GitHub Join us on Slack Join us on Discord Ask on Stack Overflow

Upgrade transitive Gradle or Maven dependencies

org.openrewrite.java.dependencies.UpgradeTransitiveDependencyVersion

Upgrades the version of a transitive dependency in a Maven pom.xml or Gradle build.gradle. Leaves direct dependencies unmodified. Can be paired with the regular Upgrade Dependency Version recipe to upgrade a dependency everywhere, regardless of whether it is direct or transitive.

Recipe source

GitHub, Issue Tracker, Maven Central

  • groupId: org.openrewrite.recipe

  • artifactId: rewrite-java-dependencies

  • version: 1.7.0

Options

TypeNameDescriptionExample

String

groupId

The first part of a dependency coordinate 'org.apache.logging.log4j:ARTIFACT_ID:VERSION'.

org.apache.logging.log4j

String

artifactId

The second part of a dependency coordinate 'org.apache.logging.log4j:log4j-bom:VERSION'.

log4j-bom

String

version

An exact version number or node-style semver selector used to select the version number.

latest.release

String

scope

Optional. An optional scope to use for the dependency management tag. Relevant only to Maven. Valid options: import, runtime, provided, test

import

String

type

Optional. An optional type to use for the dependency management tag. Relevant only to Maven builds. Valid options: jar, pom, war

pom

String

classifier

Optional. An optional classifier to use for the dependency management tag. Relevant only to Maven.

test

String

versionPattern

Optional. Allows version selection to be extended beyond the original Node Semver semantics. So for example,Setting 'version' to "25-29" can be paired with a metadata pattern of "-jre" to select 29.0-jre

-jre

Boolean

releasesOnly

Optional. Whether to exclude snapshots from consideration when using a semver selector

String

onlyIfUsing

Optional. Only add managed dependencies to projects having a dependency matching the expression.

org.apache.logging.log4j:log4j*

Boolean

addToRootPom

Optional. Add to the root pom where root is the eldest parent of the pom within the source set.

Usage

This recipe has required configuration parameters. Recipes with required configuration parameters cannot be activated directly. To activate this recipe you must create a new recipe which fills in the required parameters. In your rewrite.yml create a new recipe with a unique name. For example: com.yourorg.UpgradeTransitiveDependencyVersionExample. Here's how you can define and customize such a recipe within your rewrite.yml:

rewrite.yml
---
type: specs.openrewrite.org/v1beta/recipe
name: com.yourorg.UpgradeTransitiveDependencyVersionExample
displayName: Upgrade transitive Gradle or Maven dependencies example
recipeList:
  - org.openrewrite.java.dependencies.UpgradeTransitiveDependencyVersion:
      groupId: org.apache.logging.log4j
      artifactId: log4j-bom
      version: latest.release
      scope: import
      type: pom
      classifier: test
      versionPattern: '-jre'
      onlyIfUsing: org.apache.logging.log4j:log4j*

Now that com.yourorg.UpgradeTransitiveDependencyVersionExample has been defined activate it and take a dependency on org.openrewrite.recipe:rewrite-java-dependencies:1.7.0 in your build file:

  1. Add the following to your build.gradle file:

build.gradle
plugins {
    id("org.openrewrite.rewrite") version("6.12.0")
}

rewrite {
    activeRecipe("com.yourorg.UpgradeTransitiveDependencyVersionExample")
}

repositories {
    mavenCentral()
}

dependencies {
    rewrite("org.openrewrite.recipe:rewrite-java-dependencies:1.7.0")
}

  1. Run gradle rewriteRun to run the recipe.

See how this recipe works across multiple open-source repositories

The community edition of the Moderne platform enables you to easily run recipes across thousands of open-source repositories.

Please contact Moderne for more information about safely running the recipes on your own codebase in a private SaaS.

PreviousUpgrade Gradle or Maven dependency versionsNextSearch

Last updated