AuroraMiddleware/protobuf
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

ensure maven deps are pinned for reproducibility. (#8523)

Browse Source 
* ensure maven deps are pinned for reproducibility.

* adding update docs.
This commit is contained in:
Derek Perez 2021-04-21 16:26:05 -07:00 committed by GitHub
parent f8e2efbf43
commit db8f725190
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 285 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
WORKSPACE
View File

@ -50,8 +50,14 @@ maven_install(
"https://jcenter.bintray.com/",
"https://repo1.maven.org/maven2",
],
# For updating instructions, see:
# https://github.com/bazelbuild/rules_jvm_external#updating-maven_installjson
maven_install_json = "//:maven_install.json",
)
load("@maven//:defs.bzl", "pinned_maven_install")
pinned_maven_install()
bind(
name = "guava",
actual = "@maven//:com_google_guava_guava",

279
maven_install.json Normal file
View File

@ -0,0 +1,279 @@
{
"dependency_tree": {
"__AUTOGENERATED_FILE_DO_NOT_MODIFY_THIS_FILE_MANUALLY": 1858568947,
"conflict_resolution": {
"com.google.errorprone:error_prone_annotations:2.3.2": "com.google.errorprone:error_prone_annotations:2.5.1",
"com.google.guava:guava:18.0": "com.google.guava:guava:30.1-android",
"junit:junit:4.12": "junit:junit:4.13.1"
},
"dependencies": [
{
"coord": "cglib:cglib-nodep:2.2.2",
"dependencies": [],
"directDependencies": [],
"file": "v1/https/jcenter.bintray.com/cglib/cglib-nodep/2.2.2/cglib-nodep-2.2.2.jar",
"mirror_urls": [
"https://jcenter.bintray.com/cglib/cglib-nodep/2.2.2/cglib-nodep-2.2.2.jar",
"https://repo1.maven.org/maven2/cglib/cglib-nodep/2.2.2/cglib-nodep-2.2.2.jar"
],
"sha256": "e78c7792e59554ed8a23d18a12e3a0d2f7a244217ecf89621477f63aec074f15",
"url": "https://jcenter.bintray.com/cglib/cglib-nodep/2.2.2/cglib-nodep-2.2.2.jar"
},
{
"coord": "com.google.auto.value:auto-value-annotations:1.7.4",
"dependencies": [],
"directDependencies": [],
"file": "v1/https/jcenter.bintray.com/com/google/auto/value/auto-value-annotations/1.7.4/auto-value-annotations-1.7.4.jar",
"mirror_urls": [
"https://jcenter.bintray.com/com/google/auto/value/auto-value-annotations/1.7.4/auto-value-annotations-1.7.4.jar",
"https://repo1.maven.org/maven2/com/google/auto/value/auto-value-annotations/1.7.4/auto-value-annotations-1.7.4.jar"
],
"sha256": "fedd59b0b4986c342f6ab2d182f2a4ee9fceb2c7e2d5bdc4dc764c92394a23d3",
"url": "https://jcenter.bintray.com/com/google/auto/value/auto-value-annotations/1.7.4/auto-value-annotations-1.7.4.jar"
},
{
"coord": "com.google.code.findbugs:jsr305:3.0.2",
"dependencies": [],
"directDependencies": [],
"file": "v1/https/jcenter.bintray.com/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.jar",
"mirror_urls": [
"https://jcenter.bintray.com/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.jar",
"https://repo1.maven.org/maven2/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.jar"
],
"sha256": "766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7",
"url": "https://jcenter.bintray.com/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.jar"
},
{
"coord": "com.google.code.gson:gson:2.7",
"dependencies": [],
"directDependencies": [],
"file": "v1/https/jcenter.bintray.com/com/google/code/gson/gson/2.7/gson-2.7.jar",
"mirror_urls": [
"https://jcenter.bintray.com/com/google/code/gson/gson/2.7/gson-2.7.jar",
