build(deps): Move centralized dependency constrains to "allprojects" …

…block within root build.gradle.kts (eclipse-tractusx#274)
paullatzelsperger · May 4, 2023 · d779618 · d779618
1 parent 9aedb0e
commit d779618
Showing 1 changed file with 9 additions and 11 deletions.
diff --git a/build.gradle.kts b/build.gradle.kts
@@ -56,6 +56,15 @@ allprojects {
         // this is used to counter version conflicts between the JUnit version pulled in by the plugin,
         // and the one expected by IntelliJ
         testImplementation(platform("org.junit:junit-bom:5.9.2"))
+
+        constraints {
+            implementation("org.yaml:snakeyaml:2.0") {
+                because("version 1.33 has vulnerabilities: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1471.")
+            }
+            implementation("net.minidev:json-smart:2.4.10") {
+                because("version 2.4.8 has vulnerabilities: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1370.")
+            }
+        }
     }
 
     // configure which version of the annotation processor to use. defaults to the same version as the plugin
@@ -159,14 +168,3 @@ subprojects {
         }
     }
 }
-
-dependencies {
-    constraints {
-        implementation("org.yaml:snakeyaml:2.0") {
-            because("version 1.33 has vulnerabilities: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1471.")
-        }
-        implementation("net.minidev:json-smart:2.4.10") {
-            because("version 2.4.8 has vulnerabilities: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1370.")
-        }
-    }
-}