SEC-2206: Gradle Propdeps

2025-07-07 19:22:14 +00:00 · 2013-07-16 15:15:42 -05:00 · 2013-07-16 15:15:42 -05:00 · e5fc063680
commit e5fc063680
parent 01230c76ef
13 changed files with 63 additions and 110 deletions
--- a/acl/acl.gradle
+++ b/acl/acl.gradle
@ -3,13 +3,13 @@
 dependencies {
    compile project(':spring-security-core'),
            'aopalliance:aopalliance:1.0',
            "net.sf.ehcache:ehcache:$ehcacheVersion",
            "org.springframework:spring-aop:$springVersion",
            "org.springframework:spring-beans:$springVersion",
            "org.springframework:spring-context:$springVersion",
            "org.springframework:spring-tx:$springVersion",
            "org.springframework:spring-jdbc:$springVersion"
    optional "net.sf.ehcache:ehcache:$ehcacheVersion"
    testCompile "org.springframework:spring-beans:$springVersion",
                "org.springframework:spring-context-support:$springVersion",
                "org.springframework:spring-test:$springVersion"
--- a/build.gradle
+++ b/build.gradle
@ -5,6 +5,7 @@ buildscript {
        maven { url "http://repo.springsource.org/plugins-release" }
    }
    dependencies {
        classpath("org.springframework.build.gradle:propdeps-plugin:0.0.3")
        classpath("org.springframework.build.gradle:bundlor-plugin:0.1.2")
    }
 }
--- a/buildSrc/src/main/groovy/aspectj/AspectJPlugin.groovy
+++ b/buildSrc/src/main/groovy/aspectj/AspectJPlugin.groovy
@ -33,7 +33,7 @@ class AspectJPlugin implements Plugin<Project> {
            project.configurations.add('ajtools')
            project.dependencies {
                ajtools "org.aspectj:aspectjtools:${project.aspectjVersion}"
-                compile "org.aspectj:aspectjrt:${project.aspectjVersion}"
+                optional "org.aspectj:aspectjrt:${project.aspectjVersion}"
            }
        }
--- a/cas/cas.gradle
+++ b/cas/cas.gradle
@ -5,8 +5,9 @@ dependencies {
            "org.springframework:spring-context:$springVersion",
            "org.springframework:spring-beans:$springVersion",
            "org.springframework:spring-web:$springVersion",
-            "org.jasig.cas.client:cas-client-core:3.1.12",
+            "org.jasig.cas.client:cas-client-core:3.1.12"
-            "net.sf.ehcache:ehcache:$ehcacheVersion"
+
    optional "net.sf.ehcache:ehcache:$ehcacheVersion"
    provided "org.apache.tomcat:tomcat-servlet-api:$servletApiVersion"
 }
--- a/config/config.gradle
+++ b/config/config.gradle
@ -1,3 +1,5 @@
 import javax.security.auth.login.ConfigurationSpi;
 // Config Module build file
 apply plugin: 'groovy'
@ -8,23 +10,14 @@ compileTestJava.dependsOn(':spring-security-core:compileTestJava')
 dependencies {
    // NB: Don't add other compile time dependencies to the config module as this breaks tooling
    compile project(':spring-security-core'),
            project(':spring-security-web'),
            project(':spring-security-openid'),
            project(':spring-security-ldap'),
            "org.aspectj:aspectjweaver:$aspectjVersion",
            'aopalliance:aopalliance:1.0',
            "org.springframework:spring-aop:$springVersion",
            "org.springframework:spring-context:$springVersion",
-            "org.springframework:spring-web:$springVersion",
+            "org.springframework:spring-beans:$springVersion"
-            "org.springframework:spring-beans:$springVersion",
+
-            "org.springframework:spring-jdbc:$springVersion",
+    optional project(':spring-security-web'),
-            "org.springframework:spring-tx:$springVersion",
+             "org.springframework:spring-web:$springVersion",
-            "org.springframework.ldap:spring-ldap-core:$springLdapVersion"
+             "org.aspectj:aspectjweaver:$aspectjVersion"
            compile('org.openid4java:openid4java-nodeps:0.9.6') {
                exclude group: 'com.google.code.guice', module: 'guice'
            }
            compile 'com.google.inject:guice:2.0'
            compile apacheds_libs
