I am fixing CVE so Need to upgrade some dependencies but after upgrade, getting class Not found exception or NoSuchMethodError exception.
How to resolve this situation?
I don’t want to lower the dependency version because of CVE exist in lower versions.
Is there any way to resolve such scenarios ?
Thanks in advance.
If something is using that lib and is not compatible with the new version of the lib you upgrade, you are pretty lost.
Check whether there is also a newer version of the lib that uses that upgraded lib and is compatible with the new version.
If there is none or it is unmaintained, you can fork it and make it compatible with the new version.
Or you can use bytecode-weaving or monkey patching to patch the lib and make the incompatible parts compatible with the upgraded version.
There is no easy way out unless the incompatible lib has an update you can use.
Thanks @Vampire for helping. My questions may be basics but need some help.
Is there any way to check whether missing class or method is available in latest version or not? How to check because there are many new versions are available for each dependency.
Not really, except for looking in the docs of the respective library and checking library that use them for compatibility information.
That’s the usual problem you have when using external dependencies and nothing specific to Gradle.
It can always happen that some dependency needs another dependency and that this other dependency does backwards-incompatible changes that requires an update in the library that uses it.