[Gradle] Configure transitive dependencies via ComponentMetadataRules #134169
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
breskeby
added
>non-issue
:Delivery/Build
breskeby
changed the title
|
Pinging @elastic/es-delivery (Team:Delivery) |
ℹ️ Important: Docs version tagging👋 Thanks for updating the docs! Just a friendly reminder that our docs are now cumulative. This means all 9.x versions are documented on the same page and published off of the main branch, instead of creating separate pages for each minor version. We use applies_to tags to mark version-specific features and changes. Expand for a quick overviewWhen to use applies_to tags:✅ At the page level to indicate which products/deployments the content applies to (mandatory) What NOT to do:❌ Don't remove or replace information that applies to an older version 🤔 Need help?
|
breskeby
force-pushed
the
rework-transitive-deps-handling
branch
2 times, most recently
from
82f2d5f to
a5d7913
Compare
elasticsearchmachine
added
v8.18.8
v9.1.5
v8.19.5
v9.0.8
and removed
v8.18.7
v9.1.4
v8.19.4
v9.0.7
labels
breskeby
changed the title
breskeby
force-pushed
the
rework-transitive-deps-handling
branch
from
fcab26f to
58c5dc5
Compare
breskeby
changed the title
breskeby
commented
Sep 11, 2025
| testImplementation buildLibs.asm | ||
| integTestImplementation buildLibs.asm | ||
| api(buildLibs.snakeyaml) | ||
| api("org.slf4j:slf4j-api:2.0.6") { |
There was a problem hiding this comment.
as part of this I tried to get rid of some of the 8 slf4j-api dependencies we use in our build by aligning some versions used in the build tools and third party plugins
breskeby
commented
Sep 11, 2025
| // Apache Log4j dependencies | ||
| // We want to remove log4j-api compile only dependency on biz.aQute.bnd and org.osgi group but | ||
| // keep other compile only dependencies like spotbugs, errorprone and jspecify | ||
| components.withModule("org.apache.logging.log4j:log4j-api", ExcludeByGroup.class, config -> { |
There was a problem hiding this comment.
Preparing for #132166
breskeby
commented
Sep 12, 2025
| buildscript { | ||
| dependencies { | ||
| constraints { | ||
| classpath "org.slf4j:slf4j-api:2.0.6" |
There was a problem hiding this comment.
Align slf4j version here so we can get rid of some of the many versions listed in verification metadata
|
Thanks, this is great. Though, I'm not familiar enough to review the implementation. |
breskeby
added a commit
to breskeby/elasticsearch
that referenced
this pull request
Sep 15, 2025
…elastic#134169) This introduces ComponentMetadataRulesPlugin that contains declarative logic for dealing with transitive dependencies on a per dependency level. Ulitmately we want more finegrained control over our dependencies without loosing information about transitive dependencies. The initial list of the applied component metadata rules will be more finegrained over time. Initially this is mostly a reflection of how we brought in dependencies before by basically making the transitive dependencies we identified as required where added as direct dependency. I started looking through the existing dependencies applyging the following pattern: if no problematic transitive dependency detected, do not apply any component meta data rule. if only non group dependencies have been problematic, use ExcludeOtherGroupsTransitiveRule which allows transitive dependencies brought with the same groupId as the parent but excludes all others. Otherwise exclude all transitive dependencies by applying ExcludeAllTransitivesRule We will add more specific rules in the future as we see the need to "fix' component metadata of thirdparty dependencies. This change replaces our plain transitive = false approach for non elasticsearch dependencies Historically we have solved dealing with transitive dependencies and component metadata in this regard by just ignoring it and bringing in dependencies explicitly. This results in weaker control what we bring in and why loose information why a dependency is needed and how its tight ot another dependency on the classpath transitive behavior differed in different context as we only have applied transitivity Furthermore the way we have configured transitive = false for each dependency resulted in other problems when using other newer Gradle APIs like test suites.
