Gradle plugin to discover dependency updates
4.1k
Stars
205
Forks
108
Open issues
30
Contributors
AI Analysis
Gradle Versions Plugin discovers and reports available dependency updates and Gradle version upgrades for Gradle-based projects. It serves developers and build engineers who need to systematically track and manage dependency versions across projects. This is a specialized tool for the Gradle build ecosystem and Java/Kotlin development communities, not a general-purpose solution.
Inferred from signals mentioned in the README (tests, CI, type safety) — not a review of the actual code.
AI's overall editorial judgment — not an average of the bars above, can weigh other factors too.
Gradle plugin for discovering dependency updates; foundational tool in Java/Kotlin build ecosystem
Gradle Versions Plugin is a mature, widely-adopted tool for discovering outdated dependencies in Gradle-based projects. It mirrors the Maven Versions Plugin's functionality for the Gradle ecosystem and is used across thousands of projects. The plugin identifies three categories of dependency status: up-to-date, exceeding latest version, and available upgrades. It also checks for Gradle runtime updates. Real-world adoption is well-evidenced; it is now considered an ecosystem standard rather than an optional enhancement.
Created in December 2012 by Ben Manes, the plugin emerged as Gradle's ecosystem matured and teams needed systematic dependency management. It filled a gap left by Maven's mature versions plugin—bringing equivalent functionality to Gradle. Over 13+ years, it has become the reference implementation for dependency update discovery in Gradle builds.
The project gained steady adoption through the 2010s as Gradle became the dominant build tool in the Java/Kotlin ecosystem. Growth plateaued at a high level of embedded usage—most Gradle projects that practice dependency hygiene now include this plugin. The slow recent growth rate (1 star in 7 days as of June 2026) reflects saturation within its intended niche rather than declining relevance: the project is mature and stable, not growth-focused.
High adoption evidence: 4,072 stars (long-held baseline for 10+ years), 205 forks, listed on Gradle Plugin Portal with active distribution. README explicitly documents multiple deployment patterns (plugins block, buildscript block, init scripts) indicating wide installation patterns. Ecosystem references suggest it is a de facto standard—teams building complementary tools (version-catalog-update-plugin, refreshVersions, gradle-upgrade-interactive) assume this plugin as a baseline. Adoption not formally quantified but adoption not verified is inaccurate; this is widely used within the Gradle ecosystem.
Appears to be a single-focused Gradle plugin implemented in Kotlin. Based on README, it provides a `dependencyUpdates` task that queries repositories for available versions, filters them (via `rejectVersionsIf` and `componentSelection` APIs), and generates reports in plaintext, XML, and JSON formats. Likely handles multi-project builds by consolidating reports from subprojects. No implementation details visible from README alone.
Not documented in README. Build status badge indicates CI/CD is active, but specific test coverage metrics are not disclosed.
Last commit 2026-04-19 (approximately 2.5 months before analysis date). Build workflow badge present and passing. Issue and PR activity not disclosed in provided metadata, but the plugin has 205 forks and active community ecosystem (README lists 10+ complementary plugins, suggesting vibrant downstream usage). Project remains actively maintained at a measured pace consistent with a mature, stable tool.
ADOPT IF: you maintain a Gradle project and need to regularly check for dependency updates; want a stable, battle-tested, low-maintenance dependency discovery tool; are already in the Java/Kotlin ecosystem and expect Gradle projects to include this baseline hygiene step. AVOID IF: you need automated, hands-off dependency updates (use gradle-use-latest-versions or similar alongside this one); you are using a non-Gradle build system (Maven, Bazel, etc.); you require cutting-edge update strategies beyond standard version resolution. MONITOR IF: you are evaluating whether to adopt a newer, more opinionated tool like refreshVersions or version-catalog-update-plugin, which may eventually displace this as a standalone choice but currently are not strict replacements.
Independent dimensions
Mainstream potential
5/10
Technical importance
7/10
Adoption evidence
8/10
- Gradle 9+ incompatibility with parallel execution requires `--no-parallel` flag for dependencyUpdates task; upstream Gradle issue may require ongoing workarounds.
- Configuration cache feature in recent Gradle versions can interfere with dependency resolution if certain flags are set (org.gradle.configuration-cache.problems=warn); users must manually disable this flag.
- Plugin is read-only reporting; teams expecting automated updates must layer additional tools, increasing tooling complexity.
- Slow growth and maintenance pace may signal limited prioritization for new Gradle features; adoption of experimental Gradle features may lag.
- No automated way to detect malicious or broken version releases; users must manually review and reject versions via configuration.
Plugin will remain in stable maintenance mode, continuing to serve as the foundational dependency discovery tool in the Gradle ecosystem. May gradually be superseded by more opinionated, all-in-one solutions (e.g., refreshVersions) for teams adopting modern dependency management practices, but is unlikely to lose core adoption. Will continue to receive updates to support new Gradle versions and Java release cadence.
Newsletter
Get analyses like this every Monday
Free weekly digest of the most interesting open-source discoveries.
Languages
Information
- Language
- Kotlin
- License
- Apache-2.0
- Last updated
- 3mo ago
- Created
- 166mo ago
- Analyzed with
- anthropic/claude-haiku-4-5
Stars over time
Contributors over time
Top 100 contributors only — repos with more will plateau at 100.
Open issues
Top contributors
Similar repos
autonomousapps/dependency-analysis-gradle-plugin
A Gradle plugin that analyzes dependency declarations in JVM and Android...
vanniktech/gradle-dependency-graph-generator-plugin
A Gradle plugin that generates visual dependency graphs (in PNG, SVG, and DOT...
JetBrains/intellij-platform-gradle-plugin
This is a Gradle plugin maintained by JetBrains that streamlines building,...
git-commit-id/git-commit-id-maven-plugin
This Maven plugin injects git repository metadata (commit hash, branch,...
| Repository | Stars | Week Δ | Language | Score | Updated |
|---|---|---|---|---|---|
|
|
4.1k | +1 | Kotlin | 8/10 | 3mo ago |
|
|
2.2k | — | Kotlin | 8/10 | 8h ago |
|
|
1.6k | — | Kotlin | 7/10 | 2w ago |
|
|
1.5k | — | Kotlin | 8/10 | 18h ago |
|
|
1.7k | — | Java | 7/10 | 2w ago |
|
|
1.7k | — | Kotlin | 8/10 | 2d ago |
Broader scope: analyzes dependency usage and health, not just version updates. Complementary rather than competitive—many projects use both. 2,153 stars; appears to focus on deeper dependency graph analysis.
Generates visual dependency graphs; solves a different problem (visualization) than update discovery. Not a direct replacement.
Handles automated updates to Gradle Version Catalogs; builds atop or complements this plugin. Newer, narrower scope.
More feature-rich update management including automation; may appeal to teams wanting opinionated workflows. Smaller adoption. Does not replace this plugin's core discovery function.
Automates version updates after discovery; this plugin is read-only reporting. Complementary.