diff --git a/app/build.gradle b/app/build.gradle index 44f821837..a99c75538 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -1,19 +1,3 @@ -// Allow installing Gradle plugins from the Mozilla Maven repositories -buildscript { - repositories { - maven { - url "https://nightly.maven.mozilla.org/maven2" - } - maven { - url "https://maven.mozilla.org/maven2" - } - - dependencies { - classpath "org.mozilla.components:tooling-glean-gradle:${Versions.mozilla_android_components}" - } - } -} - plugins { id "com.jetbrains.python.envs" version "0.0.26" } diff --git a/build.gradle b/build.gradle index 045a19b36..be0fcc461 100644 --- a/build.gradle +++ b/build.gradle @@ -1,10 +1,43 @@ // Top-level build file where you can add configuration options common to all sub-projects/modules. buildscript { + // This logic is duplicated in the allprojects block: I don't know how to fix that. repositories { - google() - jcenter() + maven { + url "https://nightly.maven.mozilla.org/maven2" + content { + // Improve performance: only check moz maven for mozilla deps. + includeGroupByRegex RepoMatching.mozilla + } + } + maven { + url "https://maven.mozilla.org/maven2" + content { + // Improve performance: only check moz maven for mozilla deps. + includeGroupByRegex RepoMatching.mozilla + } + } + google() { + content { + // Improve performance: only check google maven for mozilla deps. + includeGroupByRegex RepoMatching.androidx + includeGroupByRegex RepoMatching.comGoogleAndroid + includeGroupByRegex RepoMatching.comGoogleFirebase + includeGroupByRegex RepoMatching.comAndroid + } + } + jcenter() { + content { + // Improve security: don't search deps with known repos. + excludeGroupByRegex RepoMatching.mozilla + excludeGroupByRegex RepoMatching.androidx + excludeGroupByRegex RepoMatching.comGoogleAndroid + excludeGroupByRegex RepoMatching.comGoogleFirebase + excludeGroupByRegex RepoMatching.comAndroid + } + } } + dependencies { classpath Deps.tools_androidgradle classpath Deps.tools_kotlingradle @@ -12,6 +45,8 @@ buildscript { classpath Deps.allopen classpath Deps.osslicenses_plugin + classpath "org.mozilla.components:tooling-glean-gradle:${Versions.mozilla_android_components}" + // NOTE: Do not place your application dependencies here; they belong // in the individual module build.gradle files } @@ -22,19 +57,43 @@ plugins { } allprojects { + // This logic is duplicated in the buildscript block: I don't know how to fix that. repositories { - google() maven { url "https://nightly.maven.mozilla.org/maven2" + content { + // Improve performance: only check moz maven for mozilla deps. + includeGroupByRegex RepoMatching.mozilla + } } maven { url "https://maven.mozilla.org/maven2" + content { + // Improve performance: only check moz maven for mozilla deps. + includeGroupByRegex RepoMatching.mozilla + } } - maven { - url "https://repo.leanplum.com/" + google() { + content { + // Improve performance: only check google maven for google deps. + includeGroupByRegex RepoMatching.androidx + includeGroupByRegex RepoMatching.comGoogleAndroid + includeGroupByRegex RepoMatching.comGoogleFirebase + includeGroupByRegex RepoMatching.comAndroid + } + } + jcenter() { + content { + // Improve security: don't search deps with known repos. + excludeGroupByRegex RepoMatching.mozilla + excludeGroupByRegex RepoMatching.androidx + excludeGroupByRegex RepoMatching.comGoogleAndroid + excludeGroupByRegex RepoMatching.comGoogleFirebase + excludeGroupByRegex RepoMatching.comAndroid + } } - jcenter() } + tasks.withType(org.jetbrains.kotlin.gradle.tasks.KotlinCompile).all { kotlinOptions.jvmTarget = "1.8" kotlinOptions.allWarningsAsErrors = true diff --git a/buildSrc/src/main/java/Dependencies.kt b/buildSrc/src/main/java/Dependencies.kt index 627f3aa94..d869c8203 100644 --- a/buildSrc/src/main/java/Dependencies.kt +++ b/buildSrc/src/main/java/Dependencies.kt @@ -213,3 +213,25 @@ object Deps { const val junitParams = "org.junit.jupiter:junit-jupiter-params:${Versions.junit}" const val junitEngine = "org.junit.jupiter:junit-jupiter-engine:${Versions.junit}" } + +/** + * Functionality to limit specific dependencies to specific repositories. These are typically expected to be used by + * dependency group name (i.e. with `include/excludeGroup`). For additional info, see: + * https://docs.gradle.org/current/userguide/declaring_repositories.html#sec::matching_repositories_to_dependencies + * + * Note: I wanted to nest this in Deps but for some reason gradle can't find it so it's top-level now. :| + */ +object RepoMatching { + const val mozilla = "org\\.mozilla\\..*" + const val androidx = "androidx\\..*" + const val comAndroid = "com\\.android\\..*" + const val comGoogleFirebase = "com\\.google\\.firebase" + + /** + * A matcher for com.google.android.* with one exception: the espresso-contrib dependency includes the + * accessibility-test-framework dependency, which is not available in the google repo. As such, we must + * explicitly exclude it from this regex so it can be found on jcenter. Note that the transitive dependency + * com.google.guava is also not available on google's repo. + */ + const val comGoogleAndroid = "com\\.google\\.android\\.(?!apps\\.common\\.testing\\.accessibility\\.framework).*" +}