💔 Backport failed
You can use sqren/backport to manually backport by running |
breskeby
added a commit
to breskeby/elasticsearch
that referenced
this pull request
Sep 15, 2025
…elastic#134169) This introduces ComponentMetadataRulesPlugin that contains declarative logic for dealing with transitive dependencies on a per dependency level. Ulitmately we want more finegrained control over our dependencies without loosing information about transitive dependencies. The initial list of the applied component metadata rules will be more finegrained over time. Initially this is mostly a reflection of how we brought in dependencies before by basically making the transitive dependencies we identified as required where added as direct dependency. I started looking through the existing dependencies applyging the following pattern: if no problematic transitive dependency detected, do not apply any component meta data rule. if only non group dependencies have been problematic, use ExcludeOtherGroupsTransitiveRule which allows transitive dependencies brought with the same groupId as the parent but excludes all others. Otherwise exclude all transitive dependencies by applying ExcludeAllTransitivesRule We will add more specific rules in the future as we see the need to "fix' component metadata of thirdparty dependencies. This change replaces our plain transitive = false approach for non elasticsearch dependencies Historically we have solved dealing with transitive dependencies and component metadata in this regard by just ignoring it and bringing in dependencies explicitly. This results in weaker control what we bring in and why loose information why a dependency is needed and how its tight ot another dependency on the classpath transitive behavior differed in different context as we only have applied transitivity Furthermore the way we have configured transitive = false for each dependency resulted in other problems when using other newer Gradle APIs like test suites. (cherry picked from commit a0e6ea1) # Conflicts: # test/fixtures/url-fixture/build.gradle
breskeby
added a commit
to breskeby/elasticsearch
that referenced
this pull request
Sep 15, 2025
…elastic#134169) This introduces ComponentMetadataRulesPlugin that contains declarative logic for dealing with transitive dependencies on a per dependency level. Ulitmately we want more finegrained control over our dependencies without loosing information about transitive dependencies. The initial list of the applied component metadata rules will be more finegrained over time. Initially this is mostly a reflection of how we brought in dependencies before by basically making the transitive dependencies we identified as required where added as direct dependency. I started looking through the existing dependencies applyging the following pattern: if no problematic transitive dependency detected, do not apply any component meta data rule. if only non group dependencies have been problematic, use ExcludeOtherGroupsTransitiveRule which allows transitive dependencies brought with the same groupId as the parent but excludes all others. Otherwise exclude all transitive dependencies by applying ExcludeAllTransitivesRule We will add more specific rules in the future as we see the need to "fix' component metadata of thirdparty dependencies. This change replaces our plain transitive = false approach for non elasticsearch dependencies Historically we have solved dealing with transitive dependencies and component metadata in this regard by just ignoring it and bringing in dependencies explicitly. This results in weaker control what we bring in and why loose information why a dependency is needed and how its tight ot another dependency on the classpath transitive behavior differed in different context as we only have applied transitivity Furthermore the way we have configured transitive = false for each dependency resulted in other problems when using other newer Gradle APIs like test suites. (cherry picked from commit a0e6ea1) # Conflicts: # test/fixtures/url-fixture/build.gradle
breskeby
added a commit
to breskeby/elasticsearch
that referenced
this pull request
Sep 15, 2025
…elastic#134169) This introduces ComponentMetadataRulesPlugin that contains declarative logic for dealing with transitive dependencies on a per dependency level. Ulitmately we want more finegrained control over our dependencies without loosing information about transitive dependencies. The initial list of the applied component metadata rules will be more finegrained over time. Initially this is mostly a reflection of how we brought in dependencies before by basically making the transitive dependencies we identified as required where added as direct dependency. I started looking through the existing dependencies applyging the following pattern: if no problematic transitive dependency detected, do not apply any component meta data rule. if only non group dependencies have been problematic, use ExcludeOtherGroupsTransitiveRule which allows transitive dependencies brought with the same groupId as the parent but excludes all others. Otherwise exclude all transitive dependencies by applying ExcludeAllTransitivesRule We will add more specific rules in the future as we see the need to "fix' component metadata of thirdparty dependencies. This change replaces our plain transitive = false approach for non elasticsearch dependencies Historically we have solved dealing with transitive dependencies and component metadata in this regard by just ignoring it and bringing in dependencies explicitly. This results in weaker control what we bring in and why loose information why a dependency is needed and how its tight ot another dependency on the classpath transitive behavior differed in different context as we only have applied transitivity Furthermore the way we have configured transitive = false for each dependency resulted in other problems when using other newer Gradle APIs like test suites. (cherry picked from commit a0e6ea1) # Conflicts: # test/fixtures/url-fixture/build.gradle
