Hi. I’m trying to understand why Gradle scanner uses so many dependencies - pulls almost the whole “world” (read SonarQube engine):
- sonar-scanner-gradle: https://github.com/SonarSource/sonar-scanner-gradle/blob/master/build.gradle#L53
- sonar-scanner-api: https://github.com/SonarSource/sonar-scanner-api/blob/master/pom.xml#L19-L23
- sonar-scanner-api-batch: https://github.com/SonarSource/sonar-scanner-api/blob/master/batch/pom.xml#L23-L28
- sonar-scanner-engine: https://github.com/SonarSource/sonarqube/blob/master/sonar-scanner-engine/build.gradle#L30-L33
This pulls sonar-core, sonar-ws, etc
As you can see, sonar-scanner-api-batch pulls in sonar-core. Is this by design?
Are there any workarounds I could do to cut the list of dependencies on the scanner shorter? Would Gradle scanner work after simply removing sonar-scanner-api-batch jar (and its list of dependencies) from the classpath?
I’m guessing this list of dependencies is used for compatibility with old versions which used to run analysis during the build. But now that we have WS APIs are they still needed?