```

The best way to verify artifacts is [automatically with Gradle][gradle_verification].


[gradle_verification]: https://docs.gradle.org/current/userguide/dependency_verification.html#sec:signature-verification

     */
    @Size(max = 10000)
    @Required
    public String rt;

    /**
     * Hash value for security or validation purposes.
     * This field is optional and used for request verification.
     */
    public String hash;

    /**
     * Query identifier associated with the search that led to this document access.
     * This is required for tracking and analytics purposes.
     */
    @Required

import java.security.cert.Certificate
import java.security.cert.CertificateException
import java.security.cert.X509Certificate
import javax.net.ssl.X509TrustManager

/** This extends [X509TrustManager] for Android to disable verification for a set of hosts. */
internal class InsecureAndroidTrustManager(
  private val delegate: X509TrustManager,
  private val insecureHosts: List<String>,
) : X509TrustManager {

    // interpreted in little-endian order.
    int verification = Integer.reverseBytes(Ints.fromByteArray(result));

    if (expected != verification) {
      throw new AssertionError(
          "Expected: "
              + Integer.toHexString(expected)
              + " got: "
              + Integer.toHexString(verification));
    }
  }

  static final Funnel<Object> BAD_FUNNEL =

import javax.net.ssl.SSLEngine
import javax.net.ssl.X509ExtendedTrustManager
import org.codehaus.mojo.animal_sniffer.IgnoreJRERequirement

/**
 * This extends [X509ExtendedTrustManager] to disable verification for a set of hosts.
 *
 * Note that the superclass [X509ExtendedTrustManager] isn't available on Android until version 7
 * (API level 24).
 */
@IgnoreJRERequirement
internal class InsecureExtendedTrustManager(

  }

  @Test fun specialKInHostname() {
    // https://github.com/apache/httpcomponents-client/commit/303e435d7949652ea77a6c50df1c548682476b6e
    // https://www.gosecure.net/blog/2020/10/27/weakness-in-java-tls-host-verification/
    val heldCertificate =
      HeldCertificate
        .Builder()
        .commonName("Foo Corp")
        .addSubjectAlternativeName("k.com")
        .addSubjectAlternativeName("tel.com")
        .build()

 * **Security** of the connection. This includes verification of the remote webserver with certificates and the privacy of data exchanged with strong ciphers.

        // Execute and ensure no exceptions are thrown
        QueryBuilder result = matchAllQueryCommand.execute(context, query, boost);

        assertNotNull(result);

        // Note: Actual log output verification would require a log appender mock
        // but we can at least ensure the method executes without errors
        logger.info("Execute method called with query: {} and boost: {}", query, boost);
    }

 * decimal digits and dots. This pattern matches strings like "a:.23" and "54" that are neither IP
 * addresses nor hostnames; they will be verified as IP addresses (which is a more strict
 * verification).
 */
private val VERIFY_AS_IP_ADDRESS = "([0-9a-fA-F]*:[0-9a-fA-F:.]*)|([\\d.]+)".toRegex()

/** Returns true if this string is not a host name and might be an IP address. */

    assertFailsWith<SSLPeerUnverifiedException> {
      execute(url)
    }
  }

  /**
   * Skips coalescing when hostname verifier is overridden since the intention of the hostname
   * verification is a black box.
   */
  @Test
  fun skipsWhenHostnameVerifierUsed() {
    val verifier = HostnameVerifier { name: String?, session: SSLSession? -> true }