"https://repo1.maven.org/maven2/com/google/code/gson/gson/2.7/gson-2.7.jar"
],
"sha256": "2d43eb5ea9e133d2ee2405cc14f5ee08951b8361302fdd93494a3a997b508d32",
"url": "https://jcenter.bintray.com/com/google/code/gson/gson/2.7/gson-2.7.jar"
},
{
"coord": "com.google.errorprone:error_prone_annotations:2.5.1",
"dependencies": [],
"directDependencies": [],
"file": "v1/https/jcenter.bintray.com/com/google/errorprone/error_prone_annotations/2.5.1/error_prone_annotations-2.5.1.jar",
"mirror_urls": [
"https://jcenter.bintray.com/com/google/errorprone/error_prone_annotations/2.5.1/error_prone_annotations-2.5.1.jar",
"https://repo1.maven.org/maven2/com/google/errorprone/error_prone_annotations/2.5.1/error_prone_annotations-2.5.1.jar"
],
"sha256": "ff80626baaf12a09342befd4e84cba9d50662f5fcd7f7a9b3490a6b7cf87e66c",
"url": "https://jcenter.bintray.com/com/google/errorprone/error_prone_annotations/2.5.1/error_prone_annotations-2.5.1.jar"
},
{
"coord": "com.google.guava:failureaccess:1.0.1",
"dependencies": [],
"directDependencies": [],
"file": "v1/https/jcenter.bintray.com/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.jar",
"mirror_urls": [
"https://jcenter.bintray.com/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.jar",
"https://repo1.maven.org/maven2/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.jar"
],
"sha256": "a171ee4c734dd2da837e4b16be9df4661afab72a41adaf31eb84dfdaf936ca26",
"url": "https://jcenter.bintray.com/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.jar"
},
{
"coord": "com.google.guava:guava:30.1-android",
"dependencies": [
"com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava",
"com.google.j2objc:j2objc-annotations:1.3",
"com.google.code.findbugs:jsr305:3.0.2",
"com.google.guava:failureaccess:1.0.1",
"com.google.errorprone:error_prone_annotations:2.5.1",
"org.checkerframework:checker-compat-qual:2.5.5"
],
"directDependencies": [
"com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava",
"com.google.j2objc:j2objc-annotations:1.3",
"com.google.code.findbugs:jsr305:3.0.2",
"com.google.guava:failureaccess:1.0.1",
"com.google.errorprone:error_prone_annotations:2.5.1",
"org.checkerframework:checker-compat-qual:2.5.5"
],
"file": "v1/https/jcenter.bintray.com/com/google/guava/guava/30.1-android/guava-30.1-android.jar",
"mirror_urls": [
"https://jcenter.bintray.com/com/google/guava/guava/30.1-android/guava-30.1-android.jar",
"https://repo1.maven.org/maven2/com/google/guava/guava/30.1-android/guava-30.1-android.jar"
],
"sha256": "ea0b5a62b707482eee5cf305c8f35ef91cf4ceaff504f011a5c49c41355f5781",
"url": "https://jcenter.bintray.com/com/google/guava/guava/30.1-android/guava-30.1-android.jar"
},
{
"coord": "com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava",
"dependencies": [],
"directDependencies": [],
"file": "v1/https/jcenter.bintray.com/com/google/guava/listenablefuture/9999.0-empty-to-avoid-conflict-with-guava/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar",
"mirror_urls": [
"https://jcenter.bintray.com/com/google/guava/listenablefuture/9999.0-empty-to-avoid-conflict-with-guava/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar",
"https://repo1.maven.org/maven2/com/google/guava/listenablefuture/9999.0-empty-to-avoid-conflict-with-guava/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar"
],
"sha256": "b372a037d4230aa57fbeffdef30fd6123f9c0c2db85d0aced00c91b974f33f99",
