* identifier are added, only the first repository being added will be used.
     *
     * @param repository The repository to add to the internal search chain, must not be {@code null}.
     * @throws InvalidRepositoryException If the repository could not be added (e.g. due to invalid URL or layout).
     */
    void addRepository(Repository repository) throws InvalidRepositoryException;

                }
            }
            return null;
        };
    }

    @SafeVarargs
    static UnaryOperator<String> chain(UnaryOperator<String>... functions) {
        return chain(List.of(functions));
    }

    /**
     * Memoizes a given function that takes a String input and produces a String output.

import org.eclipse.aether.repository.WorkspaceReader;
import org.eclipse.aether.repository.WorkspaceRepository;

import static java.util.Objects.requireNonNull;

/**
 * A maven workspace reader that delegates to a chain of other readers, effectively aggregating their contents.
 * <p>
 * This class, while technically is not immutable, should be considered as such once set up. If not mutated, it is also

     */
    public Comparator<MavenProject> getComparator() {
        return comparator;
    }

    /**
     * Gets the calculated weight for a project, representing its dependency chain length.
     *
     * @param project the project
     * @return the project's weight (higher means longer dependency chain)
     */

# See the License for the specific language governing permissions and
# limitations under the License.
# ============================================================================

name: Scorecards supply-chain security
on:
  # For Branch-Protection check. Only the default branch is supported. See
  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection
  branch_protection_rule:

# limitations under the License.
# ==============================================================================
# This script uploads all staged artifacts from all previous builds in the same
# job chain to GCS and PyPI.
source "${BASH_SOURCE%/*}/utilities/setup.sh"

# Calculate the version number for choosing the final directory name. This adds
# "-devYYYYMMDD" to the end of the version string for nightly builds.

        RequestTrace level2 = new RequestTrace("level2", level1, "level2-data");
        RequestTrace level3 = new RequestTrace(level2, "level3-data");

        // Verify the chain
        assertNull(root.parent());
        assertEquals(root, level1.parent());
        assertEquals(level1, level2.parent());
        assertEquals(level2, level3.parent());

        // Verify context inheritance

 *                of the request. May be null if no specific context is needed.
 * @param parent The parent request trace that led to this request, establishing the chain of nested
 *               operations. May be null for top-level requests.
 * @param data Additional data associated with this request trace, typically containing the actual request

##
## readlink() {
##     return /bin/readlink -f "$1"
## }
##
readlink() {
	TARGET_FILE=$1

	cd $(dirname $TARGET_FILE)
	TARGET_FILE=$(basename $TARGET_FILE)

	# Iterate down a (possible) chain of symlinks
	while [ -L "$TARGET_FILE" ]; do
		TARGET_FILE=$(env readlink $TARGET_FILE)
		cd $(dirname $TARGET_FILE)
		TARGET_FILE=$(basename $TARGET_FILE)
	done

	var data []byte
	if data, err = os.ReadFile(certFile); err != nil {
		return nil, err
	}

	// Trimming leading and tailing white spaces.
	data = bytes.TrimSpace(data)

	// Parse all certs in the chain.
	current := data
	for len(current) > 0 {
		var pemBlock *pem.Block
		if pemBlock, current = pem.Decode(current); pemBlock == nil {