Background
We have a multi-project build running the latest version of Gradle, v6.1.1 . Each sub-project declares its own dependencies along with any restrictions necessary for the project to run properly. We wish for all of our code to compile and run with the same dependencies in both testing and production. Yet, we still want each of our sub-project to declare their own dependencies for clarity and modularity.
Issue
As part of our build pipeline we ensure dependency resolution can succeed with proper conflict resolution and then lock all dependencies. However, we recently realized that sub-projects were not compiling with the locked dependencies. This is because each sub-project looks for dependency locks in its own gradle/dependency-locks directory and we are only generating these file in our root project.
For instance we notice discrepancies such as
$ ./gradlew :dependencies | grep this-is:a-dependency | sort -u | head -n1
+--- this-is:a-dependency:2.0
$ ./gradlew :some-subproject:dependencies | grep this-is | sort -u | head -n1
| \--- this-is:a-dependency:1.0
How to Fix?
An improper fix is to create a custom task that copies the root project’s dependency lock directory into each sub-project’s dependency lock directory before compile time. However then various post-processing is necessary to get this to work. These seems messy and non-idiomatic. Is there a more proper way to achieve the desired result?