💚 All backports created successfully
Questions ?Please refer to the Backport tool documentation |
elasticsearchmachine
pushed a commit
that referenced
this pull request
Sep 15, 2025
…#134169) (#134710) This introduces ComponentMetadataRulesPlugin that contains declarative logic for dealing with transitive dependencies on a per dependency level. Ulitmately we want more finegrained control over our dependencies without loosing information about transitive dependencies. The initial list of the applied component metadata rules will be more finegrained over time. Initially this is mostly a reflection of how we brought in dependencies before by basically making the transitive dependencies we identified as required where added as direct dependency. I started looking through the existing dependencies applyging the following pattern: if no problematic transitive dependency detected, do not apply any component meta data rule. if only non group dependencies have been problematic, use ExcludeOtherGroupsTransitiveRule which allows transitive dependencies brought with the same groupId as the parent but excludes all others. Otherwise exclude all transitive dependencies by applying ExcludeAllTransitivesRule We will add more specific rules in the future as we see the need to "fix' component metadata of thirdparty dependencies. This change replaces our plain transitive = false approach for non elasticsearch dependencies Historically we have solved dealing with transitive dependencies and component metadata in this regard by just ignoring it and bringing in dependencies explicitly. This results in weaker control what we bring in and why loose information why a dependency is needed and how its tight ot another dependency on the classpath transitive behavior differed in different context as we only have applied transitivity Furthermore the way we have configured transitive = false for each dependency resulted in other problems when using other newer Gradle APIs like test suites.
breskeby
added a commit
to breskeby/elasticsearch
that referenced
this pull request
Sep 16, 2025
…elastic#134169) This introduces ComponentMetadataRulesPlugin that contains declarative logic for dealing with transitive dependencies on a per dependency level. Ulitmately we want more finegrained control over our dependencies without loosing information about transitive dependencies. The initial list of the applied component metadata rules will be more finegrained over time. Initially this is mostly a reflection of how we brought in dependencies before by basically making the transitive dependencies we identified as required where added as direct dependency. I started looking through the existing dependencies applyging the following pattern: if no problematic transitive dependency detected, do not apply any component meta data rule. if only non group dependencies have been problematic, use ExcludeOtherGroupsTransitiveRule which allows transitive dependencies brought with the same groupId as the parent but excludes all others. Otherwise exclude all transitive dependencies by applying ExcludeAllTransitivesRule We will add more specific rules in the future as we see the need to "fix' component metadata of thirdparty dependencies. This change replaces our plain transitive = false approach for non elasticsearch dependencies Historically we have solved dealing with transitive dependencies and component metadata in this regard by just ignoring it and bringing in dependencies explicitly. This results in weaker control what we bring in and why loose information why a dependency is needed and how its tight ot another dependency on the classpath transitive behavior differed in different context as we only have applied transitivity Furthermore the way we have configured transitive = false for each dependency resulted in other problems when using other newer Gradle APIs like test suites. (cherry picked from commit a0e6ea1) # Conflicts: # test/fixtures/url-fixture/build.gradle
mridula-s109
pushed a commit
to mridula-s109/elasticsearch
that referenced
this pull request
Sep 17, 2025
…elastic#134169) This introduces ComponentMetadataRulesPlugin that contains declarative logic for dealing with transitive dependencies on a per dependency level. Ulitmately we want more finegrained control over our dependencies without loosing information about transitive dependencies. The initial list of the applied component metadata rules will be more finegrained over time. Initially this is mostly a reflection of how we brought in dependencies before by basically making the transitive dependencies we identified as required where added as direct dependency. I started looking through the existing dependencies applyging the following pattern: if no problematic transitive dependency detected, do not apply any component meta data rule. if only non group dependencies have been problematic, use ExcludeOtherGroupsTransitiveRule which allows transitive dependencies brought with the same groupId as the parent but excludes all others. Otherwise exclude all transitive dependencies by applying ExcludeAllTransitivesRule We will add more specific rules in the future as we see the need to "fix' component metadata of thirdparty dependencies. This change replaces our plain transitive = false approach for non elasticsearch dependencies Historically we have solved dealing with transitive dependencies and component metadata in this regard by just ignoring it and bringing in dependencies explicitly. This results in weaker control what we bring in and why loose information why a dependency is needed and how its tight ot another dependency on the classpath transitive behavior differed in different context as we only have applied transitivity Furthermore the way we have configured transitive = false for each dependency resulted in other problems when using other newer Gradle APIs like test suites.
