## Submitting PRs

1. **Title and Summary**:
   - Use a scannable title: `[Subsystem] Action Description #Issue` (e.g., `[IAM] Add role-based access control #567`).
   - Include context in the summary: what changed, why, and any issue references.
   - Use `[WIP]` for in-progress PRs to avoid premature merging or choose GitHub draft PRs.

2. **Commits**:

import java.io.File;
import java.util.List;

/**
 * Convenience interface for plugins to add or replace artifacts and resources on projects.
 */
public interface MavenProjectHelper {
    String ROLE = MavenProjectHelper.class.getName();

    /**
     * See {@link #attachArtifact(MavenProject, String, String, java.io.File)}, but with type set to null.
     * @param project project reference.

import org.apache.maven.execution.MavenExecutionRequest;
import org.codehaus.plexus.util.xml.pull.XmlPullParserException;

/**
 */
@Deprecated
public interface MavenSettingsBuilder {

    String ROLE = MavenSettingsBuilder.class.getName();

    String ALT_USER_SETTINGS_XML_LOCATION = "org.apache.maven.user-settings";
    String ALT_GLOBAL_SETTINGS_XML_LOCATION = "org.apache.maven.global-settings";

        Element section = document.createElement("section");
        parent.appendChild(section);
        section.setAttribute("id", propertyDoc.getId());
        section.setAttribute("role", "detail");

        Element title = document.createElement("title");
        section.appendChild(title);
        title.appendChild(linkRenderer.link(propertyDoc.getMetaData().getType(), listener));

import org.apache.maven.artifact.resolver.ArtifactNotFoundException;
import org.apache.maven.artifact.resolver.ArtifactResolutionException;

/**
 */
@Deprecated
public interface ArtifactTransformation {
    String ROLE = ArtifactTransformation.class.getName();

    /**
     * Take in an artifact and return the transformed artifact for locating in the remote repository. If no
     * transformation has occurred the original artifact is returned.

		err = sys.store.PolicyMappingNotificationHandler(ctx, user, true, regUser)
	}
	return err
}

// HasRolePolicy - returns if a role policy is configured for IAM.
func (sys *IAMSys) HasRolePolicy() bool {
	return len(sys.rolesMap) > 0
}

// GetRolePolicy - returns policies associated with a role ARN.
func (sys *IAMSys) GetRolePolicy(arnStr string) (arn.ARN, string, error) {
	roleArn, err := arn.Parse(arnStr)
	if err != nil {

/**
 * A facade that provides lifecycle services to components outside Maven core.
 *
 */
public interface LifecycleExecutor {

    // USED BY MAVEN HELP PLUGIN
    @Deprecated
    String ROLE = LifecycleExecutor.class.getName();

    // For a given project packaging find all the plugins that are bound to any registered
    // lifecycles. The project builder needs to now what default plugin information needs to be

     * {@link #releaseMojo(Object, MojoExecution)} when the mojo is no longer needed to free any resources allocated for
     * it.
     *
     * @param mojoInterface The component role of the mojo, must not be {@code null}.
     * @param session The build session in whose context the mojo will be used, must not be {@code null}.

		if pubkey == nil {
			return nil, fmt.Errorf("No public key found for kid %s", kid)
		}
		return pubkey, nil
	}

	pCfg, ok := r.arnProviderCfgsMap[arn]
	if !ok {
		return fmt.Errorf("Role %s does not exist", arn)
	}

	mclaims := jwtgo.MapClaims(claims)
	jwtToken, err := jp.ParseWithClaims(token, &mclaims, keyFuncCallback)
	if err != nil {
		// Re-populate the public key in-case the JWKS

			provider.WithTransport(transport),
			provider.WithRealm(realm),
		)
		return err
	default:
		return fmt.Errorf("Unsupported vendor %s", keyCloakVendor)
	}
}

// GetRoleArn returns the role ARN.
func (p *providerCfg) GetRoleArn() string {
	if p.RolePolicy == "" {
		return ""
	}
	return p.roleArn.String()
}

// UserInfo returns claims for authenticated user from userInfo endpoint.
//