return restrictions;
    }

    /**
     * @deprecated VersionRange is immutable, cloning is not useful and even more an issue against the cache
     * @return a clone
     */
    @Deprecated
    public VersionRange cloneOf() {
        List<Restriction> copiedRestrictions = null;

        if (restrictions != null) {
            copiedRestrictions = new ArrayList<>();

            orig.refresh();
            // Clone should retain its cached Subject
            assertSame(copySubj, copy.getSubject(), "Clone should retain its cached Subject");
        } else {
            // If JAAS is not configured and getSubject() returns null, verify cloning still works
            assertNull(first, "First call to getSubject() returned null - JAAS not configured");

        Kerb5Authenticator cloned = auth.clone();

        assertNotSame(auth, cloned);
        assertEquals(subj, cloned.getSubject());
        assertEquals("alice", cloned.getUser());
        assertEquals("EXAMPLE.COM", cloned.getRealm());
        assertEquals("cifs", cloned.getService());
        assertEquals(123, cloned.getUserLifeTime());
        assertEquals(456, cloned.getLifeTime());

     */
    protected static void cloneInternal(NtlmPasswordAuthenticator cloned, NtlmPasswordAuthenticator toClone) {
        cloned.domain = toClone.domain;
        cloned.username = toClone.username;
        cloned.password = toClone.password != null ? toClone.password.clone() : null;
        cloned.type = toClone.type;
    }

    /**
     * Returns the domain.
     */
    @Override
    public String getUserDomain() {

            when(mockMd5.clone()).thenReturn(clonedMd5);

            HMACT64 clonedHmac = (HMACT64) originalHmac.clone();

            assertNotNull(clonedHmac);
            assertNotSame(originalHmac, clonedHmac);
            verify(mockMd5, times(1)).clone(); // Verify that the internal MD5 was cloned
        }
    }

    @Test
    void testCloneNotSupportedException() throws NoSuchAlgorithmException, CloneNotSupportedException {

        assertEquals(original.getUsername(), cloned.getUsername());
        assertEquals(original.getPassword(), cloned.getPassword());

        // Verify password arrays are independent
        original.secureWipePassword();
        assertNull(original.getPassword());
        assertEquals("ClonePass123!", cloned.getPassword());
    }

    /**
     * Test authentication type guessing with secure password

		if err != nil {
			encLogIf(GlobalContext, err)
			return nil
		}
		data = decrypted
	}
	return data
}

// Clone - Returns a cloned copy of current objectInfo
func (o *ObjectInfo) Clone() (cinfo ObjectInfo) {
	cinfo = ObjectInfo{
		Bucket:                     o.Bucket,
		Name:                       o.Name,
		ModTime:                    o.ModTime,

		{
			name:    "happy path no errors",
			fv:      defaultFormVals.Clone(),
			wantErr: "",
		},
		{
			name:    "expired policy document",
			fv:      defaultFormVals.Clone(),
			expired: true,
			wantErr: "Invalid according to Policy: Policy expired",
		},
		{
			name:    "different AMZ date",
			fv:      defaultFormVals.Clone().Set(xhttp.AmzDate, "2017T000000Z"),
			wantErr: policyCondFailedErr,
		},

func (m metaCacheEntries) isSorted() bool {
	return sort.SliceIsSorted(m, m.less)
}

// shallowClone will create a shallow clone of the array objects,
// but object metadata will not be cloned.
func (m metaCacheEntries) shallowClone() metaCacheEntries {
	dst := make(metaCacheEntries, len(m))
	copy(dst, m)
	return dst
}

type metadataResolutionParams struct {

	if sqldb, ok := connPool.(*sql.DB); ok && sqldb != nil {
		return sqldb, nil
	}

	return nil, ErrInvalidDB
}

func (db *DB) getInstance() *DB {
	if db.clone > 0 {
		tx := &DB{Config: db.Config, Error: db.Error}

		if db.clone == 1 {
			// clone with new statement
			tx.Statement = &Statement{
				DB:        tx,
				ConnPool:  db.Statement.ConnPool,
				Context:   db.Statement.Context,