RUN Add-Content -Path C:\tools\msys64\.bashrc -Value 'alias gsutil=gsutil.cmd'
RUN Add-Content -Path C:\tools\msys64\.bashrc -Value 'alias bq=bq.cmd'

# Symlink a directory, to have it pretend be the T:\ drive.
# This drive letter is used by internal CI,
# and part of it is mounted to the container during the container's creation.
#
# While the mount argument (`-v host_path:container_path`) still requires

    type: str


class CarItem(BaseItem):
    type: str = "car"


class PlaneItem(BaseItem):
    type: str = "plane"
    size: int


items = {
    "item1": {"description": "All my friends drive a low rider", "type": "car"},
    "item2": {
        "description": "Music is my aeroplane, it's my aeroplane",
        "type": "plane",
        "size": 5,
    },
}

      notJar.delete();
    }
  }

  public void testGetClassPathEntry() throws MalformedURLException, URISyntaxException {
    if (isWindows()) {
      return; // TODO: b/136041958 - We need to account for drive letters in the path.
    }
    assertEquals(
        new File("/usr/test/dep.jar").toURI(),
        ClassPath.getClassPathEntry(new File("/home/build/outer.jar"), "file:/usr/test/dep.jar")
            .toURI());

      notJar.delete();
    }
  }

  public void testGetClassPathEntry() throws MalformedURLException, URISyntaxException {
    if (isWindows()) {
      return; // TODO: b/136041958 - We need to account for drive letters in the path.
    }
    assertEquals(
        new File("/usr/test/dep.jar").toURI(),
        ClassPath.getClassPathEntry(new File("/home/build/outer.jar"), "file:/usr/test/dep.jar")
            .toURI());

## Context

In a distributed team with many subteams, the best solution to communicate decisions is to use a format accessible by everyone in charge of development.

We use *Specification* and *Discovery* documents stored in Google Drive, but they present some downsides:

* They are rarely updated after creation and initial review, and then become hard to follow, especially after important decisions are made

For example, you could identify a "car" or a "blog post".

Then you could add permissions about that entity, like "drive" (for the car) or "edit" (for the blog).

And then, you could give that JWT token to a user (or bot), and they could use it to perform those actions (drive the car, or edit the blog post) without even needing to have an account, just with the JWT token your API generated for that.

They are normally used to declare specific security permissions, for example:

* `users:read` or `users:write` are common examples.
* `instagram_basic` is used by Facebook / Instagram.
* `https://www.googleapis.com/auth/drive` is used by Google.

/// info

In OAuth2 a "scope" is just a string that declares a specific permission required.

It doesn't matter if it has other characters like `:` or if it is a URL.

欄位名稱是單數的 `scope`，但實際上是由多個以空白分隔的「scopes」組成的一長串字串。

每個「scope」就是一個（不含空白的）字串。

它們通常用來宣告特定的權限，例如：

- `users:read` 或 `users:write` 是常見的例子
- `instagram_basic` 用在 Facebook / Instagram
- `https://www.googleapis.com/auth/drive` 用在 Google

/// info

在 OAuth2 裡，「scope」只是用來宣告特定所需權限的一個字串。

不論裡面是否包含像 `:` 之類的字元，或是否是一個 URL，都沒差。

那些都是實作細節。

對 OAuth2 而言，它們就是字串而已。

///

虽然表单字段的名称是 `scope`（单数），但实际上，它是以空格分隔的，由多个**scope**组成的长字符串。

**作用域**只是不带空格的字符串。

常用于声明指定安全权限，例如：

* 常见用例为，`users:read` 或 `users:write`
* 脸书和 Instagram 使用 `instagram_basic`
* 谷歌使用 `https://www.googleapis.com/auth/drive`

/// info | 信息

OAuth2 中，**作用域**只是声明指定权限的字符串。

是否使用冒号 `:` 等符号，或是不是 URL 并不重要。

这些细节只是特定的实现方式。

对 OAuth2 来说，都只是字符串而已。

///

They are normally used to declare specific security permissions, for example:

* `users:read` or `users:write` are common examples.
* `instagram_basic` is used by Facebook / Instagram.
* `https://www.googleapis.com/auth/drive` is used by Google.

/// info

In OAuth2 a "scope" is just a string that declares a specific permission required.

It doesn't matter if it has other characters like `:` or if it is a URL.