    provided "org.apache.tomcat:tomcat-servlet-api:$servletApiVersion"
@ -43,6 +36,13 @@ dependencies {
                "org.hibernate.javax.persistence:hibernate-jpa-2.0-api:1.0.1.Final",
                "org.hibernate:hibernate-entitymanager:4.1.0.Final",
                "org.codehaus.groovy:groovy-all:$groovyVersion",
                "org.apache.directory.server:apacheds-core:$apacheDsVersion",
                "org.apache.directory.server:apacheds-core-entry:$apacheDsVersion",
                "org.apache.directory.server:apacheds-protocol-shared:$apacheDsVersion",
                "org.apache.directory.server:apacheds-protocol-ldap:$apacheDsVersion",
                "org.apache.directory.server:apacheds-server-jndi:$apacheDsVersion",
                'org.apache.directory.shared:shared-ldap:0.9.15',
                'ldapsdk:ldapsdk:4.1',
                powerMockDependencies
    testCompile('org.openid4java:openid4java-nodeps:0.9.6') {
       exclude group: 'com.google.code.guice', module: 'guice'
--- a/core/core.gradle
+++ b/core/core.gradle
@ -5,17 +5,18 @@ def cryptoProject = project(':spring-security-crypto')
 def cryptoClasses = cryptoProject.sourceSets.main.output
 dependencies {
-    compile cryptoProject,
+    compile cryptoProject.sourceSets.main.output,
            'aopalliance:aopalliance:1.0',
            "net.sf.ehcache:ehcache:$ehcacheVersion",
            "org.springframework:spring-aop:$springVersion",
            "org.springframework:spring-beans:$springVersion",
            "org.springframework:spring-context:$springVersion",
-            "org.springframework:spring-expression:$springVersion",
+            "org.springframework:spring-expression:$springVersion"
-            "org.springframework:spring-jdbc:$springVersion",
+
-            "org.springframework:spring-tx:$springVersion",
+    optional "net.sf.ehcache:ehcache:$ehcacheVersion",
-            "org.aspectj:aspectjrt:$aspectjVersion",
+             'javax.annotation:jsr250-api:1.0',
-            'javax.annotation:jsr250-api:1.0'
+             "org.aspectj:aspectjrt:$aspectjVersion",
             "org.springframework:spring-jdbc:$springVersion",
             "org.springframework:spring-tx:$springVersion"
    testCompile 'commons-collections:commons-collections:3.2',
                "org.springframework:spring-test:$springVersion",
@ -36,9 +37,6 @@ classes.doLast {
    }
 }
 sourceSets.main.compileClasspath += cryptoClasses
 sourceSets.test.compileClasspath += cryptoClasses
 sourceJar.from cryptoProject.sourceSets.main.java
 test {
--- a/gradle/javaprojects.gradle
+++ b/gradle/javaprojects.gradle
@ -1,5 +1,9 @@
 apply plugin: 'java'
 apply plugin: 'eclipse'
 apply plugin: 'propdeps'
 apply plugin: 'propdeps-maven'
 apply plugin: 'propdeps-idea'
 apply plugin: 'propdeps-eclipse'
 sourceCompatibility = 1.5
 targetCompatibility = 1.5
@ -56,17 +60,6 @@ ext.bundlorProperties = [
    aopAllianceRange: '[1.0.0, 2.0.0)'
 ]
 configurations {
    // Configuration which is ONLY used for compileJava and will not be inherited by any others
    // Revisit post Gradle 1.0
    compileOnly
    // Used to identify deps which should be marked as "provided" in maven poms
    provided
    testCompile.extendsFrom provided
    compile.transitive = false
    testCompile.transitive = false
 }
 // Integration test setup
 configurations {
    integrationTestCompile {
@ -92,9 +85,8 @@ task integrationTest(type: Test, dependsOn: jar) {
    classpath = sourceSets.integrationTest.runtimeClasspath
    maxParallelForks = 1
 }
 dependencies {
-    compileOnly 'commons-logging:commons-logging:1.1.1'
+    optional 'commons-logging:commons-logging:1.1.1'
    compile ("org.springframework:spring-core:$springVersion") {
        exclude(group: 'commons-logging', module: 'commons-logging')
@ -112,9 +104,6 @@ dependencies {
 [configurations.runtime, configurations.default]*.exclude(module: 'commons-logging')
 sourceSets.main.compileClasspath += configurations.compileOnly
 sourceSets.main.compileClasspath += configurations.provided
