"time",
					"logging-api",
					"kotlin-dsl-plugins",
					"serialization",
					"toolchains-jvm-shared",
					"docs-asciidoctor-extensions-base",
					"internal-instrumentation-processor",
					"security",
					"input-tracking",
					"base-ide-plugins"
				]
			},
			{
				"parallelizationMethod":{
					"name":"TestDistribution"
				},
				"subprojects":[
					"testing-jvm",
					"worker-processes",

package common

import jetbrains.buildServer.configs.kotlin.DslContext

fun isSecurityFork(): Boolean {
    return DslContext.settingsRoot.id.toString().lowercase().contains("security")
}

// GradleMaster -> Master
// GradleSecurityAdvisory84mwRelease -> SecurityAdvisory84mwRelease
val DslContext.uuidPrefix: String
    get() = settingsRoot.id.toString().substringAfter("Gradle")

data class VersionedSettingsBranch(val branchName: String) {

Java serialization offers limited control over the serialization process, such as excluding certain fields, customizing naming conventions, and handling complex data structures more gracefully.

- **Security:**
Java serialization poses security risks, especially related to deserialization vulnerabilities.

- **Version Compatibility:**
With Java serialization, even minor changes to a class (like adding a field) can break compatibility.

    val javaParser = "com.github.javaparser:javaparser-core"
    val jetty = "org.eclipse.jetty:jetty-http"
    val jettySecurity = "org.eclipse.jetty:jetty-security"
    val jettyWebApp = "org.eclipse.jetty:jetty-webapp"
    val joptSimple = "net.sf.jopt-simple:jopt-simple"
    val jsoup = "org.jsoup:jsoup"
    val jtar = "org.kamranzafar:jtar"

### Security vulnerabilities

Do not report security vulnerabilities to the public issue tracker. Follow our [Security Vulnerability Disclosure Policy](https://github.com/gradle/gradle/security/policy).

### Follow the Code of Conduct

permissions: {}

jobs:
  CodeQL-Build:
    permissions:
      actions: read  # for github/codeql-action/init to get workflow details
      contents: read  # for actions/checkout to fetch code
      security-events: write  # for github/codeql-action/analyze to upload SARIF results
    runs-on: ubuntu-latest

    strategy:
      fail-fast: false
      matrix:

                @Deprecated
                void method();
            }
        """

        then:
        incubatingMissingRule.maybeViolation(jApiType).severity == Severity.error
        sinceMissingRule.maybeViolation(jApiType).severity == Severity.error

        where:
        apiElement  | jApiTypeName
        'interface' | 'jApiClassifier'
        'method'    | 'jApiMethod'
        'field'     | 'jApiField'

  },
  {
    "name": "scala",
    "path": "platforms/jvm/scala",
    "unitTests": true,
    "functionalTests": true,
    "crossVersionTests": false
  },
  {
    "name": "security",
    "path": "platforms/software/security",
    "unitTests": true,
    "functionalTests": false,
    "crossVersionTests": false
  },
  {
    "name": "serialization",
    "path": "platforms/core-runtime/serialization",

            .replaceAll('/', '[.]')
            .replaceAll('###', '.*?')
    }
}

private String writeFilterPreset(Project project) {
    def preset = project.hasProperty('bin.cmp.report.severity.filter') ? project.getProperty('bin.cmp.report.severity.filter') : 'All levels'
    return """<input id="filter-preset" type="hidden" value="$preset" />"""