"url": "https://jcenter.bintray.com/com/google/guava/listenablefuture/9999.0-empty-to-avoid-conflict-with-guava/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar"
},
{
"coord": "com.google.j2objc:j2objc-annotations:1.3",
"dependencies": [],
"directDependencies": [],
"file": "v1/https/jcenter.bintray.com/com/google/j2objc/j2objc-annotations/1.3/j2objc-annotations-1.3.jar",
"mirror_urls": [
"https://jcenter.bintray.com/com/google/j2objc/j2objc-annotations/1.3/j2objc-annotations-1.3.jar",
"https://repo1.maven.org/maven2/com/google/j2objc/j2objc-annotations/1.3/j2objc-annotations-1.3.jar"
],
"sha256": "21af30c92267bd6122c0e0b4d20cccb6641a37eaf956c6540ec471d584e64a7b",
"url": "https://jcenter.bintray.com/com/google/j2objc/j2objc-annotations/1.3/j2objc-annotations-1.3.jar"
},
{
"coord": "com.google.truth:truth:1.1.2",
"dependencies": [
"com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava",
"org.ow2.asm:asm:9.0",
"com.google.j2objc:j2objc-annotations:1.3",
"com.google.code.findbugs:jsr305:3.0.2",
"org.hamcrest:hamcrest-core:1.3",
"com.google.auto.value:auto-value-annotations:1.7.4",
"junit:junit:4.13.1",
"com.google.guava:failureaccess:1.0.1",
"com.google.errorprone:error_prone_annotations:2.5.1",
"org.checkerframework:checker-qual:3.9.1",
"com.google.guava:guava:30.1-android",
"org.checkerframework:checker-compat-qual:2.5.5"
],
"directDependencies": [
"org.ow2.asm:asm:9.0",
"com.google.auto.value:auto-value-annotations:1.7.4",
"junit:junit:4.13.1",
"com.google.errorprone:error_prone_annotations:2.5.1",
"org.checkerframework:checker-qual:3.9.1",
"com.google.guava:guava:30.1-android"
],
"file": "v1/https/jcenter.bintray.com/com/google/truth/truth/1.1.2/truth-1.1.2.jar",
"mirror_urls": [
"https://jcenter.bintray.com/com/google/truth/truth/1.1.2/truth-1.1.2.jar",
"https://repo1.maven.org/maven2/com/google/truth/truth/1.1.2/truth-1.1.2.jar"
],
"sha256": "a85e03b8b6ae8780f060cfded9500a3d1b5f52808f99a2ea6da9c683313c7518",
"url": "https://jcenter.bintray.com/com/google/truth/truth/1.1.2/truth-1.1.2.jar"
},
{
"coord": "junit:junit:4.13.1",
"dependencies": [
"org.hamcrest:hamcrest-core:1.3"
],
"directDependencies": [
"org.hamcrest:hamcrest-core:1.3"
],
"file": "v1/https/jcenter.bintray.com/junit/junit/4.13.1/junit-4.13.1.jar",
"mirror_urls": [
"https://jcenter.bintray.com/junit/junit/4.13.1/junit-4.13.1.jar",
"https://repo1.maven.org/maven2/junit/junit/4.13.1/junit-4.13.1.jar"
],
"sha256": "c30719db974d6452793fe191b3638a5777005485bae145924044530ffa5f6122",
"url": "https://jcenter.bintray.com/junit/junit/4.13.1/junit-4.13.1.jar"
},
{
"coord": "org.checkerframework:checker-compat-qual:2.5.5",
"dependencies": [],
"directDependencies": [],
"file": "v1/https/jcenter.bintray.com/org/checkerframework/checker-compat-qual/2.5.5/checker-compat-qual-2.5.5.jar",
"mirror_urls": [
"https://jcenter.bintray.com/org/checkerframework/checker-compat-qual/2.5.5/checker-compat-qual-2.5.5.jar",
"https://repo1.maven.org/maven2/org/checkerframework/checker-compat-qual/2.5.5/checker-compat-qual-2.5.5.jar"
],
"sha256": "11d134b245e9cacc474514d2d66b5b8618f8039a1465cdc55bbc0b34e0008b7a",
"url": "https://jcenter.bintray.com/org/checkerframework/checker-compat-qual/2.5.5/checker-compat-qual-2.5.5.jar"
},
{
"coord": "org.checkerframework:checker-qual:3.9.1",
"dependencies": [],
"directDependencies": [],