breskeby
added a commit
that referenced
this pull request
Sep 18, 2025
…taRules (#134169) (#134714) * [Gradle] Configure transitive dependencies via ComponentMetadataRules (#134169) This introduces ComponentMetadataRulesPlugin that contains declarative logic for dealing with transitive dependencies on a per dependency level. Ulitmately we want more finegrained control over our dependencies without loosing information about transitive dependencies. The initial list of the applied component metadata rules will be more finegrained over time. Initially this is mostly a reflection of how we brought in dependencies before by basically making the transitive dependencies we identified as required where added as direct dependency. I started looking through the existing dependencies applyging the following pattern: if no problematic transitive dependency detected, do not apply any component meta data rule. if only non group dependencies have been problematic, use ExcludeOtherGroupsTransitiveRule which allows transitive dependencies brought with the same groupId as the parent but excludes all others. Otherwise exclude all transitive dependencies by applying ExcludeAllTransitivesRule We will add more specific rules in the future as we see the need to "fix' component metadata of thirdparty dependencies. This change replaces our plain transitive = false approach for non elasticsearch dependencies Historically we have solved dealing with transitive dependencies and component metadata in this regard by just ignoring it and bringing in dependencies explicitly. This results in weaker control what we bring in and why loose information why a dependency is needed and how its tight ot another dependency on the classpath transitive behavior differed in different context as we only have applied transitivity Furthermore the way we have configured transitive = false for each dependency resulted in other problems when using other newer Gradle APIs like test suites. (cherry picked from commit a0e6ea1) # Conflicts: # test/fixtures/url-fixture/build.gradle * Fix merge conflicts
breskeby
added a commit
to breskeby/elasticsearch
that referenced
this pull request
Sep 18, 2025
…elastic#134169) This introduces ComponentMetadataRulesPlugin that contains declarative logic for dealing with transitive dependencies on a per dependency level. Ulitmately we want more finegrained control over our dependencies without loosing information about transitive dependencies. The initial list of the applied component metadata rules will be more finegrained over time. Initially this is mostly a reflection of how we brought in dependencies before by basically making the transitive dependencies we identified as required where added as direct dependency. I started looking through the existing dependencies applyging the following pattern: if no problematic transitive dependency detected, do not apply any component meta data rule. if only non group dependencies have been problematic, use ExcludeOtherGroupsTransitiveRule which allows transitive dependencies brought with the same groupId as the parent but excludes all others. Otherwise exclude all transitive dependencies by applying ExcludeAllTransitivesRule We will add more specific rules in the future as we see the need to "fix' component metadata of thirdparty dependencies. This change replaces our plain transitive = false approach for non elasticsearch dependencies Historically we have solved dealing with transitive dependencies and component metadata in this regard by just ignoring it and bringing in dependencies explicitly. This results in weaker control what we bring in and why loose information why a dependency is needed and how its tight ot another dependency on the classpath transitive behavior differed in different context as we only have applied transitivity Furthermore the way we have configured transitive = false for each dependency resulted in other problems when using other newer Gradle APIs like test suites. (cherry picked from commit a0e6ea1) # Conflicts: # test/fixtures/url-fixture/build.gradle
breskeby
added a commit
to breskeby/elasticsearch
that referenced
this pull request
Sep 18, 2025
…elastic#134169) This introduces ComponentMetadataRulesPlugin that contains declarative logic for dealing with transitive dependencies on a per dependency level. Ulitmately we want more finegrained control over our dependencies without loosing information about transitive dependencies. The initial list of the applied component metadata rules will be more finegrained over time. Initially this is mostly a reflection of how we brought in dependencies before by basically making the transitive dependencies we identified as required where added as direct dependency. I started looking through the existing dependencies applyging the following pattern: if no problematic transitive dependency detected, do not apply any component meta data rule. if only non group dependencies have been problematic, use ExcludeOtherGroupsTransitiveRule which allows transitive dependencies brought with the same groupId as the parent but excludes all others. Otherwise exclude all transitive dependencies by applying ExcludeAllTransitivesRule