr 23, 2020
Closed
@liuche liuche mentioned this pull request Apr 28, 2020
Closed
32 tasks
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@boek boek boek approved these changes

@pocmo pocmo Awaiting requested review from pocmo

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@mcomella @boek