with:
          java-version: 17
          distribution: 'temurin'

      - name: Checkout maven
        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
        with:
          persist-credentials: false

      - name: Prepare Mimir for Maven 3.x
        shell: bash
        run: |
          mkdir -p ${{ env.MIMIR_BASEDIR }}

    permissions:
      contents: write
      pull-requests: write
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repository
        uses: actions/checkout@v6
        with:
          persist-credentials: false
          fetch-depth: 0
      - name: Update jdks.yaml
        uses: gradle/update-jdks-action@main
      - name: Add verification comment
        # https://github.com/gradle/gradle-private/issues/4518

      id-token: write

    steps:
      - name: "Checkout code"
        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
        with:
          persist-credentials: false

      - name: "Run analysis"
        uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3
        with:
          results_file: results.sarif
          results_format: sarif

      # contents: read
      # actions: read

    steps:
      - name: "Checkout code"
        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
        with:
          persist-credentials: false

      - name: "Run analysis"
        uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3
        with:
          results_file: results.sarif
          results_format: sarif

    img: https://fastapi.tiangolo.com/img/sponsors/stainless.png
  - url: https://www.permit.io/blog/implement-authorization-in-fastapi?utm_source=github&utm_medium=referral&utm_campaign=fastapi
    title: Fine-Grained Authorization for FastAPI
    img: https://fastapi.tiangolo.com/img/sponsors/permit.png
  - url: https://www.interviewpal.com/?utm_source=fastapi&utm_medium=open-source&utm_campaign=dev-hiring

       * seen value. And while we *could* do that, we aren't required to: Map.Entry explicitly says
       * that behavior is undefined when the backing map is modified through another API. (It even
       * permits us to throw IllegalStateException. Maybe we should have done that, but we probably
       * shouldn't change now for fear of breaking people.)
       *

  public static final Integer m10 = -10;

  /**
   * Runs Runnable r with a security policy that permits precisely the specified permissions. If
   * there is no current security manager, the runnable is run twice, both with and without a
   * security manager. We require that any security manager permit getPolicy/setPolicy.
   */
  public void runWithPermissions(Runnable r, Permission... permissions) {

* `instagram_basic` es usado por Facebook / Instagram.
* `https://www.googleapis.com/auth/drive` es usado por Google.

/// info | Información

En OAuth2 un "scope" es solo un string que declara un permiso específico requerido.

No importa si tiene otros caracteres como `:` o si es una URL.

Esos detalles son específicos de la implementación.

Para OAuth2 son solo strings.

///

Por ejemplo, digamos que tienes 4 endpoints de API (*path operations*):

* `/items/public/`
* `/items/private/`
* `/users/{user_id}/activate`
* `/items/pro/`

entonces podrías agregar diferentes requisitos de permiso para cada uno de ellos solo con dependencias y sub-dependencias:

```mermaid
graph TB

current_user(["current_user"])
active_user(["active_user"])
admin_user(["admin_user"])
paying_user(["paying_user"])

<a href="https://www.permit.io/blog/implement-authorization-in-fastapi?utm_source=github&utm_medium=referral&utm_campaign=fastapi" target="_blank" title="Fine-Grained Authorization for FastAPI"><img src="https://fastapi.tiangolo.com/img/sponsors/permit.png"></a>