From mobile apps to microservices, from small startups to big enterprises, Gradle helps teams build, automate and deliver better software, faster.

Gradle Community

Well, that's always the problem you have with transitive dependencies.

If you want to minimise this for your own interdependent projects, I guess publishing a platform and / or version catalog as lib is probably one of the better options, and then all those projects can depend on this platform and / or version catalog.

This is a great idea! Reading through <https://docs.gradle.org/current/userguide/platforms.html>

We have developed Pierrot for exactly this problem with the internal libraries. One of the functions is to bump the internal library versions and to do plan upgrades (e.g. you can't simply bump JUnit from 4.x to 5.x nevertheless Snyk or Dependabot is telling you).

We are keeping the versions in `gradle.properties` so it's easy to run text replacements. And as <@URQ797WRW> suggested we use BOMs to force the versions.

<https://agorapulse.github.io/pierrot/#_replace|https://agorapulse.github.io/pierrot/#_replace>

