Skip to content

Safer dependencies #4670

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 20 commits into from
Dec 13, 2021
Merged

Safer dependencies #4670

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
20 commits
Select commit Hold shift + click to select a range
db60a2f
Upgrade flexbox to 3.0.0
bmarty Dec 9, 2021
101f322
Add explicit dependency location for jcenter
bmarty Dec 9, 2021
934d325
Add explicit dependency location for olm library
bmarty Dec 9, 2021
45ee39f
Add a TODO
bmarty Dec 9, 2021
abfaa03
Add explicit dependency location for jitpack.io
bmarty Dec 9, 2021
2b6618a
Add explicit dependency location for jitsi
bmarty Dec 9, 2021
ced159b
Add explicit dependency location for google
bmarty Dec 9, 2021
6162509
Cleanup
bmarty Dec 9, 2021
3604b1c
Add explicit dependency location for mavencentral
bmarty Dec 9, 2021
c32c0f8
Add missing dependency to run lint
bmarty Dec 9, 2021
f69f303
Add missing dependency to compile Android tests
bmarty Dec 9, 2021
29837d4
Alerter is now on Jitpack
bmarty Dec 9, 2021
0df11fc
Remove unused dependency videocache
bmarty Dec 9, 2021
b1f7800
Add comment
bmarty Dec 9, 2021
1267468
Add missing dependency for ktlint
bmarty Dec 9, 2021
01cc7b7
Changelog
bmarty Dec 9, 2021
c514a3b
Enhance include groups implementation by decoupling them to a separat…
ariskotsomitopoulos Dec 10, 2021
45ff069
Rename the file to group them
bmarty Dec 10, 2021
a71f241
Common struct for each maven repo
bmarty Dec 10, 2021
7c2ed46
Remove jcenter from here, let's see what the CI will say
bmarty Dec 10, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
64 changes: 34 additions & 30 deletions build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,11 @@
// Top-level build file where you can add configuration options common to all sub-projects/modules.

buildscript {

apply from: 'dependencies.gradle'
apply from: 'dependencies_groups.gradle'

repositories {
google()
jcenter()
maven {
url "https://plugins.gradle.org/m2/"
}
Expand Down Expand Up @@ -37,45 +36,50 @@ allprojects {
apply plugin: "org.jlleitschuh.gradle.ktlint"

repositories {
// For olm library. This has to be declared first, to ensure that Olm library is not downloaded from another repo
maven { url 'https://gitlab.matrix.org/api/v4/projects/27/packages/maven' }

// For olm library.
maven {
url 'https://gitlab.matrix.org/api/v4/projects/27/packages/maven'
content {
groups.olm.regex.each { includeGroupByRegex it }
groups.olm.group.each { includeGroup it }
}
}
maven {
url 'https://jitpack.io'
content {
// Use this repo only for FilePicker
includeGroupByRegex "com\\.github\\.jaiselrahman"
// And monarchy
includeGroupByRegex "com\\.github\\.Zhuinden"
// And ucrop
includeGroupByRegex "com\\.github\\.yalantis"
// JsonViewer
includeGroupByRegex 'com\\.github\\.BillCarsonFr'
// PhotoView
includeGroupByRegex 'com\\.github\\.chrisbanes'
// PFLockScreen-Android
includeGroupByRegex 'com\\.github\\.vector-im'
// DraggableView
includeGroupByRegex 'com\\.github\\.hyuwah'

// Chat effects
includeGroupByRegex 'com\\.github\\.jetradarmobile'
includeGroupByRegex 'nl\\.dionsegijn'

// Voice RecordView
includeGroupByRegex 'com\\.github\\.Armen101'
groups.jitpack.regex.each { includeGroupByRegex it }
groups.jitpack.group.each { includeGroup it }
}
}
maven { url 'https://oss.sonatype.org/content/repositories/snapshots/' }
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am not sure why it has been added at first place, but it seems not necessary anymore 🤞

