with:
          name: SARIF file
          path: results.sarif
          retention-days: 5

      # Upload the results to GitHub's code scanning dashboard.
      - name: "Upload to code-scanning"
        uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
        with:

Use [CertificatePinner](https://square.github.io/okhttp/5.x/okhttp/okhttp3/-certificate-pinner/) to restrict which certificates and certificate authorities are trusted. Certificate pinning increases security, but limits your server team’s abilities to update their TLS certificates. **Do not use certificate pinning without the blessing of your server’s TLS administrator!**

=== ":material-language-kotlin: Kotlin"
    ```kotlin
      private val client = OkHttpClient.Builder()

          "instrumentation-reporting",
          "model-groovy",
          "plugins-jvm-test-fixtures",
          "plugins-jvm-test-suite",
          "reporting",
          "resources-s3",
          "signing",
          "testing-base"
        ],
        "parallelizationMethod": {
          "name": "TestDistribution"
        }
      },
      {
        "subprojects": [
          "antlr",

tasks.withType<Sign>().configureEach { isEnabled = signArtifacts }

signing {
    useInMemoryPgpKeys(pgpSigningKey.orNull, pgpSigningPassPhrase.orNull)
    publishing.publications.configureEach {
        if (signArtifacts) {
            signing.sign(this)
        }
    }

### Application Discovery { #application-discovery }

The recommended way of invoking Gradle is to use the Gradle Wrapper.
The Wrapper then downloads the Gradle distribution (if necessary), starts the Launcher and runs the build, spawning and connecting to other processes such as the Daemon as required.

     */
    public ProtocolHelper() {
        // Default constructor
    }

    /**
     * Initializes the protocol helper by loading configured protocols from FessConfig
     * and scanning for available protocol handlers in the classpath.
     * This method is called automatically after bean construction.
     */
    @PostConstruct
    public void init() {

2.  Pull requests are great for small fixes for bugs, documentation, etc.
3.  Pull requests are not merged directly into the master branch.
4.  Code contributions require signing a Google CLA.

API changes
-----------

We make changes to Guava's public [APIs][], including adding new APIs, very
carefully. Because of this, if you're interested in seeing a new feature in

### Fixing DCO failures/Signing Off Commits After Submitting a Pull Request

    "path": "platforms/core-runtime/service-registry-impl",
    "unitTests": true,
    "functionalTests": false,
    "crossVersionTests": false
  },
  {
    "name": "signing",
    "path": "platforms/software/signing",
    "unitTests": true,
    "functionalTests": true,
    "crossVersionTests": false
  },
  {
    "name": "smoke-ide-test",
    "path": "testing/smoke-ide-test",