 [compileJava, compileTestJava]*.options*.encoding = 'UTF-8'
 test {
@ -131,7 +120,6 @@ def guessMaxForks() {
 javadoc {
    title = "Spring Security $version API"
    source = sourceSets.main.allJava
    classpath +=  configurations.compileOnly + configurations.provided
    options {
        memberLevel = org.gradle.external.javadoc.JavadocMemberLevel.PROTECTED
        author = true
--- a/gradle/maven-deployment.gradle
+++ b/gradle/maven-deployment.gradle
@ -20,52 +20,21 @@ dependencies {
    deployerJars "org.springframework.build.aws:org.springframework.build.aws.maven:3.0.0.RELEASE"
 }
 // Remove the archive configuration from the runtime configuration, so that anything added to archives
 // (such as the source jar) is no longer included in the runtime classpath
 configurations.default.extendsFrom = [configurations.runtime] as Set
 // Add the main jar into the default configuration
 artifacts { 'default' jar }
 install {
    customizePom(repositories.mavenInstaller.pom, project)
 }
 def customizePom(pom, gradleProject) {
    def optionalDeps = ['ehcache', 'log4j', 'apacheds-core', 'jsp-api', 'jsr250-api', 'ldapsdk', 'aspectjrt', 'aspectjweaver']
    pom.scopeMappings.addMapping(10, configurations.provided, 'provided')
    pom.whenConfigured { p ->
-        // Remove test scope dependencies from published poms
+        p.dependencies.findAll{ it.scope == "optional" }.each {
-        p.dependencies = p.dependencies.findAll {it.scope != 'test'}
+            it.scope = "compile"
-
+            it.optional = true
        // Flag optional deps
        p.dependencies.findAll { dep ->
            optionalDeps.contains(dep.artifactId) ||
            dep.groupId.startsWith('org.apache.directory') ||
            dep.groupId.startsWith('org.slf4j')
        }*.optional = true
        // Hack for specific case of config module
        if (p.artifactId == 'spring-security-config') {
            p.dependencies.find { dep -> dep.artifactId == 'spring-security-ldap'}.optional = true
            p.dependencies.find { dep -> dep.artifactId == 'spring-ldap-core'}.optional = true
            p.dependencies.find { dep -> dep.groupId.startsWith "org.apache.directory" }*.optional = true
            p.dependencies.find { dep -> dep.artifactId == 'spring-security-web'}.optional = true
            p.dependencies.find { dep -> dep.artifactId == 'spring-security-openid'}.optional = true
            p.dependencies.find { dep -> dep.artifactId == 'guice'}.optional = true
            p.dependencies.find { dep -> dep.artifactId == 'openid4java-nodeps'}.optional = true
            p.dependencies.find { dep -> dep.artifactId == 'spring-jdbc'}.optional = true
            p.dependencies.find { dep -> dep.artifactId == 'spring-tx'}.optional = true
            p.dependencies.find { dep -> dep.artifactId == 'spring-web'}.optional = true
        }
-
+        // sort to make pom dependencies order consistent to ease comparison of older poms
-        if (p.artifactId == 'spring-security-core') {
+        p.dependencies = p.dependencies.sort { dep ->
-            p.dependencies.find { dep -> dep.artifactId == 'spring-jdbc'}.optional = true
+            "$dep.scope:$dep.optional:$dep.groupId:$dep.artifactId"
            p.dependencies.find { dep -> dep.artifactId == 'spring-tx'}.optional = true
            p.dependencies.removeAll { dep -> dep.artifactId == 'spring-security-crypto' }
        }
    }
    pom.project {
        name = gradleProject.name
        description = gradleProject.name
@ -93,12 +62,6 @@ def customizePom(pom, gradleProject) {
                email = 'rwinch@vmware.com'
            }
        }
        repositories {
            repository {
                id 'spring-milestone'
                url 'http://repo.springsource.org/libs-milestone'
            }
        }
        dependencies {
            dependency {
                artifactId = groupId = 'commons-logging'
@ -112,11 +75,13 @@ def customizePom(pom, gradleProject) {
 task generatePom {
    group = 'Build'