// Jitsi repo
maven {
url "https://github.com./vector-im/jitsi_libre_maven/raw/main/android-sdk-3.10.0"
// Note: to test Jitsi release you can use a local file like this:
// url "file:///Users/bmarty/workspaces/jitsi_libre_maven/android-sdk-3.10.0"
content {
groups.jitsi.regex.each { includeGroupByRegex it }
groups.jitsi.group.each { includeGroup it }
}
}
google {
content {
groups.google.regex.each { includeGroupByRegex it }
groups.google.group.each { includeGroup it }
}
}
mavenCentral {
content {
groups.mavenCentral.regex.each { includeGroupByRegex it }
groups.mavenCentral.group.each { includeGroup it }
}
}
//noinspection JcenterRepositoryObsolete
jcenter {
content {
groups.jcenter.regex.each { includeGroupByRegex it }
groups.jcenter.group.each { includeGroup it }
}
}
google()
mavenCentral()
jcenter()
}

tasks.withType(org.jetbrains.kotlin.gradle.tasks.KotlinCompile).all {
Expand Down
1 change: 1 addition & 0 deletions changelog.d/4670.misc
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Add explicit dependency location, regarding the several maven repository. Also update some libraries (flexbox and alerter), and do some cleanup.
200 changes: 200 additions & 0 deletions dependencies_groups.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,200 @@
ext.groups = [
jitpack : [
regex: [
],
group: [
'com.github.Armen101',
'com.github.BillCarsonFr',
'com.github.chrisbanes',
'com.github.hyuwah',
'com.github.jetradarmobile',
'com.github.tapadoo',
'com.github.vector-im',
'com.github.yalantis',
'com.github.Zhuinden',
]
],
olm : [
regex: [
],
group: [
'org.matrix.android',
]
],
jitsi : [
regex: [
],
group: [
'com.facebook.react',
'org.jitsi.react',
'org.webkit',
]
],
google : [
regex: [
'androidx\\..*',
'com\\.android\\.tools\\..*',
'com\\.google\\.android\\..*',
],
group: [
'com.google.firebase',
'com.android',
'com.android.tools',
]
],
mavenCentral: [
regex: [
],
group: [
'com.adevinta.android',
'com.airbnb.android',
'com.almworks.sqlite4java',
'com.arthenica',
'com.atlassian.commonmark',
'com.atlassian.pom',
'com.beust',
'com.davemorrissey.labs',
'com.dropbox.core',
'com.facebook.fresco',
'com.facebook.infer.annotation',
'com.facebook.soloader',
'com.facebook.stetho',
'com.fasterxml',
'com.fasterxml.jackson',
'com.fasterxml.jackson.core',
'com.gabrielittner.threetenbp',
'com.getkeepsafe.relinker',
'com.github.bumptech.glide',
'com.github.filippudak',
'com.github.filippudak.progresspieview',
'com.github.javaparser',
'com.github.piasy',
'com.github.shyiko.klob',
'com.google',
'com.google.auto.service',
'com.google.auto.value',
'com.google.code.findbugs',
'com.google.code.gson',
'com.google.dagger',
'com.google.devtools.ksp',
'com.google.errorprone',
'com.google.googlejavaformat',
'com.google.guava',
'com.google.j2objc',
'com.google.jimfs',
'com.google.protobuf',
'com.google.zxing',
'com.googlecode.htmlcompressor',
'com.googlecode.json-simple',
'com.googlecode.libphonenumber',
'com.ibm.icu',
'com.jakewharton.android.repackaged',
'com.jakewharton.timber',
'com.linkedin.dexmaker',
'com.nulab-inc',
'com.otaliastudios.opengl',
'com.parse.bolts',
'com.pinterest',
'com.pinterest.ktlint',
'com.squareup',
'com.squareup.duktape',
'com.squareup.moshi',
'com.squareup.okhttp3',
'com.squareup.okio',
'com.squareup.retrofit2',
'com.sun.activation',
'com.sun.istack',
'com.sun.xml.bind',
'com.sun.xml.bind.mvn',
'com.sun.xml.fastinfoset',
'com.thoughtworks.qdox',
'com.vanniktech',
'commons-cli',
'commons-codec',
'commons-io',
'commons-logging',
'info.picocli',
'io.arrow-kt',
'io.github.detekt.sarif4k',
'io.github.reactivecircus.flowbinding',
'io.jsonwebtoken',
'io.kindedj',
'io.mockk',
'io.noties.markwon',
'io.reactivex.rxjava2',
'io.realm',
'it.unimi.dsi',
'jakarta.activation',
'jakarta.xml.bind',
'javax.annotation',
'javax.inject',
'jline',
'jp.wasabeef',
'junit',
'me.leolin',
'me.saket',
'net.bytebuddy',
'net.java',
'net.java.dev.jna',
'net.lachlanmckee',
'net.ltgt.gradle.incap',
'net.sf.jopt-simple',
'net.sf.kxml',
'nl.dionsegijn',
'org.amshove.kluent',
'org.apache',
'org.apache.ant',
'org.apache.commons',
'org.apache.httpcomponents',
'org.apache.sanselan',
'org.bouncycastle',
'org.checkerframework',
'org.codehaus',
'org.codehaus.groovy',
'org.codehaus.mojo',
'org.eclipse.ee4j',
'org.ec4j.core',
'org.glassfish.jaxb',
'org.hamcrest',
'org.jetbrains',
'org.jetbrains.intellij.deps',
'org.jetbrains.kotlin',
'org.jetbrains.kotlinx',
'org.jsoup',
'org.junit',
'org.junit.jupiter',
'org.junit.platform',
'org.jvnet.staxex',
'org.mockito',
'org.mongodb',
'org.objenesis',
'org.opentest4j',
'org.ow2',
'org.ow2.asm',
'org.ow2.asm',
'org.reactivestreams',
'org.robolectric',
'org.slf4j',
'org.sonatype.oss',
'org.testng',
'org.threeten',
'xerces',
'xml-apis',
]
],
jcenter : [
regex: [
],
group: [
'com.amulyakhare',
'com.otaliastudios',
'com.yqritc',
// https://github.com./cmelchior/realmfieldnameshelper/issues/42
'dk.ilios',
'im.dlg',
'me.dm7.barcodescanner',
'me.gujun.android',
]
]
]

