// license that can be found in the LICENSE file.

// This test makes sure that -m=2's escape analysis diagnostics don't
// go into an infinite loop when handling negative dereference
// cycles. The critical thing being tested here is that compilation
// succeeds ("errorcheck -0"), not any particular diagnostic output,
// hence the very lax ERROR patterns below.

package p

type Node struct {
	Orig *Node
}

spec:
  selector:
    matchLabels:
      k8s-app: nvidia-gpu-device-plugin
  template:
    metadata:
      labels:
        k8s-app: nvidia-gpu-device-plugin
    spec:
      priorityClassName: system-node-critical
      affinity:
        nodeAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
            nodeSelectorTerms:
            - matchExpressions:
              - key: cloud.google.com/gke-accelerator

  component: konnectivity-server
spec:
  securityContext:
    {{ run_as_user }}
    {{ run_as_group }}
    {{ supplemental_groups }}
    seccompProfile:
      type: RuntimeDefault
  priorityClassName: system-node-critical
  priority: 2000001000
  hostNetwork: true
  containers:
  - name: konnectivity-server-container
    {{ container_security_context }}:
      {{ disallow_privilege_escalation}}
      {{ capabilities }}

  }
},
"spec":{
"securityContext": {
  "seccompProfile": {
      "type": "RuntimeDefault"
  },
  "runAsUser": {{runAsUser}},
  "runAsGroup": {{runAsGroup}}
},
"priorityClassName": "system-node-critical",
"priority": 2000001000,
"hostNetwork": true,
"containers":[
    {
    "name": "kube-scheduler",
    "securityContext": {
      "allowPrivilegeEscalation": false,
      "capabilities": {
        "drop": [

spec:
  revisionHistoryLimit: 2
  selector:
    matchLabels:
      k8s-app: calico-typha
  template:
    metadata:
      labels:
        k8s-app: calico-typha
    spec:
      priorityClassName: system-cluster-critical
      tolerations:
      - key: CriticalAddonsOnly
        operator: Exists
      hostNetwork: true
      serviceAccountName: calico
      containers:
      - image: gcr.io/projectcalico-org/typha:v3.19.1

  labels:
    component: kube-addon-manager
spec:
  securityContext:
    seccompProfile:
      type: RuntimeDefault
    runAsUser: {{runAsUser}}
    runAsGroup: {{runAsGroup}}
  priorityClassName: system-node-critical
  priority: 2000001000
  hostNetwork: true
  containers:
  - name: kube-addon-manager
    securityContext:
      allowPrivilegeEscalation: false
      capabilities:
        drop:
        - all

 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.gradle.internal.logging.util;

/**
 * This class contains references to log4j-core which had a critical vulnerability,
 * see <a url="https://nvd.nist.gov/vuln/detail/CVE-2021-44228">CVE-2021-44228</a>.
 */
public class Log4jBannedVersion {

        if (details.requested.group == 'org.software' && details.requested.name == 'some-library' && details.requested.version == '1.2') {
            details.useVersion '1.2.1'
            details.because 'fixes critical bug in 1.2'
        }
    }
}
// end::denying_version[]

// tag::module_substitution[]
configurations.all {
    resolutionStrategy.eachDependency { DependencyResolveDetails details ->

      extensionValue,
      decompose = {
        listOf(
          it.id,
          it.critical,
          it.value,
        )
      },
      construct = {
        Extension(
          id = it[0] as String,
          critical = it[1] as Boolean,
          value = it[2],
        )
      },
    )

  /**
   * ```

spec:
  selector:
    matchLabels:
      k8s-app: ip-masq-agent
  template:
    metadata:
      labels:
        k8s-app: ip-masq-agent
    spec:
      priorityClassName: system-node-critical
      serviceAccountName: ip-masq-agent
      hostNetwork: true
      containers:
      - name: ip-masq-agent
        image: registry.k8s.io/networking/ip-masq-agent-amd64:v2.6.1
        args: