}

  /**
   * Returns a hash function implementing the SHA-1 algorithm (160 hash bits).
   *
   * @deprecated If you must interoperate with a system that requires SHA-1, then use this method,
   *     despite its deprecation. But if you can choose your hash function, avoid SHA-1, which is
   *     neither fast nor secure. As of January 2017, we suggest:
   *     <ul>

        if (ignoreShas.contains(depName)) {
            // local deps should not have sha files!
            if (getShaFile(jarName).exists()) {
                throw new GradleException("SHA file " + getShaFile(jarName) + " exists for ignored dependency " + depName);
            }
        } else {
            logger.info("Checking sha for {}", jarName);
            checkSha(dependency, jarName, shaFiles);
        }
    }

    @JvmStatic
    fun X509Certificate.sha256Hash(): ByteString = publicKey.encoded.toByteString().sha256()

    /**
     * Returns the SHA-256 of `certificate`'s public key.
     *
     * In OkHttp 3.1.2 and earlier, this returned a SHA-1 hash of the public key. Both types are
     * supported, but SHA-256 is preferred.
     */
    @JvmStatic
    fun pin(certificate: Certificate): String {

    // Default configuration
    private static final int DEFAULT_HASH_ALGORITHM = HASH_ALGO_SHA512;
    private static final int SALT_SIZE = 32; // 32 bytes as per SMB 3.1.1 spec
    private static final int HASH_SIZE_SHA512 = 64; // SHA-512 produces 64-byte hashes

    // Session-specific preauth integrity contexts
    private final ConcurrentMap<String, PreauthIntegrityContext> sessionContexts = new ConcurrentHashMap<>();

    // Security configuration

        @DisplayName("calculatePreauthHash computes SHA-512 chain for SMB 3.1.1")
        void preauthHash_happyPath() throws Exception {
            setField(transport, "smb2", true);
            Smb2NegotiateResponse nego = new Smb2NegotiateResponse(cfg);
            setField(nego, "selectedDialect", DialectVersion.SMB311);
            setField(nego, "selectedPreauthHash", 1); // 1 => SHA-512
            setField(transport, "negotiated", nego);

        // Setup SMB3.1.1 negotiation
        when(negotiateResponse.getSelectedDialect()).thenReturn(DialectVersion.SMB311);
        when(negotiateResponse.getSelectedPreauthHash()).thenReturn(1); // SHA-512
        setPrivateField(transport, "smb2", true);
        setPrivateField(transport, "negotiated", negotiateResponse);

        int threadCount = 10;
        CountDownLatch startLatch = new CountDownLatch(1);

  verbose " - Running Downloader.java ..."
  "$(native_path "$JAVACMD")" -cp "$(native_path "$TMP_DOWNLOAD_DIR")" Downloader "$distributionUrl" "$(native_path "$targetZip")"
fi

# If specified, validate the SHA-256 sum of the Maven distribution zip file
if [ -n "${distributionSha256Sum-}" ]; then
  distributionSha256Result=false
  if [ "$MVN_CMD" = mvnd.sh ]; then
    echo "Checksum validation is not supported for maven-mvnd." >&2

    private static final String[] CHECKSUM_IDS = {"md5", "sha1"};

    /**
     * have to match the CHECKSUM_IDS
     */
    private static final String[] CHECKSUM_ALGORITHMS = {"MD5", "SHA-1"};

    @Inject
    private Logger logger;

    @Inject
    private PlexusContainer container;

    @Inject
    private UpdateCheckManager updateCheckManager;

    @Inject

`updatemaxprocs=0` will disable periodic updates.

Go 1.25 disabled SHA-1 signature algorithms in TLS 1.2 according to RFC 9155.
The default can be reverted using the `tlssha1=1` setting.

Go 1.25 switched to SHA-256 to fill in missing SubjectKeyId in
crypto/x509.CreateCertificate. The setting `x509sha256skid=0` reverts to SHA-1.

Go 1.25 corrected the semantics of contention reports for runtime-internal locks,

        } else if ("md5".equalsIgnoreCase(digestAlgorithm)) {
            logger.warn("MD5 digest is deprecated due to its collision vulnerabilities. Please consider migrating to SHA-256. algorithm={}",
                    digestAlgorithm);
            oneWay = new OneWayCryptographer("MD5", OneWayCryptographer.ENCODING_UTF8);
        } else {