How to add something like a "repository checker"?

I would like to add a method that is called before dependency resolution that checks the active repositories against a given whitelist

(e.g. I don’t want sub-projects that compile on the CI server to just add e.g. “http://untrusted.maven.repository” as a repository).

Is there any “extension point” where I could hook in something like this ?


Hello, you can put something like the following snippet in a plugin or an init script:

        def coporateRepoUrl = ""
        repositories {
            all { ArtifactRepository repo ->
                if (!(repo instanceof MavenArtifactRepository) || repo.url.toString() != coporateRepoUrl) {
                    project.logger.warn "Repository ${repo.url} removed. Only $coporateRepoUrl is allowed"
                    remove repo
            maven { url coporateRepoUrl }

Having this in an init script that is just added to your CI machine would allow your devs to try some things out and define custom repositories in their working copy, but your CI would only use the trusted repository you defined in your init script

cheers, René

Thanks Rene,

that’s exactly what I need.