Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Workaround: Avoid reporting BOMs among dependencies to prevent dependency graphs explosion #6435

Merged
merged 2 commits into from
Sep 12, 2023
Merged

Workaround: Avoid reporting BOMs among dependencies to prevent dependency graphs explosion #6435

merged 2 commits into from
Sep 12, 2023

Conversation

sdedic
Copy link
Member

@sdedic sdedic commented Sep 11, 2023

Gradle NB tooling now reports BOMs as regular dependencies and its contents as dependencies. This causes dependency graph explosion as BOMs are used in many intermediate dependencies and the project API explodes the tree eagerly.

For proper function, a change in Dependency API is probably needed, so the client is able to identify BOMs (some flag on output), or exclude them entirely (some additional filter at input) - and to allow lazy creation of dependency tree levels, so that client can avoid the explosion which now happens in project dependency core impl.

For now, it is more safe not to return children of BOMs; it will not affect normal dependencies as BOMs just help to select version of a library.

@sdedic sdedic added Gradle [ci] enable "build tools" tests VSCode Extension [ci] enable VSCode Extension tests labels Sep 11, 2023
@sdedic sdedic added this to the NB20 milestone Sep 11, 2023
@sdedic sdedic self-assigned this Sep 11, 2023
lkishalmi
lkishalmi approved these changes Sep 11, 2023
View reviewed changes
Copy link
Contributor

@lkishalmi lkishalmi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. Thanks!

@MartinBalin MartinBalin merged commit f48f91e into apache:master Sep 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lkishalmi lkishalmi lkishalmi approved these changes

@MartinBalin MartinBalin MartinBalin approved these changes

Assignees

@sdedic sdedic

Labels
Gradle [ci] enable "build tools" tests VSCode Extension [ci] enable VSCode Extension tests
Projects
None yet
Milestone
NB20
Development

Successfully merging this pull request may close these issues.
3 participants
@sdedic @lkishalmi @MartinBalin