10 changes: 2 additions & 8 deletions vector/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -317,11 +317,6 @@ android {
}
}

configurations {
// videocache includes a sl4j logger which causes mockk to attempt to call the static android Log
testImplementation.exclude group: 'org.slf4j', module: 'slf4j-android'
}
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As I removed videocache, I thought I could remove this as well. But maybe double check with @ouchadam first. And I just see that it's still needed: https://github.com./vector-im/element-android/pull/4670/files#diff-f6dc61a00090b6fc204667d7934e656dbb78c8bb0dc14f95468dd57b4300a8caR177

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if videocache is removed then removing this is also fine 👍 (the unit tests will fail if not)


dependencies {

implementation project(":matrix-sdk-android")
Expand Down Expand Up @@ -398,7 +393,7 @@ dependencies {
implementation libs.markwon.html
implementation 'com.googlecode.htmlcompressor:htmlcompressor:1.5.2'
implementation 'me.saket:better-link-movement-method:2.2.0'
implementation 'com.google.android:flexbox:2.0.1'
implementation 'com.google.android.flexbox:flexbox:3.0.0'
implementation libs.androidx.autoFill
implementation 'jp.wasabeef:glide-transformations:4.3.0'
implementation 'com.github.vector-im:PFLockScreen-Android:1.0.0-beta12'
Expand All @@ -415,7 +410,7 @@ dependencies {
implementation 'com.arthenica:ffmpeg-kit-audio:4.5.LTS'

// Alerter
implementation 'com.tapadoo.android:alerter:7.0.1'
implementation 'com.github.tapadoo:alerter:7.2.4'

implementation 'com.otaliastudios:autocomplete:1.1.0'

Expand All @@ -433,7 +428,6 @@ dependencies {

implementation libs.github.glide
kapt libs.github.glideCompiler
implementation 'com.danikula:videocache:2.7.1'
implementation 'com.github.yalantis:ucrop:2.2.7'

// Badge for compatibility
Expand Down
5 changes: 0 additions & 5 deletions vector/src/main/assets/open_source_licenses.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -333,11 +333,6 @@ <h3>
<br/>
Copyright 2012 Square, Inc.
</li>
<li>
<b>videocache</b>
<br/>
Copyright 2014-2017 Alexey Danilov
</li>
<li>
<b>ShortcutBadger</b>
<br/>
Expand Down
2 changes: 1 addition & 1 deletion vector/src/main/java/im/vector/app/features/popup/PopupAlertManager.kt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,7 +104,7 @@ class PopupAlertManager @Inject constructor() {
// we want to remove existing popup on previous activity and display it on new one
if (currentAlerter != null) {
weakCurrentActivity?.get()?.let {
Alerter.clearCurrent(it, null)
Alerter.clearCurrent(it, null, null)
if (currentAlerter?.isLight == false) {
setLightStatusBar()
}
Expand Down