sentry-kotlin-multiplatform icon indicating copy to clipboard operation
sentry-kotlin-multiplatform copied to clipboard
verified publisher icon getsentry

Too easy to get mixed SDK versions when using with Android Gradle plugin

Open boringcactus opened this issue 4 months ago • 6 comments

Platform

Apple, Android

Installed

CocoaPods

Version

0.18.0

Steps to Reproduce

  1. Install latest version of sentry-kmp Gradle plugin (0.18.0, uses Java SDK 8.17.0) and latest version of sentry-android Gradle plugin (5.9.0, defaults to Java SDK 8.19.0)

Expected Result

Android app does not crash on Sentry init.

Actual Result

Android app crashes on Sentry init due to mixed SDK versions 8.17.0 and 8.19.0.

Hardcoding autoInstallation { sentryVersion = "8.17.0" } in the sentry-android config works, until sentry-kmp upgrades its Sentry Java SDK version again, and now that needs to be manually synchronized on every sentry-kmp update, and there’s not even a straightforward way to test for it.

There has to be a better way. I tried like a dozen different Gradle mechanisms to override the sentry-kmp Java SDK version, including some with the sentry-java BOM, but none of them worked. Dynamically retrieving sentry-kmp’s Java SDK version wound up working, but only with far too much Gradle wrestling.

far too much Gradle wrestling 
autoInstallation {
    sentryVersion = provider {
        val bareKMPConfig = configurations.detachedConfiguration(libs.sentry.kmp.get())
        val resolvedDependencies = bareKMPConfig.incoming.resolutionResult
        val resolvedModuleVersions =
            resolvedDependencies.allComponents.mapNotNull { it.moduleVersion }
        val transitiveSentryCore =
            resolvedModuleVersions.find { it.module.toString() == "io.sentry:sentry" }
        checkNotNull(transitiveSentryCore) {
                "Could not find io.sentry:sentry among ${resolvedModuleVersions.joinToString(prefix = "[", postfix = "]")}"
            }
            .version
    }
}

I would love to be able to delete that. If there was a way to make sentry-android automatically use the same Java SDK version as sentry-kmp with zero configuration, that’d be the ideal fix; if there was a well-documented manual config step to get that behavior, that’d be close enough; if there was at least a way to check at build time for mixed SDK versions, that’d still be an improvement.

boringcactus avatar Aug 21 '25 15:08 boringcactus

KMP-68 Too easy to get mixed SDK versions when using with Android Gradle plugin

linear[bot] avatar Aug 21 '25 15:08 linear[bot]

In your Sentry Android Gradle Plugin you can use the following to disable installation which prevents Sentry Android SDK dependency conflicts.

sentry {
    autoInstallation {
      enabled = false
    }
}

This is also documented here: https://docs.sentry.io/platforms/kotlin/guides/kotlin-multiplatform/debug-symbols/#gradle

buenaflor avatar Aug 22 '25 10:08 buenaflor

Wouldn’t that mean losing the okhttp/compose/etc integrations, though?

boringcactus avatar Aug 25 '25 15:08 boringcactus

This prevents adding e.g the okhttp dependency automatically but the instrumentation is still controlled under the "tracing" option

Which means you'll have to add the okhttp dep etc manually but that's about it

buenaflor avatar Aug 25 '25 17:08 buenaflor

If I add the okhttp dependency manually, wouldn’t I still need to carefully keep its version synchronized with the Java SDK used by sentry-kmp?

boringcactus avatar Sep 02 '25 16:09 boringcactus

@boringcactus yes, that's right. You could potentially use Gradle's enforcedPlatform with the Sentry BOM to ensure all of the Sentry dependencies in the graph use the same version. Just need to make sure you're not enforcing it to the version newer than the one sentry-kmp is currently using (which can also result into binary/source incompatibility) .

I know it's not ideal, we'll brainstorm how we can improve the things here.

romtsn avatar Sep 04 '25 10:09 romtsn