How can I force the newest dependency to be used by gradle

I’m attempting to upgrade an app I manage to satisfy a Checkmarx vulnerability scan. The scan is showing I am using an out of date version of org.apache.ivy and the issue is via Maven. To fix this I’ve I’ve added

all {
resolutionStrategy {
  force ‘org.apache.ivy:ivy:2.5.2’
}
}

If I run gradlew dependencies I only see the 2.5.2 version show in the tree as I expect. When I submit the build to Jenkins and have the Checkmarx scan run, it still shows that the older version of Ivy is present in the gradle cache path. What can I do to force only the newest version there?

Solution

Try this way in dependencies block :

dependencies {
  //...
  implementation('org.apache.ivy:ivy') {
    version {
      strictly '[2.5.2]'
    }
  }
  //...
}

For more details about that implementation https://docs.gradle.org/current/userguide/rich_versions.html#rich-version-constraints This should solve your issue.

XBee using the Java Lib on Raspberry Pi
Lib folder is missing when creating java project in Eclipse Neon.2 Release (4.6.2)
Activiti Tomcat configuration
Why do I get "Cannot resolve symbol" when trying to use class from library?
How to set SameSite and Secure attribute to JSESSIONID cookie
Failed to resolve: com.github Affected Modules
Failed to resolve: lib
class loading in tomcat on demand when 2 versions of a lib are present?
JPA: Duplicate Entry When Adding Child Entity (One-To-Many)
NoClassDefFoundError when running app with external lib with Tomcat
NoClassDefFoundError from inside a jar
How to run a jar with external libs
Import json-simple from Maven failed
How to override default jar present inside jre/lib folder
How do you access Kotlin Library Sealed Classes as Error Handling in Java?
How do I properly create a Library in Java?
Is there a way to print cron-expressions in human readable form?
How to force Maven in IntelliJ to pull specific dependency from local .m2 repository
package com.fasterxml.jackson.databind.annotation does not exist
How to use custom class annotation in testng listener java
How to map this Json with rest template spring boot
Avoid Jackson serialization on non fetched lazy objects
Images not loading after creating Jar
LoggerFactory.getLogger cannot be resolved to a type
Jackson triggering JPA Lazy Fetching on serialization
Detect on/off Key Press Android
Is there a free package for reading, manipulating and writing ASN.1 in Java?
Can you store a variable inside a if-clause?
Where to download eclipse IDE (there's 2 main links and they all both completely different installers)
Mocking object called in lambda invoked from mocked object