gradle-best-practices-plugin
gradle-best-practices-plugin copied to clipboard
autonomousapps
False positive reports for safe Project properties
Not all allprojects accesses are evil. If you look at how CrossProjectModelAccess creates ProblemReportingProject instances, they actually list all the properties that are unsafe. These can be indentified by looking at the onAccess() calls.
Here are a few examples which are safe:
- Project.toString
- Project.name
- Project.path
- Project.rootDir
- Project.displayName
- Project.childProjects
- Project.findProject
- Project.parent
- Project.rootProject
So essentially it's safe to navigate the hierarchy of projects, as long as we don't access anything that requires potential evaluation of the project.
I know this might be a bit of a feature, but even a best-effort trivial implementation of some kind of data flow analysis would be nice.
Example safe use case (based on the above restrictions):
project.tasks.register<Task>("allDependencies") {
val projects = project.rootProject.allprojects.sortedBy { it.path }
doFirst {
println(projects.joinToString(prefix = "Printing dependencies for modules:\n", separator = "\n") { " * ${it}" })
}
dependsOn(projects.map { "${it.path}:dependencies" })
}
Current report (above code resides in gradle/plugins/src/main/kotlin/root.gradle.kts:
root_gradle$2#invoke(Ljava.lang.Object;)Ljava.lang.Object; ->
root_gradle$2#invoke(Lorg.gradle.api.Task;)V ->
org.gradle.api.Project#getAllprojects()Ljava.util.Set;
Thanks for the issue. This isn't something I'd be willing to spend time working on. I personally feel that it is too subtle to have high value for the vast majority of projects. However, PRs would be welcome.
