DEV Community πŸ‘©β€πŸ’»πŸ‘¨β€πŸ’»

RockAndNull
RockAndNull

Posted on • Originally published at rockandnull.com on

Transient dependencies and Play Store violations

Transient dependencies and Play Store violations

The Play Store's policy violation handling has been significantly improved in the last few years. Instead of a sudden ban and removal from the store, you get an email warning you about the violation and a deadline for fixing it.

Most of the time, these violations are not directly due to code in the app but rather to a library that the app is using. This is the easy scenario. The violation warning email will even suggest, most of the time, the fixed version that you need to update for the violation to go away.

But there are times when the library mentioned in the violation warning email is not directly used by the app. This is the most tricky case where it's a transient dependency to one of the directly used libraries.

To figure out where the violating library is used, there's a way for Gradle to build the dependency tree. Then you need to update the direct dependency, where hopefully the fixed transient dependency is used.

Print the dependency tree

Firstly, make the Gradle window within the IDE visible by going to View -> Tool Windows -> Gradle. Then select the app (or another module) -> help -> dependencies. Alternatively, you can just run ./gradlew app:dependencies in the terminal window.

Transient dependencies and Play Store violations
_The Gradle command to print the dependency tree _

This will print in the Run tool window a tree-like structure that shows which library is used by each dependency.

[...]
+--- com.google.android.gms:play-services-gcm:17.0.0
| +--- androidx.collection:collection:1.0.0 -> 1.1.0 (*)
| +--- androidx.core:core:1.0.0 -> 1.8.0 (*)
| +--- androidx.legacy:legacy-support-core-utils:1.0.0 (*)
| +--- com.google.android.gms:play-services-base:17.0.0 -> 18.0.1 (*)
| +--- com.google.android.gms:play-services-basement:17.0.0 -> 18.1.0 (*)
| +--- com.google.android.gms:play-services-iid:17.0.0
| | +--- androidx.collection:collection:1.0.0 -> 1.1.0 (*)
| | +--- androidx.core:core:1.0.0 -> 1.8.0 (*)
| | +--- com.google.android.gms:play-services-base:17.0.0 -> 18.0.1 (*)
| | +--- com.google.android.gms:play-services-basement:17.0.0 -> 18.1.0 (*)
| | +--- com.google.android.gms:play-services-stats:17.0.0 -> 17.0.2 (*)
| | \--- com.google.android.gms:play-services-tasks:17.0.0 -> 18.0.1 (*)
| \--- com.google.android.gms:play-services-stats:17.0.0 -> 17.0.2 (*)
[...]
Enter fullscreen mode Exit fullscreen mode

Sample of the dependency tree

Here, you can search to find the violating library and update the direct dependency, which hopefully will fix the issue.

The visual way

There's a completely visual way to get to that dependency tree by going to File -> Project Structure -> Dependencies -> Resolved Dependencies. But this view, even if it's convenient to browse, it's not convenient when searching for a specific dependency that might be hidden many layers below the direct dependency.

Transient dependencies and Play Store violations
This view, even if it's convenient to browse, it's not convenient when searching for a specific dependency

Hopefully, I made your dev life a bit easier when searching for a violating dependency in your Android app.

Happy coding!

Top comments (0)

⬇️ The only reason people scroll to the bottom...

...is because they want to read more. Create an account to bookmark, comment, and react to articles that interest you.