v10.2.1

Fix for selective dependency updates for global locks.

Fixes this issue, seen in v10.1.0-v10.2.0

v10.2.0

Locks are applied with resolutionStrategy.dependencySubstitution.substitute instead of resolutionStrategy.eachDependency with useVersion to assist with core Gradle alignment platform edges

Core Gradle alignment does not apply useVersion/useTarget to virtual platforms, which make up aligned groups. Instead, this more specific DSL of dependencySubstitution is used and applied to virtual platforms.

For the (admittedly less common) cases where there is a non-locked alignment rule that causes a resolution difference to that seen in the lock file, the resolved version will equal the locked version with Nebula alignment and resolution will fail due to Multiple forces on different versions for virtual platform with core Gradle alignment (causing the user to make a change or update their locks)

Without this change, this case above with core Gradle alignment would result in the locked version and the new aligned version entering conflict resolution and the locked version may no longer be the final resolved version.

v10.2.0-rc.1

Locks are applied with resolutionStrategy.dependencySubstitution.substitute instead of resolutionStrategy.eachDependency with useVersion to assist with core Gradle alignment platform edges

Core Gradle alignment does not apply useVersion/useTarget to virtual platforms, which make up aligned groups. Instead, this more specific DSL of dependencySubstitution is used and applied to virtual platforms.

For the (admittedly less common) cases where there is a non-locked alignment rule that causes a resolution difference to that seen in the lock file, the resolved version will equal the locked version with Nebula alignment and resolution will fail due to Multiple forces on different versions for virtual platform with core Gradle alignment (causing the user to make a change or update their locks)

Without this change, this case above with core Gradle alignment would result in the locked version and the new aligned version entering conflict resolution and the locked version may no longer be the final resolved version.

v10.1.0

Remove the 'requested' field from Nebula lock files

Also keep the previous behavior to drop locks for versions without requested versions during a selective dependency update, but this is now done without using the "requested" field in the lock file. (This improves interaction with resolution strategies that affect first order dependencies without versions, like those provided by dependency recommender and Spring dependency management.)

v10.0.0

Remove features dependencyLock.useGeneratedLock=true and dependencyLock.useGeneratedGlobalLock=true.
Fix the option to customize the lock file name via the extension.

v9.4.1

DependencyLockPlugin: lockConfiguration should change version via useVersion instead of useTarget

v9.4.0

Dependency resolution verifier runs:

• after a build finishes, if it failed
• after a task of type AbstractCompile, DependencyReportTask, or DependencyInsightReportTask completes

and it will share info about dependencies which failed to resolve or are missing versions

and is safe across project boundaries

It's also now in Kotlin

v9.3.0

• Remove pmd from configuration for global locks

v9.2.0

Improve performance of core locking configuration.

v9.1.0

Task configuration avoidance for generate and save lock tasks

Uses Gradle 6.5