/**
         * Sets the direct dependencies. If both a root dependency and direct dependencies are given in the request, the
         * direct dependencies from the request will be merged with the direct dependencies from the root dependency's
         * artifact descriptor, giving higher priority to the dependencies from the request.
         *
         * @param dependencies the direct dependencies, may be {@code null}

import static org.junit.jupiter.api.Assertions.assertTrue;

/**
 * Verifies scope inheritance of direct and transitive dependencies.
 *
 * Should show three behaviors:
 *
 * 1. dependencyManagement should override the scope of transitive dependencies.
 * 2. Direct dependencies should override the scope of dependencyManagement.
 * 3. Direct dependencies should inherit scope from dependencyManagement when
 *    they do not explicitly state a scope.

 *   <li>Filters dependencies to include only those with transitive scopes (compile/runtime)</li>
 *   <li>Applies managed dependency metadata (version, scope, optional flag, exclusions) to direct dependencies</li>
 *   <li>Removes managed dependencies that are not used by direct dependencies</li>
 *   <li>Retains only managed dependencies that appear in the resolved dependency tree</li>
 * </ul>
 * <p>

        hasChanges |= pluginDependencyChanges;

        return hasChanges;
    }

    /**
     * Applies subprojects-related inference optimizations.
     * Removes redundant subprojects lists that match direct children.
     */
    private boolean applySubprojectsInference(UpgradeContext context, Document pomDocument, Path pomPath) {
        boolean hasChanges = false;
        Element root = pomDocument.root();

      other entities that control, are controlled by, or are under common
      control with that entity. For the purposes of this definition,
      "control" means (i) the power, direct or indirect, to cause the
      direction or management of such entity, whether by contract or
      otherwise, or (ii) ownership of fifty percent (50%) or more of the
      outstanding shares, or (iii) beneficial ownership of such entity.

Try to avoid using bitter sarcasm or potentially passive-aggressive comments. If something is wrong, it's better to be direct (try to be gentle) than sarcastic.

Try to be as specific and objective as possible, avoid generalizations.

For conversations that are more difficult, for example to reject a PR, you can ask me (@tiangolo) to handle it directly.

## Edit PR Titles

That's what all the systems with "login with Facebook, Google, X (Twitter), GitHub" use underneath.

### OAuth 1 { #oauth-1 }

There was an OAuth 1, which is very different from OAuth2, and more complex, as it included direct specifications on how to encrypt the communication.

It is not very popular or used nowadays.

OAuth2 doesn't specify how to encrypt the communication, it expects you to have your application served with HTTPS.

/// tip

        String effectiveScope = Artifact.SCOPE_RUNTIME;

        if (originalScope == null) {
            originalScope = Artifact.SCOPE_COMPILE;
        }

        if (inheritedScope == null) {
            // direct dependency retains its scope
            effectiveScope = originalScope;
        } else if (Artifact.SCOPE_TEST.equals(originalScope) || Artifact.SCOPE_PROVIDED.equals(originalScope)) {

import org.apache.maven.project.MavenProject;
import org.apache.maven.project.artifact.ProjectArtifact;
import org.apache.maven.repository.RepositorySystem;

/**
 * @deprecated As of 3.2.2, and there is no direct replacement. This is an internal class which was not marked as such,
 *             but should have been.
 *
 */
@Named
@Singleton
@Deprecated

## Caveat