From be1943394f0c5407330b58ed439088b0f929289a Mon Sep 17 00:00:00 2001 From: Martin Chalupa Date: Tue, 23 Jan 2018 13:34:37 -0800 Subject: [PATCH 1/4] Add documentation of the publication verification plugin --- README.md | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/README.md b/README.md index c16e70a8..765b203b 100644 --- a/README.md +++ b/README.md @@ -232,6 +232,30 @@ Eliminates this boilerplate: } } +### nebula.publish-verification + +Creates a task which runs before actual publication into repositories. It verifies that any of your dependencies don't have +a lower status then your project. E.g. your project has a status `release` but one of your dependencies is `SNAPSHOT`. +The task will prevent the publication until you will depend only on final releases. + +This plugin is automatically applied with `nebula.ivy-publish` or `nebula.maven-publish`. The task itself is a dependence of +tasks with type `PublishToIvyRepository` or `PublishToMavenRepository`. The task will also get hooked to tasks named +`artifactoryPublish` and `artifactoryDeploy` coming from `com.jfrog.artifactory` plugin. If you need any other integration +you have to manually configure relationship in your build file. + +#### How to ignore selected dependencies. + +It might happen that you need to create a release which have to depend on a library which have a lower status. E.g. it +contains critical bug fix or you are early adopter of release candidates. You can exclude those libraries from the +checking process. + + dependencies { + compile 'group:this_will_be_checked:1.0' + compile nebulaPublishVerification.ignore('foo:bar:1.0-SNAPSHOT') + compile nebulaPublishVerification.ignore(group: 'baz', name: 'bax', version: '1.0-SNAPSHOT') + } + + Gradle Compatibility Tested --------------------------- From a7107cad3581a5bede1b6e9d66f495f8d344fac2 Mon Sep 17 00:00:00 2001 From: Martin Chalupa Date: Tue, 23 Jan 2018 13:50:03 -0800 Subject: [PATCH 2/4] Add a note that test dependencies are not verified before publication --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 765b203b..52466484 100644 --- a/README.md +++ b/README.md @@ -236,7 +236,7 @@ Eliminates this boilerplate: Creates a task which runs before actual publication into repositories. It verifies that any of your dependencies don't have a lower status then your project. E.g. your project has a status `release` but one of your dependencies is `SNAPSHOT`. -The task will prevent the publication until you will depend only on final releases. +The task will prevent the publication until you will depend only on final releases. Your test dependencies are NOT verified. This plugin is automatically applied with `nebula.ivy-publish` or `nebula.maven-publish`. The task itself is a dependence of tasks with type `PublishToIvyRepository` or `PublishToMavenRepository`. The task will also get hooked to tasks named From 06b0a5bfc3ae28a7592aa530ce15a756e399c9d9 Mon Sep 17 00:00:00 2001 From: Martin Chalupa Date: Tue, 23 Jan 2018 13:54:18 -0800 Subject: [PATCH 3/4] Explicitly document that publish verification affect only the first level dependencies --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 52466484..ee14397b 100644 --- a/README.md +++ b/README.md @@ -234,8 +234,8 @@ Eliminates this boilerplate: ### nebula.publish-verification -Creates a task which runs before actual publication into repositories. It verifies that any of your dependencies don't have -a lower status then your project. E.g. your project has a status `release` but one of your dependencies is `SNAPSHOT`. +Creates a task which runs before actual publication into repositories. It verifies that any of your direct dependencies don't have +a lower status then your project. E.g. your project has a status `release` but one of your direct dependencies is `SNAPSHOT`. The task will prevent the publication until you will depend only on final releases. Your test dependencies are NOT verified. This plugin is automatically applied with `nebula.ivy-publish` or `nebula.maven-publish`. The task itself is a dependence of From 146bd80e0388706785995251ed664493154cec6d Mon Sep 17 00:00:00 2001 From: Martin Chalupa Date: Wed, 24 Jan 2018 10:57:18 -0800 Subject: [PATCH 4/4] Grammar fixes --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index ee14397b..14a4e4fe 100644 --- a/README.md +++ b/README.md @@ -245,7 +245,7 @@ you have to manually configure relationship in your build file. #### How to ignore selected dependencies. -It might happen that you need to create a release which have to depend on a library which have a lower status. E.g. it +It might happen that you need to create a release which has to depend on a library which has a lower status. E.g. it contains critical bug fix or you are early adopter of release candidates. You can exclude those libraries from the checking process.