//
    // 9) Execute AbstractLifecycleParticipant.afterProjectsRead(session)
    //
    // 10) Create ProjectDependencyGraph without trimming (as trimming was done in 7). A new topological sort is
    // required after the execution of 9) as the AbstractLifecycleParticipants are free to mutate the MavenProject

    # Return some error
    ...
```

But by using the `secrets.compare_digest()` it will be secure against a type of attacks called "timing attacks".

### Timing Attacks

But what's a "timing attack"?

Let's imagine some attackers are trying to guess the username and password.

And they send a request with a username `johndoe` and a password `love123`.

    # Einen Error zurückgeben
    ...
```

Aber durch die Verwendung von `secrets.compare_digest()` ist dieser Code sicher vor einer Art von Angriffen, die „Timing-Angriffe“ genannt werden.

### Timing-Angriffe

Aber was ist ein „Timing-Angriff“?

Stellen wir uns vor, dass einige Angreifer versuchen, den Benutzernamen und das Passwort zu erraten.

          try {
            if (timer != null) {
              long overDelayMs = Math.abs(timer.getDelay(MILLISECONDS));
              if (overDelayMs > 10) { // Not all timing drift is worth reporting
                message += " (timeout delayed by " + overDelayMs + " ms after scheduled time)";
              }
            }
            message += ": " + delegate;
          } finally {

                .build();

        /*
        // This is the desired behaviour, however there are too many crappy poms in the repo and an issue with the
        // timing of executing the interpolation

        try
        {
        new RegexBasedModelInterpolator().interpolate( model, context );
        fail( "Should have failed to interpolate with invalid reference" );
        }

   * representation to this hash code.
   *
   * <p><b>Security note:</b> this method uses a constant-time (not short-circuiting) implementation
   * to protect against <a href="http://en.wikipedia.org/wiki/Timing_attack">timing attacks</a>.
   */
  @Override
  public final boolean equals(@CheckForNull Object object) {
    if (object instanceof HashCode) {
      HashCode that = (HashCode) object;

   * representation to this hash code.
   *
   * <p><b>Security note:</b> this method uses a constant-time (not short-circuiting) implementation
   * to protect against <a href="http://en.wikipedia.org/wiki/Timing_attack">timing attacks</a>.
   */
  @Override
  public final boolean equals(@CheckForNull Object object) {
    if (object instanceof HashCode) {
      HashCode that = (HashCode) object;

    MavenExecutionRequest setBaseDirectory(File basedir);

    /**
     * @deprecated use {@link #getTopDirectory()} instead
     */
    @Deprecated
    String getBaseDirectory();

    // Timing (remove this)
    MavenExecutionRequest setStartTime(Date start);

    Date getStartTime();

    // Goals
    MavenExecutionRequest setGoals(List<String> goals);

    List<String> getGoals();

   * obtained by calling {@code snapshot()} on the same {@link StatsAccumulator} without adding any
   * values in between the two calls, or if one is obtained from the other after round-tripping
   * through java serialization. However, floating point rounding errors mean that it may be false
   * for some instances where the statistics are mathematically equal, including instances

  or uncacheable. ([#117295](https://github.com/kubernetes/kubernetes/pull/117295), [@aojea](https://github.com/aojea))