-    description = 'Generates the Maven pom.xml'
+    description = 'Generates a Maven pom.xml'
-    ext.generatedPomFileName = 'pom.xml'
+    ext.generatedPomFileName = "pom.xml"
    onlyIf { install.enabled }
-    inputs.files('**/*.gradle')
+    inputs.files(fileTree(project.rootProject.rootDir).include("**/*.gradle").files)
    inputs.files(new File(project.rootProject.rootDir, Project.GRADLE_PROPERTIES))
    outputs.files(generatedPomFileName)
    doLast() {
@ -124,5 +89,4 @@ task generatePom {
        customizePom(p, project)
        p.writeTo(generatedPomFileName)
    }
 }
--- a/itest/context/itest-context.gradle
+++ b/itest/context/itest-context.gradle
@ -12,6 +12,6 @@ dependencies {
    testCompile project(':spring-security-web'),
                "org.apache.tomcat:tomcat-servlet-api:$servletApiVersion",
                "org.springframework:spring-web:$springVersion"
-    testRuntime project(':spring-security-config')
+    testRuntime project(':spring-security-config'),
-
+                "org.aspectj:aspectjweaver:$aspectjVersion"
 }
--- a/ldap/ldap.gradle
+++ b/ldap/ldap.gradle
@ -4,13 +4,15 @@ dependencies {
    compile project(':spring-security-core'),
            "org.springframework:spring-beans:$springVersion",
            "org.springframework:spring-context:$springVersion",
-            "org.springframework:spring-tx:$springVersion",
+            "org.springframework:spring-tx:$springVersion"
-            'ldapsdk:ldapsdk:4.1'
+
-    apacheds_libs.collect {
+    optional "org.apache.directory.server:apacheds-core:$apacheDsVersion",
-        compile (it) {
+             "org.apache.directory.server:apacheds-core-entry:$apacheDsVersion",
-            exclude group: 'org.slf4j'
+             "org.apache.directory.server:apacheds-protocol-shared:$apacheDsVersion",
-        }
+             "org.apache.directory.server:apacheds-protocol-ldap:$apacheDsVersion",
-    }
+             "org.apache.directory.server:apacheds-server-jndi:$apacheDsVersion",
             'org.apache.directory.shared:shared-ldap:0.9.15',
             'ldapsdk:ldapsdk:4.1'
    compile ("org.springframework.ldap:spring-ldap-core:$springLdapVersion") {
        exclude(group: 'commons-logging', module: 'commons-logging')
--- a/samples/cas/sample/cassample.gradle
+++ b/samples/cas/sample/cassample.gradle
@ -35,7 +35,8 @@ dependencies {
    runtime project(':spring-security-web'),
            project(':spring-security-config'),
            "org.slf4j:jcl-over-slf4j:$slf4jVersion",
-            "ch.qos.logback:logback-classic:$logbackVersion"
+            "ch.qos.logback:logback-classic:$logbackVersion",
            "net.sf.ehcache:ehcache:$ehcacheVersion"
    integrationTestCompile project(':spring-security-cas'),
                   "org.seleniumhq.selenium:selenium-htmlunit-driver:$seleniumVersion",
--- a/samples/contacts/contacts.gradle
+++ b/samples/contacts/contacts.gradle
@ -3,10 +3,6 @@
 apply plugin: 'war'
 apply plugin: 'jetty'
 configurations {
    runtime.exclude module: 'jsr250-api'
    runtime.exclude group: 'org.aspectj'
 }
 dependencies {
    providedCompile "org.apache.tomcat:tomcat-servlet-api:$servletApiVersion"
@ -26,10 +22,12 @@ dependencies {
            project(':spring-security-taglibs'),
            "org.springframework:spring-context-support:$springVersion",
            "javax.servlet:jstl:$jstlVersion",
            "net.sf.ehcache:ehcache:$ehcacheVersion",
            "hsqldb:hsqldb:$hsqlVersion",
            "org.slf4j:jcl-over-slf4j:$slf4jVersion",
            "ch.qos.logback:logback-classic:$logbackVersion"
    optional "net.sf.ehcache:ehcache:$ehcacheVersion"
 }
 jettyRun {
--- a/samples/dms/dms.gradle
+++ b/samples/dms/dms.gradle
@ -10,7 +10,7 @@ dependencies {
    runtime project(':spring-security-config'),
            "hsqldb:hsqldb:$hsqlVersion",
            "net.sf.ehcache:ehcache:$ehcacheVersion",
            "org.springframework:spring-context-support:$springVersion"
    optional "net.sf.ehcache:ehcache:$ehcacheVersion"
 }