```gitignore
*
```

///

## Install Packages { #install-packages }

After activating the environment, you can install packages in it.

/// tip

Do this **once** when installing or upgrading the packages your project needs.

If you need to upgrade a version or add a new package you would **do this again**.

///

### Install Packages Directly { #install-packages-directly }

    /**
     * Vendor-specific default packages.  If no packages are specified in
     * "java.protocol.handler.pkgs", the VM uses one or more default
     * packages, which are vendor specific.  Sun's is included below
     * for convenience; others could be as well.  If a particular vendor's
     * package isn't listed, it can be specified in
     * "java.protocol.handler.pkgs".
     */

 * <ul>
 *     <li>{@code jar}: Packages the project as a Java Archive (JAR) file.</li>
 *     <li>{@code war}: Packages the project as a Web Application Archive (WAR) file.</li>
 *     <li>{@code pom}: Indicates that the project does not produce a deployable artifact but is used for dependency management or as an aggregator.</li>
 *     <li>{@code maven-plugin}: Packages the project as a Maven plugin.</li>
 * </ul>
 *

    /**
     * Vendor-specific default packages. If no packages are specified in
     * "java.protocol.handler.pkgs", the VM uses one or more default
     * packages, which are vendor specific. Sun's is included below
     * for convenience; others could be as well. If a particular vendor's
     * package isn't listed, it can be specified in
     * "java.protocol.handler.pkgs".
     */

```

Das würde bedeuten:

* Beginnend im selben Package, in dem sich dieses Modul (die Datei `app/routers/items.py`) befindet (das Verzeichnis `app/routers/`) ...
* gehe zum übergeordneten Package (das Verzeichnis `app/`) ...
* gehe dann zum übergeordneten Package dieses Packages (es gibt kein übergeordnetes Package, `app` ist die oberste Ebene 😱) ...

In almost any framework handling the security becomes a rather complex subject quite quickly.

Many packages that simplify it a lot have to make many compromises with the data model, database, and available features. And some of these packages that simplify things too much actually have security flaws underneath.

---

**FastAPI** doesn't make any compromise with any database, data model or tool.

                final String webPackageKeyword = getWebPackageKeyword();
                if (!clazz.getName().contains(webPackageKeyword) ||
                // exclude app.web.api.admin packages
                        clazz.getName().contains(".app.web.api.admin.")) {
                    return;
                }
                check(srcFile, clazz, webPackageKeyword);
            }
        });
    }

In fast jedem Framework wird die Handhabung der Sicherheit recht schnell zu einem ziemlich komplexen Thema.

Viele Packages, die es stark vereinfachen, müssen viele Kompromisse beim Datenmodell, der Datenbank und den verfügbaren Funktionen eingehen. Und einige dieser Pakete, die die Dinge zu sehr vereinfachen, weisen tatsächlich Sicherheitslücken auf.

---

If you use any other tool to manage your installations, like `uv`, Poetry, Pipenv, or others, they all have a way that you can use to define specific versions for your packages.

## Available versions { #available-versions }

You can see the available versions (e.g. to check what is the current latest) in the [Release Notes](../release-notes.md){.internal-link target=_blank}.

import junit.framework.TestCase;
import org.jspecify.annotations.NullUnmarked;

/**
 * Tests that all package-private {@code writeReplace} methods are overridden in any existing
 * subclasses. Without such overrides, optimizers might put a {@code writeReplace}-containing class
 * and its subclass in different packages, causing the serialization system to fail to invoke {@code