"file": "v1/https/jcenter.bintray.com/org/checkerframework/checker-qual/3.9.1/checker-qual-3.9.1.jar",
"mirror_urls": [
"https://jcenter.bintray.com/org/checkerframework/checker-qual/3.9.1/checker-qual-3.9.1.jar",
"https://repo1.maven.org/maven2/org/checkerframework/checker-qual/3.9.1/checker-qual-3.9.1.jar"
],
"sha256": "ab0468b1ba35bb2ae45f61a60dc4960bd887660ab8f05113a662a7e675eae776",
"url": "https://jcenter.bintray.com/org/checkerframework/checker-qual/3.9.1/checker-qual-3.9.1.jar"
},
{
"coord": "org.easymock:easymock:3.2",
"dependencies": [
"cglib:cglib-nodep:2.2.2",
"org.objenesis:objenesis:1.3"
],
"directDependencies": [
"cglib:cglib-nodep:2.2.2",
"org.objenesis:objenesis:1.3"
],
"file": "v1/https/jcenter.bintray.com/org/easymock/easymock/3.2/easymock-3.2.jar",
"mirror_urls": [
"https://jcenter.bintray.com/org/easymock/easymock/3.2/easymock-3.2.jar",
"https://repo1.maven.org/maven2/org/easymock/easymock/3.2/easymock-3.2.jar"
],
"sha256": "b3dd1cf5019f942d8cc2afad0aa6aef4b21532446fe90a6b68d567e3389763dd",
"url": "https://jcenter.bintray.com/org/easymock/easymock/3.2/easymock-3.2.jar"
},
{
"coord": "org.easymock:easymockclassextension:3.2",
"dependencies": [
"org.easymock:easymock:3.2",
"cglib:cglib-nodep:2.2.2",
"org.objenesis:objenesis:1.3"
],
"directDependencies": [
"org.easymock:easymock:3.2"
],
"file": "v1/https/jcenter.bintray.com/org/easymock/easymockclassextension/3.2/easymockclassextension-3.2.jar",
"mirror_urls": [
"https://jcenter.bintray.com/org/easymock/easymockclassextension/3.2/easymockclassextension-3.2.jar",
"https://repo1.maven.org/maven2/org/easymock/easymockclassextension/3.2/easymockclassextension-3.2.jar"
],
"sha256": "e2aeb3ecec87d859b2f3072985d4b15873558bcf6410f422db0c0c5194c76c87",
"url": "https://jcenter.bintray.com/org/easymock/easymockclassextension/3.2/easymockclassextension-3.2.jar"
},
{
"coord": "org.hamcrest:hamcrest-core:1.3",
"dependencies": [],
"directDependencies": [],
"file": "v1/https/jcenter.bintray.com/org/hamcrest/hamcrest-core/1.3/hamcrest-core-1.3.jar",
"mirror_urls": [
"https://jcenter.bintray.com/org/hamcrest/hamcrest-core/1.3/hamcrest-core-1.3.jar",
"https://repo1.maven.org/maven2/org/hamcrest/hamcrest-core/1.3/hamcrest-core-1.3.jar"
],
"sha256": "66fdef91e9739348df7a096aa384a5685f4e875584cce89386a7a47251c4d8e9",
"url": "https://jcenter.bintray.com/org/hamcrest/hamcrest-core/1.3/hamcrest-core-1.3.jar"
},
{
"coord": "org.objenesis:objenesis:1.3",
"dependencies": [],
"directDependencies": [],
"file": "v1/https/jcenter.bintray.com/org/objenesis/objenesis/1.3/objenesis-1.3.jar",
"mirror_urls": [
"https://jcenter.bintray.com/org/objenesis/objenesis/1.3/objenesis-1.3.jar",
"https://repo1.maven.org/maven2/org/objenesis/objenesis/1.3/objenesis-1.3.jar"
],
"sha256": "dd4ef3d3091063a4fec578cbb2bbe6c1f921c00091ba2993dcd9afd25ff9444a",
"url": "https://jcenter.bintray.com/org/objenesis/objenesis/1.3/objenesis-1.3.jar"
},
{
"coord": "org.ow2.asm:asm:9.0",
"dependencies": [],
"directDependencies": [],
"file": "v1/https/jcenter.bintray.com/org/ow2/asm/asm/9.0/asm-9.0.jar",
"mirror_urls": [
"https://jcenter.bintray.com/org/ow2/asm/asm/9.0/asm-9.0.jar",
"https://repo1.maven.org/maven2/org/ow2/asm/asm/9.0/asm-9.0.jar"
],
"sha256": "0df97574914aee92fd349d0cb4e00f3345d45b2c239e0bb50f0a90ead47888e0",
"url": "https://jcenter.bintray.com/org/ow2/asm/asm/9.0/asm-9.0.jar"
}
],
"version": "0.1.0"
}
}