/**
     * Enable or disable sensitive data masking
     *
     * @param enable true to enable masking
     */
    public void setSensitiveDataMaskingEnabled(boolean enable) {
        this.maskSensitiveData = enable;
        log.info("Sensitive data masking {}", enable ? "enabled" : "disabled");
    }

    /**
     * Enable or disable high performance mode for sensitive data masking
     *

**Warning**: The logs generated by this interceptor when using the `HEADERS` or `BODY` levels have
the potential to leak sensitive information such as "Authorization" or "Cookie" headers and the
contents of request and response bodies. This data should only be logged in a controlled way or in
a non-production environment.

You can redact headers that may contain sensitive information by calling `redactHeader()`.
```java
logging.redactHeader("Authorization");

    server.enqueue(
      MockResponse
        .Builder()
        .addHeader("SeNsItIvE", "Value")
        .addHeader("Not-Sensitive", "Value")
        .build(),
    )
    val response =
      client
        .newCall(
          request()
            .addHeader("SeNsItIvE", "Value")
            .addHeader("Not-Sensitive", "Value")
            .build(),
        ).execute()
    response.body.close()

	// as an audience value. It MAY also contain identifiers for
	// other audiences. In the general case, the aud value is an
	// array of case sensitive strings. In the common special case
	// when there is one audience, the aud value MAY be a single
	// case sensitive
	audValues, ok := policy.GetValuesFromClaims(mclaims, audClaim)
	if !ok {

    byte[] getSigningKey();

    /**
     * Validates authentication credentials
     *
     * @return true if credentials are valid
     */
    boolean validateCredentials();

    /**
     * Clears sensitive authentication data
     */
    void clearSensitiveData();

    /**
     * Gets authentication metadata for auditing
     *
     * @return authentication metadata
     */

    environment = makePropagatedEnvironment()
    environment.forEach { (key, _) ->
        require(credentialsKeywords.none { key.contains(it, true) }) { "Found sensitive data in filtered environment variables: $key" }
    }

    if (inheritDevelocityAccessToken) {
        System.getenv("DEVELOCITY_ACCESS_KEY")?.let {
            environment["DEVELOCITY_ACCESS_KEY"] = it
        }

        auth.secureWipePassword();
        assertNull(auth.getPassword());
    }

    /**
     * Test that closed authenticator prevents all sensitive operations
     */
    @Test
    @DisplayName("Test closed authenticator blocks all sensitive operations")
    public void testClosedAuthenticatorBlocking() throws Exception {

     * Used for compilation, execution and Javadoc among others.
     * The Java tools location is {@link StandardLocation#CLASS_PATH}.
     *
     * <h4>Context-sensitive interpretation</h4>
     * A dependency with this path type will not necessarily be placed on the class path.
     * There are two circumstances where the dependency may nevertheless be placed somewhere else:
     *
     * <ul>

/**
 * Secure credential storage with encryption at rest.
 *
 * Provides secure storage of passwords and other sensitive credentials
 * using AES-GCM encryption with PBKDF2 key derivation.
 *
 * Features:
 * - Encrypts credentials at rest using AES-256-GCM
 * - Uses PBKDF2 for key derivation from master password
 * - Secure wiping of sensitive data
 * - Thread-safe operations
 * - Protection against timing attacks
 */

* «to wrap»: «wrappen»
* «to wrap»: NOT «hüllen»
* «`foo` as a `type`»: «`foo` vom Typ `type`»
* «`foo` as a `type`»: «`foo`, ein `type`»
* «FastAPI's X»: «FastAPIs X»
* «Starlette's Y»: «Starlettes Y»
* «X is case-sensitive»: «Groß-/Klein­schrei­bung ist relevant in X»
* «X is case-insensitive»: «Groß-/Klein­schrei­bung ist nicht relevant in X»
* «standard Python»: «Standard-Python»
* «deprecated»: «deprecatet»


### Other rules