Locked and non-resolving configurations fail with an error in Gradle 7.x with a single project
Closed this issue · 1 comments
When using Gradle 7.6.4 with a dependency locking enabled and a single project build, the error Locking strict mode: Configuration ':archives' is locked but does not have lock state.
occurs and the build fails. Setting DEPENDENCY_GRAPH_EXCLUDE_CONFIGURATIONS=archives
causes the same error to occur but on the :default
configuration instead.
Running ./gradlew dependencies
shows that both the archives
and default
configurations are non-resolving. The gradle.lockfile
does not include any references to either configuration, likely because they are non-resolving. The problem only occurs in a 'single project build' (e.g. without a settings.gradle
file or where the settings.gradle
file does not include any valid child projects).
Attached is a very simple Gradle project to reproduce the issue:
-
Install the latest version of Gradle 7.x:
gradle wrapper --gradle-version 7.6.4
-
Generate a lockfile:
./gradlew dependencies --write-locks
- Notice that 'archives' and 'default' configurations have an (n) after them, indicating they are non-resolving.
- Notice that the
empty=
line ingradle.lockfile
does not includearchives
ordefault
on theempty=
line. This appears to be correct behavior since they are non-resolving configurations.
-
Run the github-dependency-graph-gradle-plugin using the command from this repo's README. Alternately, using the GitHub dependency submission action causes the same behavior.
./gradlew -I init.gradle --dependency-verification=off --no-configuration-cache --no-configure-on-demand :ForceDependencyResolutionPlugin_resolveAllDependencies
The following error is returned:
Task :ForceDependencyResolutionPlugin_resolveProjectDependencies FAILED
(omitted)
Execution failed for task ':ForceDependencyResolutionPlugin_resolveProjectDependencies'.
Could not resolve all dependencies for configuration ':archives'.
Locking strict mode: Configuration ':archives' is locked but does not have lock state.
Environment details:
openjdk version "1.8.0_402"
OpenJDK Runtime Environment Corretto-8.402.08.1 (build 1.8.0_402-b08)
OpenJDK 64-Bit Server VM Corretto-8.402.08.1 (build 25.402-b08, mixed mode)Windows 11 Version 23H2 (OS Build 22631.3296)
gradle --version (used to initialize the wrapper, but not used for executing the Gradle commands above)
Gradle 8.7
Revision: 650af14d7653aa949fce5e886e685efc9cf97c10
Although this was tested with OpenJDK 8, we observed similar behavior in OpenJDK 17. We've temporarily worked around the issue by including both archives
and default
in the DEPENDENCY_GRAPH_EXCLUDE_CONFIGURATIONS
environment variable, but since we're deploying the Gradle Dependency Submission action throughout the enterprise we'll be encountering a variety of 'single project' Gradle builds that aren't upgraded to 8.x yet.
Thanks for the detailed report and the reproducer. I need to investigate why we're attempting to resolve an unresolvable configuration.