We will add more specific rules in the future as we see the need to "fix' component metadata of thirdparty dependencies. This change replaces our plain transitive = false approach for non elasticsearch dependencies Historically we have solved dealing with transitive dependencies and component metadata in this regard by just ignoring it and bringing in dependencies explicitly. This results in weaker control what we bring in and why loose information why a dependency is needed and how its tight ot another dependency on the classpath transitive behavior differed in different context as we only have applied transitivity Furthermore the way we have configured transitive = false for each dependency resulted in other problems when using other newer Gradle APIs like test suites. (cherry picked from commit a0e6ea1) # Conflicts: # test/fixtures/url-fixture/build.gradle
breskeby
added a commit
that referenced
this pull request
Sep 18, 2025
…aRules (#134169) (#134712) * [Gradle] Configure transitive dependencies via ComponentMetadataRules (#134169) This introduces ComponentMetadataRulesPlugin that contains declarative logic for dealing with transitive dependencies on a per dependency level. Ulitmately we want more finegrained control over our dependencies without loosing information about transitive dependencies. The initial list of the applied component metadata rules will be more finegrained over time. Initially this is mostly a reflection of how we brought in dependencies before by basically making the transitive dependencies we identified as required where added as direct dependency. I started looking through the existing dependencies applyging the following pattern: if no problematic transitive dependency detected, do not apply any component meta data rule. if only non group dependencies have been problematic, use ExcludeOtherGroupsTransitiveRule which allows transitive dependencies brought with the same groupId as the parent but excludes all others. Otherwise exclude all transitive dependencies by applying ExcludeAllTransitivesRule We will add more specific rules in the future as we see the need to "fix' component metadata of thirdparty dependencies. This change replaces our plain transitive = false approach for non elasticsearch dependencies Historically we have solved dealing with transitive dependencies and component metadata in this regard by just ignoring it and bringing in dependencies explicitly. This results in weaker control what we bring in and why loose information why a dependency is needed and how its tight ot another dependency on the classpath transitive behavior differed in different context as we only have applied transitivity Furthermore the way we have configured transitive = false for each dependency resulted in other problems when using other newer Gradle APIs like test suites. (cherry picked from commit a0e6ea1) # Conflicts: # test/fixtures/url-fixture/build.gradle * Fix merge conflicts * Fix ec2 transitive deps
breskeby
added a commit
to breskeby/elasticsearch
that referenced
this pull request
Sep 18, 2025
…elastic#134169) This introduces ComponentMetadataRulesPlugin that contains declarative logic for dealing with transitive dependencies on a per dependency level. Ulitmately we want more finegrained control over our dependencies without loosing information about transitive dependencies. The initial list of the applied component metadata rules will be more finegrained over time. Initially this is mostly a reflection of how we brought in dependencies before by basically making the transitive dependencies we identified as required where added as direct dependency. I started looking through the existing dependencies applyging the following pattern: if no problematic transitive dependency detected, do not apply any component meta data rule. if only non group dependencies have been problematic, use ExcludeOtherGroupsTransitiveRule which allows transitive dependencies brought with the same groupId as the parent but excludes all others. Otherwise exclude all transitive dependencies by applying ExcludeAllTransitivesRule We will add more specific rules in the future as we see the need to "fix' component metadata of thirdparty dependencies. This change replaces our plain transitive = false approach for non elasticsearch dependencies Historically we have solved dealing with transitive dependencies and component metadata in this regard by just ignoring it and bringing in dependencies explicitly. This results in weaker control what we bring in and why loose information why a dependency is needed and how its tight ot another dependency on the classpath transitive behavior differed in different context as we only have applied transitivity Furthermore the way we have configured transitive = false for each dependency resulted in other problems when using other newer Gradle APIs like test suites. (cherry picked from commit a0e6ea1) # Conflicts: # test/fixtures/url-fixture/build.gradle
breskeby
added a commit
that referenced
this pull request
Sep 18, 2025
