Gradle variable ordering breaks detected dependencies

[siegenthalerroger]

How are you running Renovate?

Mend Renovate hosted app on github.com

If you're self-hosting Renovate, tell us what version of Renovate you run.

No response

If you're self-hosting Renovate, select which platform you are using.

No response

If you're self-hosting Renovate, tell us what version of the platform you run.

No response

Was this something which used to work for you, and then stopped?

I never saw this working

Describe the bug

We have a multi-project gradle build system where the versions are defined in the root level project. Apparently the detection of dependencies and their updates depends on their ordering.

For example the following excerpt out of the root-level build.gradle works and resulted in a PR and branch being created for the openApi package:

subprojects {

    ext {
        springBootVersion = '2.7.1' 
        openApiVersion = '1.5.13'
        apacheVersion = '3.12.0'
        redhatVersion = '00001'
        apacheCommonsLangVersion = "${apacheVersion}.redhat-${redhatVersion}"
    }

Merely changing the order of the last two items (to better match our internal layout) resulted in the branch being deleted and the PR closed.

subprojects {

    ext {
        springBootVersion = '2.7.1'
        apacheVersion = '3.12.0'
        redhatVersion = '00001'
        apacheCommonsLangVersion = "${apacheVersion}.redhat-${redhatVersion}"
        openApiVersion = '1.5.13'
    }

Reproduction Repository: https://github.com/siegenthalerroger/renovate-gradle-variable-interpolate-reproduction
Change commit: siegenthalerroger/renovate-gradle-variable-interpolate-reproduction@edadcea

Relevant debug logs

Logs

DEBUG: Found PR #6
DEBUG: branch.isModified(): using git to calculate
DEBUG: branch.isModified() = false
DEBUG: setCachedModifiedResult(): Branch cache not present
INFO: Autoclosing PR
{
  "branchName": "renovate/openapiversion",
  "prNo": 6,
  "prTitle": "Update dependency org.springdoc:springdoc-openapi-ui to v1.6.11"
}
DEBUG: updatePr(6, Update dependency org.springdoc:springdoc-openapi-ui to v1.6.11 - autoclosed, body)
DEBUG: PR updated
{
  "pr": 6
}
DEBUG: Deleted remote branch
{
  "branchName": "renovate/openapiversion"
}
DEBUG: No local branch to delete
{
  "branchName": "renovate/openapiversion"
}
DEBUG: Cleaning up Renovate refs: refs/renovate/*

Have you created a minimal reproduction repository?

I have linked to a minimal reproduction repository in the bug description

[github-actions]

Hi there,

Get your issue fixed faster by creating a minimal reproduction. This means a repository dedicated to reproducing this issue with the minimal dependencies and config possible.

Before we start working on your issue we need to know exactly what's causing the current behavior. A minimal reproduction helps us with this.

To get started, please read our guide on creating a minimal reproduction.

We may close the issue if you, or someone else, haven't created a minimal reproduction within two weeks. If you need more time, or are stuck, please ask for help or more time in a comment.

Good luck,

The Renovate team

[Churro]

Looks to me like a real issue in the current Gradle parser.

The whole problem can be narrowed down to:

apacheCommonsLangVersion = "${apacheVersion}"
openApiVersion = '1.5.13'

implementation("org.springdoc:springdoc-openapi-ui:${openApiVersion}")

What happens:

• First, apacheCommonsLangVersion = "${apacheVersion}" is matched:

  renovate/lib/modules/manager/gradle/parser.ts

  Lines 498 to 502 in 34e0a3c

  	matchers: [
  	{
  	matchType: TokenType.StringInterpolation,
  	tokenMapKey: 'depInterpolation',
  	},

• Interpolation fails (or it is no dependency string), processDepInterpolation returns null
• With a result == null, tryMatch doesn't return but goes through the rest of matchers. No other matcher kicks in here since the matcher itself was the correct one (just handling didn't work), so it removes the next token from the array:

  renovate/lib/modules/manager/gradle/parser.ts

  Lines 1121 to 1126 in 34e0a3c

  	if (result !== null) {
  	return result;
  	}
  	}
  	}
  	tokens.shift();

• The removed token is { "type": "word", "offset": 47, "value": "openApiVersion" }, which means in the next tryMatch cycle it is missing and won't be matched by the assignment matcher:

  renovate/lib/modules/manager/gradle/parser.ts

  Line 464 in 34e0a3c

  { matchType: TokenType.Word, tokenMapKey: 'keyToken' },

One possible solution for this is to make processDepInterpolation return something other than null to express that the matcher was the correct one and no other should be tried.

[siegenthalerroger]

Thanks for the in depth analysis. I did think it would be something to this end as it only happened when a more "complex" case came first in the file. Great to see a PR so quickly for the fix