We Keep Coding

How to exclude library from dependencies?

I have a gradle project with several modules in it. In the main module I have id "io.spring.dependency-management" plugin. In the adapters module I have dependency on the main one implementation project(":main") with runtimeOnly 'io.r2dbc:r2dbc-postgresql in dependency block, which pulls 0.8.12.RELEASE version of the r2dc-postgresql driver.
Now I want to use 0.8.13.RELEASE verision of the driver, so I simply added runtimeOnly 'io.r2dbc:r2dbc-postgresql:0.8.13.RELEASE to the dependency declaration, but now I have two versions of this library in external libraries section (0.8.12.RELEASE and 0.8.13.RELEASE), but ./gradlew adapters:dependencies displays only 0.8.13.RELEASE version.
How to find out where 0.8.12.RELEASE is coming from now and remove it?
I tried
exlude(group = 'io.r2dbc', module = 'r2dbc-postgresql')
but it didn't work

have you had a look at e.g.:
https://docs.gradle.org/current/userguide/resolution_rules.html
or
How to exclude library from all dependencies in Kotlin DSL build.gradle?
or
What does this "all*.exclude" means in Gradle transitive dependency?

Some of the gradle dependency needs to be declared twice to be available for the microservice. Why?

I have build.gradle in a common project which is been shared by other microservices and each microservice has its own build.gradle also.
There is one dependency as 'org.springframework.boot:spring-boot-starter-security'
This is added in build.gradle of common project(Project A) and is been consumed by other project(Project B). The issue is the service throws error and we need to add the same dependency ('org.springframework.boot:spring-boot-starter-security') in build.gradle of Project B also.
Do someone know the reason behind it ?

Excluding a specific package from a dependency in Gradle

I have a dependency in one of my project
implementation (group: 'com.ibm.cloud', name: 'ibmcloudsql-jdbc', version: '2.5.34')
I want to specifically exclude a package from this jar, i.e
com.ibm.cloud.sdk.core.http
Is there a way? I already tried this but did not work.
implementation (group: 'com.ibm.cloud', name: 'ibmcloudsql-jdbc', version: '2.5.34'){
exclude module: 'com.ibm.cloud.sdk.core.http'
}

You can't use dependency management to remove part of a dependency - with dependency management it's either the complete dependency or no dependency (and this is not limited to gradle - other dependency managers / build systems like maven or ivy also don't have this feature).
The exclude module can only be used to prevent inclusion of transitive dependencies (i.e. you need dependency com.xy:A and com.xy:A declares that it also needs com.xy:B - with exclude module you can prevent the inclusion com.xy:B)
It might be possible to create your own version of that dependency by manually removing the package com.ibm.cloud.sdk.core.http from the jar itself and adding that modified jar file to your project.

Do we need "io.spring.dependency-management" gradle plugin when already using id "org.springframework.boot" plugin

What happens when spring-boot plugin is added to Gradle project? Why do we need to explicitly include spring.dependency-management plugin also.?
plugins {
id "org.springframework.boot" version "2.1.5.RELEASE"
id 'io.spring.dependency-management' version '1.0.8.RELEASE'
}

Since Gradle 5+ supports BOM files, you don't need the dependency-management plugin anymore. The spring boot plugin is still needed to provide tasks such as bootJar and bootRun. Here's a minimal build.gradle that should work:
buildscript {
ext {
springBootVersion = '2.2.4.RELEASE'
}
}
repositories {
mavenCentral()
}
plugins {
id 'java'
id 'org.springframework.boot' version "${springBootVersion}"
}
dependencies {
implementation platform("org.springframework.boot:spring-boot-dependencies:${springBootVersion}")
implementation 'org.springframework.boot:spring-boot-starter'
implementation 'org.springframework.boot:spring-boot-starter-webflux'
testImplementation('org.springframework.boot:spring-boot-starter-test') {
exclude group: 'org.junit.vintage', module: 'junit-vintage-engine'
}
}

Why Spring Boot Gradle Plugin
To paraphrase Spring Boot Gradle Plugin Reference Guide:
The Spring Boot Gradle Plugin provides Spring Boot support in Gradle. It allows you to package executable jar or war archives, run Spring Boot applications, and use the dependency management provided by spring-boot-dependencies.
The key point to note is, apart from providing Spring Boot support, it enables the use of dependency management through spring-boot-dependencies. But...
Why Spring Dependency Management Plugin
The spring-boot-dependencies BOM enables dependency management.
Which means:
IF you omit the version for a dependency you declare:
AND it is a managed dependency (ie listed in the BOM with version):
THEN (provided you apply the spring-boot-dependencies plugin) you get to enjoy dependency management like in Maven
To get the dependencies bom in your project you have to apply the dependency-management plugin in concert with the Spring boot gradle plugin. Again to paraphrase
When you apply the io.spring.dependency-management plugin, Spring
Boot’s plugin will automatically import the spring-boot-dependencies
bom from the version of Spring Boot that you are using.
Why one or the other?
If you need Spring Boot support, you want that plugin.
In addition, if you want managed dependencies (as explained above), you want the dependency-management plugin.
Another way to have dependency constraints
The dependency-management plugin is one way to import the Spring Boot bill of materials (BOM).
Another way (supported by Gradle 5 and up) is to import recommended dependency versions from a BOM as dependency constraints in Gradle. The "platform" (dependency handler method) is used to import the BOM.
dependencies {
// Load BOM for Spring Boot.
implementation(platform("org.springframework.boot:spring-boot-dependencies:2.3.0.RELEASE"))
}
Using either way of dependency management, you can specify your dependencies without an explicit version, as below:
dependencies {
implementation 'org.springframework.boot:spring-boot-starter-data-mongodb'
}

The migration guide gives some hints about this:
Spring Boot’s Gradle plugin no longer automatically applies the dependency management plugin. Instead, Spring Boot’s plugin now reacts to the dependency management plugin being applied by importing the correct version of the spring-boot-dependencies BOM. This gives you more control over how and when dependency management is configured.
For most applications applying the dependency management plugin will be sufficient:
apply plugin: 'org.springframework.boot'
apply plugin: 'io.spring.dependency-management' // <-- add this to your build.gradle
Note:
The dependency management plugin remains a transitive dependency of spring-boot-gradle-plugin so there’s no need for it to be listed as a classpath dependency in your buildscript configuration.
https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-2.0-Migration-Guide#dependency-management

Gradle dependencies of local dependency

So let's say I have project A, which requires certain dependencies. And I have project B, which has project A as one of its dependencies. So I have the following code in project B's build.gradle:
project B's build.gradle:
dependencies {
compile files("projectA_dir/build/libs/projectA.jar")
}
However, since Gradle does not include project A's dependencies in projectA.jar by default. I was wondering if there's a way to let project B successfully compile project A without creating a fatjar for project A.

The jar file doesn't contain the transitive dependencies and doesn't have a pom file which describes the dependencies used by the module.
It means that, if you are importing a jar file using compile files you have to specify the dependencies also in your project.
You should use a maven repository, private or public, to avoid the issue.
In this case, gradle downloads the dependencies using the pom file which will contains the dependencies list.