-
Notifications
You must be signed in to change notification settings - Fork 30
Dependency Lock Provider
jkschneider edited this page Nov 16, 2014
·
1 revision
The dependency lock provider retrieves recommendations from Nebula dependency lock files. Often these files are committed to source control for the sake of build repeatability. Publishing them directly to an artifact repository or some other file-based location allows them to be used as a recommendation source in other projects.
As noted in the file-based providers documentation, dependency lock providers can be loaded from local files, URIs, URLs, dependency artifacts, and the plain InputStream.
apply plugin: 'java'
apply plugin: 'nebula-dependency-recommender'
dependencyRecommendations {
// the @lock ext is added by the provider if omitted
dependencyLock module: 'sample:dependencies:1.0'
}Here is an example lock file:
{
"commons-logging:commons-logging": { "locked": "1.1.1", "requested": "1.1.+" },
"commons-configuration:commons-configuration": { "locked": "1.1.2" }
}