-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathbuild.gradle.kts
More file actions
100 lines (86 loc) · 3.86 KB
/
build.gradle.kts
File metadata and controls
100 lines (86 loc) · 3.86 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
/*
* Copyright (c) 2024 - 2025 Ping Identity Corporation. All rights reserved.
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
import com.adarshr.gradle.testlogger.TestLoggerExtension
import com.adarshr.gradle.testlogger.theme.ThemeType
plugins {
//trick: for the same plugin versions in all sub-modules
alias(libs.plugins.androidApplication) apply false
alias(libs.plugins.kotlinAndroid) apply false
alias(libs.plugins.jetbrainsKotlinJvm) apply false
alias(libs.plugins.androidLibrary) apply false
alias(libs.plugins.testLogger) apply false
alias(libs.plugins.nexusPublish)
alias(libs.plugins.dokka)
}
//According to https://github.com/gradle-nexus/publish-plugin
//It is important to set the group and the version to the root project, so the plugin can detect if
// it is a snapshot version or not in order to select the correct repository where artifacts will be published.
group = "com.pingidentity.sdks"
version = System.getenv("RELEASE_TAG_NAME") ?: "0.0.0"
nexusPublishing {
repositories {
sonatype {
username = System.getenv("OSS_USERNAME") //Token Id
password = System.getenv("OSS_PASSWORD") //Token
//stagingProfileId = System.getenv("OSS_STAGING_PROFILE_ID")
nexusUrl.set(uri("https://ossrh-staging-api.central.sonatype.com/service/local/"))
snapshotRepositoryUrl.set(uri("https://central.sonatype.com/repository/maven-snapshots/"))
}
}
}
allprojects {
configurations.all {
resolutionStrategy {
// Due to vulnerability [WS-2022-0468] from dokka project.
force("com.fasterxml.jackson.module:jackson-module-kotlin:2.15.0")
force("com.fasterxml.jackson.dataformat:jackson-dataformat-xml:2.15.0")
force("com.fasterxml.jackson.core:jackson-databind:2.15.0")
// Force secure version of netty-codec to address security vulnerabilities
// Used transitively by com.android.tools.emulator:proto
// Updated to 4.1.125.Final per Mend SCA recommendation (Nov 2025)
force("io.netty:netty-codec:4.1.125.Final")
force("io.netty:netty-codec-http:4.1.125.Final")
force("io.netty:netty-codec-http2:4.1.125.Final")
force("io.netty:netty-all:4.1.125.Final")
// Force secure version of protobuf to address security vulnerabilities
// Used transitively by various Google dependencies
// Updated to 4.29.2 (latest stable) which fixes CVE-2024-7254 and all known CVEs
force("com.google.protobuf:protobuf-java:4.29.2")
force("com.google.protobuf:protobuf-kotlin:4.29.2")
force("com.google.protobuf:protobuf-javalite:4.29.2")
force("com.google.protobuf:protobuf-kotlin-lite:4.29.2")
// Force secure version of play-services-basement to address security vulnerabilities
// Used transitively by recaptcha client
// Updated to 18.0.2 which fixes CVE-2022-2390
force("com.google.android.gms:play-services-basement:18.0.2")
// Force secure version of nimbus-jose-jwt to address security vulnerabilities
// Force the existing to fix CVE-2025-53864
force("com.nimbusds:nimbus-jose-jwt:10.5")
}
}
}
subprojects {
apply {
plugin("com.adarshr.test-logger")
}
configure<TestLoggerExtension> {
theme = ThemeType.MOCHA
}
}
// Commend to generate all doc ./gradlew dokkaGenerate
dependencies {
subprojects
.filter {
//it.plugins does not work
val buildFile = it.buildFile
buildFile.exists() && buildFile.readText()
.contains("com.pingidentity.convention.centralPublish")
}
.forEach { subproject ->
dokka(subproject)
}
}