…taRules (#134169) (#134715) * [Gradle] Configure transitive dependencies via ComponentMetadataRules (#134169) This introduces ComponentMetadataRulesPlugin that contains declarative logic for dealing with transitive dependencies on a per dependency level. Ulitmately we want more finegrained control over our dependencies without loosing information about transitive dependencies. The initial list of the applied component metadata rules will be more finegrained over time. Initially this is mostly a reflection of how we brought in dependencies before by basically making the transitive dependencies we identified as required where added as direct dependency. I started looking through the existing dependencies applyging the following pattern: if no problematic transitive dependency detected, do not apply any component meta data rule. if only non group dependencies have been problematic, use ExcludeOtherGroupsTransitiveRule which allows transitive dependencies brought with the same groupId as the parent but excludes all others. Otherwise exclude all transitive dependencies by applying ExcludeAllTransitivesRule We will add more specific rules in the future as we see the need to "fix' component metadata of thirdparty dependencies. This change replaces our plain transitive = false approach for non elasticsearch dependencies Historically we have solved dealing with transitive dependencies and component metadata in this regard by just ignoring it and bringing in dependencies explicitly. This results in weaker control what we bring in and why loose information why a dependency is needed and how its tight ot another dependency on the classpath transitive behavior differed in different context as we only have applied transitivity Furthermore the way we have configured transitive = false for each dependency resulted in other problems when using other newer Gradle APIs like test suites. (cherry picked from commit a0e6ea1) # Conflicts: # test/fixtures/url-fixture/build.gradle * Fix merge conflicts * Fix dependencies in 8.18
gmjehovich
pushed a commit
to gmjehovich/elasticsearch
that referenced
this pull request
Sep 18, 2025
…elastic#134169) This introduces ComponentMetadataRulesPlugin that contains declarative logic for dealing with transitive dependencies on a per dependency level. Ulitmately we want more finegrained control over our dependencies without loosing information about transitive dependencies. The initial list of the applied component metadata rules will be more finegrained over time. Initially this is mostly a reflection of how we brought in dependencies before by basically making the transitive dependencies we identified as required where added as direct dependency. I started looking through the existing dependencies applyging the following pattern: if no problematic transitive dependency detected, do not apply any component meta data rule. if only non group dependencies have been problematic, use ExcludeOtherGroupsTransitiveRule which allows transitive dependencies brought with the same groupId as the parent but excludes all others. Otherwise exclude all transitive dependencies by applying ExcludeAllTransitivesRule We will add more specific rules in the future as we see the need to "fix' component metadata of thirdparty dependencies. This change replaces our plain transitive = false approach for non elasticsearch dependencies Historically we have solved dealing with transitive dependencies and component metadata in this regard by just ignoring it and bringing in dependencies explicitly. This results in weaker control what we bring in and why loose information why a dependency is needed and how its tight ot another dependency on the classpath transitive behavior differed in different context as we only have applied transitivity Furthermore the way we have configured transitive = false for each dependency resulted in other problems when using other newer Gradle APIs like test suites.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This introduces ComponentMetadataRulesPlugin that contains declarative logic for dealing with transitive dependencies on a per dependency level.
Ulitmately we want more finegrained control over our dependencies without loosing information about transitive dependencies.
The initial list of the applied component metadata rules will be more finegrained over time. Initially this is mostly a reflection of how we brought in dependencies before by basically making the transitive dependencies we identified as required where added as direct dependency.
I started looking through the existing dependencies applyging the following pattern:
ExcludeOtherGroupsTransitiveRulewhich allows transitive dependencies brought with the same groupId as the parent but excludes all others.ExcludeAllTransitivesRuleWe will add more specific rules in the future as we see the need to "fix' component metadata of thirdparty dependencies.
This change replaces our plain
transitive = falseapproach for non elasticsearch dependenciesHistorically we have solved dealing with transitive dependencies and component metadata in this regard by just ignoring it and bringing in dependencies explicitly. This results in
Furthermore the way we have configured transitive = false for each dependency resulted in other problems when using other newer Gradle APIs like test suites.