Implement gemnasium parser for gradle dependencies JSON
Implementation plan
-
Implement a new file parser in the gemnasiumproject to parse the dependency listJSONfiles produced by Add initial support for DS_EXPERIMENTAL_GRADLE_... (#437268 - closed) • Philip Cunningham • 16.9 • On track.Here's an example of the dependency JSON structure (dependencies.json):
Click to expand
{ "gradleVersion": "Gradle 5.6.4", "generationDate": "Mon Jan 15 00:00:11 UTC 2024", "project": { "name": "sample-project-gradle", "description": null, "configurations": [ { "name": "annotationProcessor", "description": "Annotation processors and their dependencies for source set 'main'.", "dependencies": [], "moduleInsights": [] }, { "name": "apiElements", "description": "API elements for main.", "dependencies": [], "moduleInsights": [] }, { "name": "archives", "description": "Configuration for archive artifacts.", "dependencies": [], "moduleInsights": [] }, { "name": "compile", "description": "Dependencies for source set 'main' (deprecated, use 'implementation' instead).", "dependencies": [], "moduleInsights": [] }, { "name": "compileClasspath", "description": "Compile classpath for source set 'main'.", "dependencies": [ { "module": "org.slf4j:slf4j-api", "name": "org.slf4j:slf4j-api:1.7.30", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [] }, { "module": "org.apache.logging.log4j:log4j-api", "name": "org.apache.logging.log4j:log4j-api:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [] }, { "module": "org.apache.logging.log4j:log4j-slf4j-impl", "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [ { "module": "org.slf4j:slf4j-api", "name": "org.slf4j:slf4j-api:1.7.25 ➡ 1.7.30", "resolvable": "RESOLVED", "hasConflict": true, "alreadyRendered": false, "children": [] }, { "module": "org.apache.logging.log4j:log4j-api", "name": "org.apache.logging.log4j:log4j-api:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [] } ] } ], "moduleInsights": [ { "module": "org.apache.logging.log4j:log4j-slf4j-impl", "insight": [ { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [] }, { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [ { "name": "compileClasspath", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] } ] } ] }, { "module": "org.apache.logging.log4j:log4j-api", "insight": [ { "name": "org.apache.logging.log4j:log4j-api:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [] }, { "name": "org.apache.logging.log4j:log4j-api:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [ { "name": "compileClasspath", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] }, { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": false, "children": [ { "name": "compileClasspath", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] } ] } ] } ] }, { "module": "org.slf4j:slf4j-api", "insight": [ { "name": "org.slf4j:slf4j-api:1.7.30", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [] }, { "name": "org.slf4j:slf4j-api:1.7.30", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [ { "name": "compileClasspath", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] } ] }, { "name": "org.slf4j:slf4j-api:1.7.25 ➡ 1.7.30", "description": null, "resolvable": "RESOLVED", "hasConflict": true, "children": [ { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": false, "children": [ { "name": "compileClasspath", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] } ] } ] } ] } ] }, { "name": "compileOnly", "description": "Compile only dependencies for source set 'main'.", "dependencies": [], "moduleInsights": [] }, { "name": "default", "description": "Configuration for default artifacts.", "dependencies": [ { "module": "org.slf4j:slf4j-api", "name": "org.slf4j:slf4j-api:1.7.30", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [] }, { "module": "org.apache.logging.log4j:log4j-api", "name": "org.apache.logging.log4j:log4j-api:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [] }, { "module": "org.apache.logging.log4j:log4j-slf4j-impl", "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [ { "module": "org.slf4j:slf4j-api", "name": "org.slf4j:slf4j-api:1.7.25 ➡ 1.7.30", "resolvable": "RESOLVED", "hasConflict": true, "alreadyRendered": false, "children": [] }, { "module": "org.apache.logging.log4j:log4j-api", "name": "org.apache.logging.log4j:log4j-api:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [] }, { "module": "org.apache.logging.log4j:log4j-core", "name": "org.apache.logging.log4j:log4j-core:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [ { "module": "org.apache.logging.log4j:log4j-api", "name": "org.apache.logging.log4j:log4j-api:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [] } ] } ] } ], "moduleInsights": [ { "module": "org.apache.logging.log4j:log4j-slf4j-impl", "insight": [ { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [] }, { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [ { "name": "default", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] } ] } ] }, { "module": "org.apache.logging.log4j:log4j-api", "insight": [ { "name": "org.apache.logging.log4j:log4j-api:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [] }, { "name": "org.apache.logging.log4j:log4j-api:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [ { "name": "default", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] }, { "name": "org.apache.logging.log4j:log4j-core:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": false, "children": [ { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": false, "children": [ { "name": "default", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] } ] } ] }, { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": true, "isLeaf": false, "children": [] } ] } ] }, { "module": "org.apache.logging.log4j:log4j-core", "insight": [ { "name": "org.apache.logging.log4j:log4j-core:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [] }, { "name": "org.apache.logging.log4j:log4j-core:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [ { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": false, "children": [ { "name": "default", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] } ] } ] } ] }, { "module": "org.slf4j:slf4j-api", "insight": [ { "name": "org.slf4j:slf4j-api:1.7.30", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [] }, { "name": "org.slf4j:slf4j-api:1.7.30", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [ { "name": "default", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] } ] }, { "name": "org.slf4j:slf4j-api:1.7.25 ➡ 1.7.30", "description": null, "resolvable": "RESOLVED", "hasConflict": true, "children": [ { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": false, "children": [ { "name": "default", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] } ] } ] } ] } ] }, { "name": "implementation", "description": "Implementation only dependencies for source set 'main'.", "dependencies": [ { "module": null, "name": "org.slf4j:slf4j-api:1.7.30", "resolvable": "UNRESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [] }, { "module": null, "name": "org.apache.logging.log4j:log4j-api:2.13.2", "resolvable": "UNRESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [] }, { "module": null, "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "resolvable": "UNRESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [] } ], "moduleInsights": [] }, { "name": "runtime", "description": "Runtime dependencies for source set 'main' (deprecated, use 'runtimeOnly' instead).", "dependencies": [], "moduleInsights": [] }, { "name": "runtimeClasspath", "description": "Runtime classpath of source set 'main'.", "dependencies": [ { "module": "org.slf4j:slf4j-api", "name": "org.slf4j:slf4j-api:1.7.30", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [] }, { "module": "org.apache.logging.log4j:log4j-api", "name": "org.apache.logging.log4j:log4j-api:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [] }, { "module": "org.apache.logging.log4j:log4j-slf4j-impl", "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [ { "module": "org.slf4j:slf4j-api", "name": "org.slf4j:slf4j-api:1.7.25 ➡ 1.7.30", "resolvable": "RESOLVED", "hasConflict": true, "alreadyRendered": false, "children": [] }, { "module": "org.apache.logging.log4j:log4j-api", "name": "org.apache.logging.log4j:log4j-api:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [] }, { "module": "org.apache.logging.log4j:log4j-core", "name": "org.apache.logging.log4j:log4j-core:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [ { "module": "org.apache.logging.log4j:log4j-api", "name": "org.apache.logging.log4j:log4j-api:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [] } ] } ] } ], "moduleInsights": [ { "module": "org.apache.logging.log4j:log4j-slf4j-impl", "insight": [ { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [] }, { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [ { "name": "runtimeClasspath", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] } ] } ] }, { "module": "org.apache.logging.log4j:log4j-api", "insight": [ { "name": "org.apache.logging.log4j:log4j-api:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [] }, { "name": "org.apache.logging.log4j:log4j-api:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [ { "name": "runtimeClasspath", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] }, { "name": "org.apache.logging.log4j:log4j-core:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": false, "children": [ { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": false, "children": [ { "name": "runtimeClasspath", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] } ] } ] }, { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": true, "isLeaf": false, "children": [] } ] } ] }, { "module": "org.apache.logging.log4j:log4j-core", "insight": [ { "name": "org.apache.logging.log4j:log4j-core:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [] }, { "name": "org.apache.logging.log4j:log4j-core:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [ { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": false, "children": [ { "name": "runtimeClasspath", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] } ] } ] } ] }, { "module": "org.slf4j:slf4j-api", "insight": [ { "name": "org.slf4j:slf4j-api:1.7.30", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [] }, { "name": "org.slf4j:slf4j-api:1.7.30", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [ { "name": "runtimeClasspath", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] } ] }, { "name": "org.slf4j:slf4j-api:1.7.25 ➡ 1.7.30", "description": null, "resolvable": "RESOLVED", "hasConflict": true, "children": [ { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": false, "children": [ { "name": "runtimeClasspath", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] } ] } ] } ] } ] }, { "name": "runtimeElements", "description": "Elements of runtime for main.", "dependencies": [], "moduleInsights": [] }, { "name": "runtimeOnly", "description": "Runtime only dependencies for source set 'main'.", "dependencies": [], "moduleInsights": [] }, { "name": "testAnnotationProcessor", "description": "Annotation processors and their dependencies for source set 'test'.", "dependencies": [], "moduleInsights": [] }, { "name": "testCompile", "description": "Dependencies for source set 'test' (deprecated, use 'testImplementation' instead).", "dependencies": [], "moduleInsights": [] }, { "name": "testCompileClasspath", "description": "Compile classpath for source set 'test'.", "dependencies": [ { "module": "org.slf4j:slf4j-api", "name": "org.slf4j:slf4j-api:1.7.30", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [] }, { "module": "org.apache.logging.log4j:log4j-api", "name": "org.apache.logging.log4j:log4j-api:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [] }, { "module": "org.apache.logging.log4j:log4j-slf4j-impl", "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [ { "module": "org.slf4j:slf4j-api", "name": "org.slf4j:slf4j-api:1.7.25 ➡ 1.7.30", "resolvable": "RESOLVED", "hasConflict": true, "alreadyRendered": false, "children": [] }, { "module": "org.apache.logging.log4j:log4j-api", "name": "org.apache.logging.log4j:log4j-api:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [] } ] } ], "moduleInsights": [ { "module": "org.apache.logging.log4j:log4j-slf4j-impl", "insight": [ { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [] }, { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [ { "name": "testCompileClasspath", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] } ] } ] }, { "module": "org.apache.logging.log4j:log4j-api", "insight": [ { "name": "org.apache.logging.log4j:log4j-api:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [] }, { "name": "org.apache.logging.log4j:log4j-api:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [ { "name": "testCompileClasspath", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] }, { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": false, "children": [ { "name": "testCompileClasspath", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] } ] } ] } ] }, { "module": "org.slf4j:slf4j-api", "insight": [ { "name": "org.slf4j:slf4j-api:1.7.30", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [] }, { "name": "org.slf4j:slf4j-api:1.7.30", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [ { "name": "testCompileClasspath", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] } ] }, { "name": "org.slf4j:slf4j-api:1.7.25 ➡ 1.7.30", "description": null, "resolvable": "RESOLVED", "hasConflict": true, "children": [ { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": false, "children": [ { "name": "testCompileClasspath", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] } ] } ] } ] } ] }, { "name": "testCompileOnly", "description": "Compile only dependencies for source set 'test'.", "dependencies": [], "moduleInsights": [] }, { "name": "testImplementation", "description": "Implementation only dependencies for source set 'test'.", "dependencies": [], "moduleInsights": [] }, { "name": "testRuntime", "description": "Runtime dependencies for source set 'test' (deprecated, use 'testRuntimeOnly' instead).", "dependencies": [], "moduleInsights": [] }, { "name": "testRuntimeClasspath", "description": "Runtime classpath of source set 'test'.", "dependencies": [ { "module": "org.slf4j:slf4j-api", "name": "org.slf4j:slf4j-api:1.7.30", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [] }, { "module": "org.apache.logging.log4j:log4j-api", "name": "org.apache.logging.log4j:log4j-api:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [] }, { "module": "org.apache.logging.log4j:log4j-slf4j-impl", "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [ { "module": "org.slf4j:slf4j-api", "name": "org.slf4j:slf4j-api:1.7.25 ➡ 1.7.30", "resolvable": "RESOLVED", "hasConflict": true, "alreadyRendered": false, "children": [] }, { "module": "org.apache.logging.log4j:log4j-api", "name": "org.apache.logging.log4j:log4j-api:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [] }, { "module": "org.apache.logging.log4j:log4j-core", "name": "org.apache.logging.log4j:log4j-core:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [ { "module": "org.apache.logging.log4j:log4j-api", "name": "org.apache.logging.log4j:log4j-api:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "children": [] } ] } ] } ], "moduleInsights": [ { "module": "org.apache.logging.log4j:log4j-slf4j-impl", "insight": [ { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [] }, { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [ { "name": "testRuntimeClasspath", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] } ] } ] }, { "module": "org.apache.logging.log4j:log4j-api", "insight": [ { "name": "org.apache.logging.log4j:log4j-api:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [] }, { "name": "org.apache.logging.log4j:log4j-api:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [ { "name": "testRuntimeClasspath", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] }, { "name": "org.apache.logging.log4j:log4j-core:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": false, "children": [ { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": false, "children": [ { "name": "testRuntimeClasspath", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] } ] } ] }, { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": true, "isLeaf": false, "children": [] } ] } ] }, { "module": "org.apache.logging.log4j:log4j-core", "insight": [ { "name": "org.apache.logging.log4j:log4j-core:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [] }, { "name": "org.apache.logging.log4j:log4j-core:2.13.2", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [ { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": false, "children": [ { "name": "testRuntimeClasspath", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] } ] } ] } ] }, { "module": "org.slf4j:slf4j-api", "insight": [ { "name": "org.slf4j:slf4j-api:1.7.30", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [] }, { "name": "org.slf4j:slf4j-api:1.7.30", "description": null, "resolvable": "RESOLVED", "hasConflict": false, "children": [ { "name": "testRuntimeClasspath", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] } ] }, { "name": "org.slf4j:slf4j-api:1.7.25 ➡ 1.7.30", "description": null, "resolvable": "RESOLVED", "hasConflict": true, "children": [ { "name": "org.apache.logging.log4j:log4j-slf4j-impl:2.13.2", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": false, "children": [ { "name": "testRuntimeClasspath", "resolvable": "RESOLVED", "hasConflict": false, "alreadyRendered": false, "isLeaf": true, "children": [] } ] } ] } ] } ] }, { "name": "testRuntimeOnly", "description": "Runtime only dependencies for source set 'test'.", "dependencies": [], "moduleInsights": [] } ] } }We'll need to make sure we handle the following edge cases:
-
We need to properly parse dependencies that had to undergo conflict resolution, and therefore the requested and selected versions are separated by a right arrow character
➡(unicode characterU+27A1). An example of this situation can be found in this fixture file and the version oforg.slf4j/slf4j-apithat it resolves to in the gl-dependency-scanning-report.json expectation. -
Handle the situation where
gradle dependenciesfails to resolve a dependency, for example:$ git clone git@gitlab.com:gitlab-org/security-products/analyzers/gemnasium-gradle-plugin.git && cd gemnasium-gradle-plugin && git checkout 42c5ff41c25fceb561480b379f1886034a09d303 $ docker run -it --rm -e SECURE_LOG_LEVEL=debug -v "$PWD:/gemnasium-gradle-plugin-src" -w /gemnasium-gradle-plugin/src registry.gitlab.com/security-products/gemnasium-maven:2.27.4 bash -ic 'gradle -p /gemnasium-gradle-plugin-src dependencies' Welcome to Gradle 6.7.1! ... > Task :dependencies ... functionalTestImplementationDependenciesMetadata +--- org.jetbrains.kotlin:kotlin-stdlib:1.5.10 ... +--- org.jetbrains.kotlin:kotlin-test:1.5.10 FAILED +--- org.jetbrains.kotlin:kotlin-test-junit:1.5.10 | +--- org.jetbrains.kotlin:kotlin-test:1.5.10 FAILEDNotice the
org.jetbrains.kotlin:kotlin-test:1.5.10dependency failed to be resolved. We need to make sure to address this situation.
-
-
Add unit tests for the new file parser added in step 1.above, similar to the currentgradle-dependencies.jsontest.
Image integration tests will be handled in a follow-up issue: Add image integration tests for new DS_EXPERIME... (#437803 - closed) • Philip Cunningham • 16.11 • On track.
Edited by Philip Cunningham