MODULE.bazel - plugins/oauth - Git at Google

 module(name = "gerrit-oauth-provider")

 bazel_dep(name = "rules_jvm_external", version = "6.10")
 bazel_dep(name = "com_googlesource_gerrit_bazlets")
 git_override(
     module_name = "com_googlesource_gerrit_bazlets",
     commit = "202b90383675fd8a759a865a4e0efe75de9a8932",
     remote = "https://gerrit.googlesource.com/bazlets",
 )

 GERRIT_API_VERS = "3.11.0"

 gerrit_api_version = use_repo_rule("@com_googlesource_gerrit_bazlets//:gerrit_api_version.bzl", "gerrit_api_version")

 gerrit_api_version(
     name = "gerrit_api_version",
     version = GERRIT_API_VERS,
     visibility = ["//visibility:public"],
 )

 maven = use_extension("@rules_jvm_external//:extensions.bzl", "maven")
 maven.install(
     name = "external_plugin_deps",
     artifacts = [
         "com.google.gerrit:gerrit-plugin-api:" + GERRIT_API_VERS,
         "com.google.gerrit:gerrit-acceptance-framework:" + GERRIT_API_VERS,
     ],
     # IMPORTANT:
     # Do NOT set lock_file here.
     #
     # This repository is intentionally shared across plugins and contains
     # only Gerrit-provided APIs (gerrit-plugin-api and acceptance framework)
     # that are provided by Gerrit at runtime and must not be bundled into
     # the plugin JAR.
     #
     # When built in-tree, rules_jvm_external merges maven.install() tags
     # with the same name across all modules. Defining a lock_file for this
     # shared repository in more than one plugin causes multiple lock files
     # to be contributed for the same repository name, which is rejected by
     # rules_jvm_external during module extension evaluation.
     #
     # Plugin runtime dependencies must instead be declared in a
     # plugin-specific repository (e.g. oauth_plugin_deps) that owns
     # its own lock file.
 )
 use_repo(maven, "external_plugin_deps")

 maven.install(
     name = "oauth_plugin_deps",
     artifacts = [
         "com.fasterxml.jackson.core:jackson-databind:2.21.1",
         "com.github.scribejava:scribejava-apis:8.3.3",
         "com.sap.cloud.security:java-security:3.6.0",
     ],
     duplicate_version_warning = "error",
     excluded_artifacts = [
         # com_sap_cloud_security:java_security depends on commons-io.
         # Gerrit core already provides commons-io, so exclude it here to
         # avoid bundling it into the plugin and prevent duplicate classes
         # or version skew at runtime in Gerrit's plugin classloader.
         "commons-io:commons-io",
         # com.sap.cloud.security.xsuaa:token-client depends on caffeine cache,
         # and slf4j-api. Gerrit core already provides caffeine cache and
         # slf4j-api, so exclude it here to  avoid bundling it into the plugin
         # and prevent duplicate classes or version skew at runtime in Gerrit's
         # plugin classloader.
         "com.github.ben-manes.caffeine:caffeine",
         "org.slf4j:slf4j-api",
     ],
     fail_if_repin_required = True,
     fail_on_missing_checksum = True,
     fetch_sources = True,
     lock_file = "//:oauth_plugin_deps.lock.json",
     repositories = [
         "https://repo1.maven.org/maven2",
     ],
     version_conflict_policy = "pinned",
 )
 use_repo(maven, "oauth_plugin_deps")
	module(name = "gerrit-oauth-provider")

	bazel_dep(name = "rules_jvm_external", version = "6.10")
	bazel_dep(name = "com_googlesource_gerrit_bazlets")
	git_override(
	module_name = "com_googlesource_gerrit_bazlets",
	commit = "202b90383675fd8a759a865a4e0efe75de9a8932",
	remote = "https://gerrit.googlesource.com/bazlets",
	)

	GERRIT_API_VERS = "3.11.0"

	gerrit_api_version = use_repo_rule("@com_googlesource_gerrit_bazlets//:gerrit_api_version.bzl", "gerrit_api_version")

	gerrit_api_version(
	name = "gerrit_api_version",
	version = GERRIT_API_VERS,
	visibility = ["//visibility:public"],
	)

	maven = use_extension("@rules_jvm_external//:extensions.bzl", "maven")
	maven.install(
	name = "external_plugin_deps",
	artifacts = [
	"com.google.gerrit:gerrit-plugin-api:" + GERRIT_API_VERS,
	"com.google.gerrit:gerrit-acceptance-framework:" + GERRIT_API_VERS,
	],
	# IMPORTANT:
	# Do NOT set lock_file here.
	#
	# This repository is intentionally shared across plugins and contains
	# only Gerrit-provided APIs (gerrit-plugin-api and acceptance framework)
	# that are provided by Gerrit at runtime and must not be bundled into
	# the plugin JAR.
	#
	# When built in-tree, rules_jvm_external merges maven.install() tags
	# with the same name across all modules. Defining a lock_file for this
	# shared repository in more than one plugin causes multiple lock files
	# to be contributed for the same repository name, which is rejected by
	# rules_jvm_external during module extension evaluation.
	#
	# Plugin runtime dependencies must instead be declared in a
	# plugin-specific repository (e.g. oauth_plugin_deps) that owns
	# its own lock file.
	)
	use_repo(maven, "external_plugin_deps")

	maven.install(
	name = "oauth_plugin_deps",
	artifacts = [
	"com.fasterxml.jackson.core:jackson-databind:2.21.1",
	"com.github.scribejava:scribejava-apis:8.3.3",
	"com.sap.cloud.security:java-security:3.6.0",
	],
	duplicate_version_warning = "error",
	excluded_artifacts = [
	# com_sap_cloud_security:java_security depends on commons-io.
	# Gerrit core already provides commons-io, so exclude it here to
	# avoid bundling it into the plugin and prevent duplicate classes
	# or version skew at runtime in Gerrit's plugin classloader.
	"commons-io:commons-io",
	# com.sap.cloud.security.xsuaa:token-client depends on caffeine cache,
	# and slf4j-api. Gerrit core already provides caffeine cache and
	# slf4j-api, so exclude it here to avoid bundling it into the plugin
	# and prevent duplicate classes or version skew at runtime in Gerrit's
	# plugin classloader.
	"com.github.ben-manes.caffeine:caffeine",
	"org.slf4j:slf4j-api",
	],
	fail_if_repin_required = True,
	fail_on_missing_checksum = True,
	fetch_sources = True,
	lock_file = "//:oauth_plugin_deps.lock.json",
	repositories = [
	"https://repo1.maven.org/maven2",
	],
	version_conflict_policy = "pinned",
	)
	use_repo(maven, "oauth_plugin_deps")