Open msridhar opened 1 year ago
hmm, it is reported correctly in Caffeine
The following dependencies are using the latest milestone version:
....
- org.jacoco:org.jacoco.agent:0.8.10
- org.jacoco:org.jacoco.ant:0.8.10
This seems to be the regression reported in #733 where hidden dependencies are not being treated properly. When I use the prior version, 0.45.0, the report comes out correctly. It should generally be hidden as a tool version that users won't typically understand where it comes from. When it was, in Caffeine I would add those to a dummy configuration to see the update as an opt-in. I'm unsure if reverting the contribution is the right approach, or if it requires digging deeply into its intent and fixing both issues correctly. The gradle dependency resolution behavior gets kind of confusing and it's hard to get motivated enough to fight through it...
Thanks for looking into it! Not a huge deal for us. Feel free to close if this is a duplicate
Running
./gradlew dependencyUpdates --refresh-dependencies
on https://github.com/uber/NullAway/commit/70af259fa1bfa7cad64e4b1d681e47423dc38960 (current master branch) I see this in the output:But I can see version 0.8.10 of those artifacts on Maven Central (released a few months back). Nothing critical at all for us, just in case it is of interest.