Prevent wildcard versions in your Gradle project. These undermine deterministic and hermetic builds and are generally considered bad practice.

build.gradle

allprojects {
  afterEvaluate { project ->
    project.configurations.all {
      resolutionStrategy.eachDependency { DependencyResolveDetails details ->
        def requested = details.requested
        if (requested.version.contains('+')) {
          throw new GradleException("Wildcard dependency forbidden: ${requested.group}:${requested.name}:${requested.version}")
        }
      }
    }
  }
}

Shouldn't it be details.target instead of details.requested?

If I have a dependency and it's author have used '+', then I can't change it's sources and your script would abort my build. But I can use resolutionStrategy.force "group:name:exact_version" to make sure that my build uses exact version of the transitive dependency even if it's author doesn't mean it so.

@plastiv Good point.