Whats the best way to exclude burried dependencies in Gradle?

Question

Say, for example, you see this in your dependencies for a Gradle project:

+--- org.springframework.security:spring-security-core: -> 3.2.7.RELEASE
     +--- aopalliance:aopalliance:1.0
     +--- org.springframework:spring-beans:3.2.13.RELEASE -> 4.1.7.RELEASE (*)
     +--- org.springframework:spring-expression:3.2.13.RELEASE -> 4.1.7.RELEASE (*)
     +--- org.springframework:spring-aop:3.2.13.RELEASE -> 4.1.7.RELEASE (*)
     +--- org.springframework:spring-context:3.2.13.RELEASE -> 4.1.7.RELEASE
     |    +--- org.springframework:spring-aop:4.1.7.RELEASE (*)
     |    +--- org.springframework:spring-beans:4.1.7.RELEASE (*)
     |    +--- org.springframework:spring-core:4.1.7.RELEASE (*)
     |    \--- org.springframework:spring-expression:4.1.7.RELEASE (*)
     \--- org.springframework:spring-core:3.2.13.RELEASE -> 4.1.7.RELEASE (*)

Is it possible to exclude org.springframework:spring-expression without first excluding org.springframework:spring-context from org.springframework.security:spring-security-core?

Answer 1

I recommend adding this to your Gradle build, perhaps:

dependencies {
  // Explicitly include spring-expression transitive dependency then manage its dependencies
  compile('org.springframework:spring-context:3.2.13.RELEASE') {
    transitive = false
  }
}

You can also force specific transitive dependencies See Section 52.4.2. Client module dependencies of the Gradle User Guide

Answer 2

In order to exclude a dependency from any configuration use:

 configurations {
   all {
     exclude group: 'org.springframework', module: 'spring-expression'
   }
 }

If want to enforce a specific version of dependency you can use:

 configurations.all {
   resolutionStrategy.eachDependency { DependencyResolveDetails details ->
     if (details.requested.group == 'org.springframework') {
       details.useVersion '3.2.13.RELEASE'
     }
   }
 }

This may help if a transitive dependency gets pulled multiple times with different versions.