[java] Replace Maven dependency references with artifact() for org.jspecify.jspecify

[iampopovich]

User description

🔗 Related Issues

related to #16026

💥 What does this PR do?

This pull request updates the way the jspecify dependency is referenced in several Bazel build files across the Selenium Java modules. Instead of using the @maven//:org_jspecify_jspecify label, the dependency is now added via the artifact("org.jspecify:jspecify") function from rules_jvm_external. This change standardizes dependency management and improves compatibility with Bazel's external artifact handling.

Dependency management improvements:

• Switched all references to @maven//:org_jspecify_jspecify to use artifact("org.jspecify:jspecify") in the deps lists of multiple build files, including chrome, edge, firefox, ie, safari, json, remote/http, concurrent, devtools, and grid/sessionmap/jdbc modules. [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11]

Build file loading updates:

• Added the artifact symbol to Bazel load statements in affected build files to enable the new dependency syntax. [1] [2] [3] [4] [5] [6] [7] [8]

These changes make the build configuration more maintainable and consistent with Bazel best practices.

🔧 Implementation Notes

💡 Additional Considerations

🔄 Types of changes

• Cleanup (formatting, renaming)

---

PR Type

Enhancement

---

Description

• Consolidate artifact() function imports from rules_jvm_external into //java:defs.bzl

• Replace all @maven//:org_jspecify_jspecify references with artifact("org.jspecify:jspecify")

• Standardize dependency management across 11 Java module BUILD files

• Remove redundant external artifact imports from individual build files

---

Diagram Walkthrough

flowchart LR
  A["@rules_jvm_external//:defs.bzl<br/>artifact import"] -->|"consolidate into"| B["//java:defs.bzl"]
  C["@maven//:org_jspecify_jspecify<br/>direct reference"] -->|"replace with"| D["artifact('org.jspecify:jspecify')"]
  B -->|"load in BUILD files"| D
  style A fill:#ffcccc
  style C fill:#ffcccc
  style B fill:#ccffcc
  style D fill:#ccffcc

Loading

File Walkthrough

Relevant files

Configuration changes

12 files BUILD.bazel Load artifact function and update jspecify dependency        +2/-2      BUILD.bazel Load artifact function and update jspecify dependency        +2/-2      BUILD.bazel Consolidate artifact import and update jspecify references +3/-4      BUILD.bazel Load artifact function and update jspecify dependency        +2/-2      BUILD.bazel Load artifact function and update jspecify dependency        +2/-2      BUILD.bazel Consolidate artifact import and update jspecify reference +2/-3      BUILD.bazel Load artifact function and update jspecify dependency        +2/-2      BUILD.bazel Load artifact function and add jspecify dependency              +2/-1      BUILD.bazel Consolidate artifact import and update load statement        +1/-2      BUILD.bazel Load artifact function and update jspecify dependency        +2/-2      BUILD.bazel Load artifact function and update jspecify dependency        +2/-2      BUILD.bazel Consolidate artifact import into defs.bzl load                      +1/-2

---

[qodo-merge-pro]

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
🟢	No security concerns identified No security vulnerabilities detected by AI analysis. Human verification advised for critical code.
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
🟢	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
⚪	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: Not Applicable: The PR only updates Bazel dependency declarations and does not introduce runtime code that performs critical actions requiring audit logging; confirm no new critical operations are added elsewhere in the PR. Referred Code load("//java:defs.bzl", "artifact", "java_export") load("//java:version.bzl", "SE_VERSION") java_export( name = "http", srcs = glob(["**/*.java"]), maven_coordinates = "org.seleniumhq.selenium:selenium-http:%s" % SE_VERSION, pom_template = "//java/src/org/openqa/selenium:template-pom", tags = [ "release-artifact", ], uses = [ "org.openqa.selenium.remote.http.HttpClient$Factory", ], visibility = [ "//visibility:public", ], deps = [ "//java:auto-service", "//java/src/org/openqa/selenium:core", "//java/src/org/openqa/selenium/json", ... (clipped 2 lines) Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: Not Applicable: Only build dependency references and load statements were changed; no operational code paths or error handling were introduced, but verify that switching to artifact() does not require additional fallback or validation in build rules. Referred Code load("//common:defs.bzl", "copy_file") load("//java:defs.bzl", "java_binary", "java_library", "artifact") GENERATOR_SOURCES = [ "CdpClientGenerator.java", ] PROTOTYPE_SOURCES = [ "Command.java", "ConverterFunctions.java", "DevToolsException.java", "Event.java", ] java_library( name = "devtools-prototypes", srcs = PROTOTYPE_SOURCES, visibility = [ "//java/src/org/openqa/selenium/devtools:__subpackages__", ], deps = [ ... (clipped 60 lines) Learn more about managing compliance generic rules or creating your own custom rules

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

[qodo-merge-pro]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
General	Remove potentially unnecessary dependency addition The jspecify dependency is newly added to the json module, unlike other files where it is a replacement. Verify if this dependency is truly needed and remove it if not. java/src/org/openqa/selenium/json/BUILD.bazel [4-19] java_export( name = "json", srcs = glob(["*.java"]), maven_coordinates = "org.seleniumhq.selenium:selenium-json:%s" % SE_VERSION, pom_template = "//java/src/org/openqa/selenium:template-pom", tags = [ "release-artifact", ], visibility = [ "//visibility:public", ], deps = [ "//java/src/org/openqa/selenium:core", - artifact("org.jspecify:jspecify"), ], ) Apply / Chat Suggestion importance[1-10]: 6 __ Why: The suggestion correctly identifies that the jspecify dependency is being added, not replaced, in this file, and rightly questions if this new dependency is necessary.	Low
More