Wanted to confirm with someone, are the lockfiles generated by gradle meant to be checked in to source control? My project has loads of them generated.
https://docs.gradle.org/current/userguide/dependency_locking.html
In short, yes, if you want repeatable builds. We resorted to having very strict rules around dynamic dependencies, and having Jenkins update the lockfiles for us, to avoid merge conflicts. That way, we stayed up to date and had repeatable builds for every commit