How do I generate gradle.lockfile in multi-module project? I have attempted to follow https://docs.gradle.org/current/userguide/dependency_locking.html So I have added following to my top-level build.gradle.kts

buildscript {

….

dependencyLocking {

lockMode = LockMode.STRICT

lockAllConfigurations()

}

}

Also added following task

tasks.register("resolveAndLockAll") {

notCompatibleWithConfigurationCache("Filters configurations at execution time")

doFirst {

require(gradle.startParameter.isWriteDependencyLocks) { "$path must be run from the command line with the

--write-locks` flag" }`

}

doLast {

configurations.filter {

// Add any custom filtering on the configurations to be resolved

it.isCanBeResolved

}.forEach { it.resolve() }

}

}

When I execute task ./gradlew resolveAndLockAll --write-locks It does create lock file settings-gradle.lockfile , buildscript-gradle.lockfile However, buildscript-gradle.lockfile is not listing all dependencies — example one of my module feature_networking depends on - com.squareup.okhttp3:okhttp but I don’t see that dependency in the lockfile. However, same package depends on com.google.code.gson:gson and I see dependency like this: com.google.code.gsongson2.10=classpath in the lockfile. Is it wrong to expect that lockfile should list all package dependencies? - Do you I need to rebuild the app and then generate the lockfile?

If you only enable dependency locking for the configurations in the buildscript block, you only enable locking for the concfigurations in the buildscript block. That gson is appearing in your lockfile is just because one of the plugins you use has a dependency on it.

I am trying to understand how do I get task -- resolveAndLockAll to go through all module dependency and create one unified gradle.lockfile. Are you saying I should be skipping this part, I tried that, it didn't do the trick.

// Add any custom filtering on the configurations to be resolved

it.isCanBeResolved

No, what I say is, that you only lock that buildscript configurations, so only the dependencies used in your buildscript and plugins, but you do not lock your production configurations.