search

autonomousapps / dependency-analysis-gradle-plugin

Gradle plugin for JVM projects written in Java, Kotlin, Groovy, or Scala; and Android projects written in Java or Kotlin. Provides advice for managing dependencies and other applied plugins
Apache License 2.0
1.82k stars 120 forks source link

jvm test suite reporting false positive with transient #1273

Open xenoterracide opened 1 month ago

xenoterracide commented 1 month ago

Build scan link

https://gradle.com/s/3nouxz6lixdao

Plugin version

2.1.1

Gradle version

(unrelated consider just changing your template to request the output of --version

------------------------------------------------------------
Gradle 8.10.2
------------------------------------------------------------

Build time:    2024-09-23 21:28:39 UTC
Revision:      415adb9e06a516c44b391edff552fd42139443f7

Kotlin:        1.9.24
Groovy:        3.0.22
Ant:           Apache Ant(TM) version 1.10.14 compiled on August 16 2023
Launcher JVM:  21.0.4 (Eclipse Adoptium 21.0.4+7-LTS)
Daemon JVM:    /home/xeno/.asdf/installs/java/temurin-21.0.4+7.0.LTS (no JDK specified, using current Java home)
OS:            Linux 6.6.47-1-MANJARO amd64

Describe the bug

Transient version requested removal. While it's probably true that it's not needed, I'm also not directly adding it.

> Advice for :commons-jpa
  Unused dependencies which should be removed:
    whiteboxImplementation("org.junit.jupiter:junit-jupiter:5.11.1")

  Advice for :security-model
  Unused dependencies which should be removed:
    implementation(libs.spring.modulith.api) # copypasta, probably unrelated
    whiteboxImplementation("org.junit.jupiter:junit-jupiter:5.11.1")

To Reproduce Steps to reproduce the behavior:

  1. ...

probably not a full reproducer, but this is how I configure my whitebox

    val whitebox by registering(JvmTestSuite::class) {
      dependencies {
        implementation(project())
        implementation(projects.commonsModel)
        implementation(libs.equalsverifier)
        implementation(libs.commons.lang)
        implementation(libs.spring.beans)
        implementation(libs.spring.transaction)
        implementation(libs.hibernate.orm.core)
      }
    }

Expected behavior

Additional context

This is a new buildHealth report on simply upgrading to 2.x

this is on my root project

dependencyAnalysis {
  issues {
    all {
      onAny {
        severity("fail")
      }
      onUnusedDependencies {
        exclude(libs.junit.parameters)
        exclude(libs.assertj)
        exclude(libs.spring.test)
        exclude(libs.spring.boot.test.autoconfigure)
        exclude(libs.spring.boot.test.core)
        exclude(libs.jspecify)
      }
    }
  }
}

I think that junit-jupiter is the equivalent of a "starter", but I don't use it directly. I apply these bundles

test-impl = ["junit-api", "assertj", "junit-parameters"]
test-runtime = ["junit-engine", "junit-launcher"]
autonomousapps commented 1 month ago

The plugin doesn't currently have any support for the jvm test suites stuff.

autonomousapps commented 1 month ago

It's unclear from your report which dependency you're referring to. Is it org.junit.jupiter:junit-jupiter:5.11.1? You're saying you're not actually declaring that dependency, but it's appearing in your reports as unused and should be removed? Are you configuring your builds to use junit platform? Can you provide more from your build scripts, or simply a minimal reproducer?