*/
  private abstract static class Traversal<N> {
    final SuccessorsFunction<N> successorFunction;

    Traversal(SuccessorsFunction<N> successorFunction) {
      this.successorFunction = successorFunction;
    }

    static <N> Traversal<N> inGraph(SuccessorsFunction<N> graph) {
      Set<N> visited = new HashSet<>();
      return new Traversal<N>(graph) {
        @Override

        // Test simple path traversal attack
        File baseDir = new File(tempDir.toFile(), "images");
        baseDir.mkdirs();
        File maliciousFile = new File(baseDir, "../../../etc/passwd");

        Boolean result = invokeIsValidUploadPath(maliciousFile, baseDir);
        assertFalse("Path traversal with ../ should be blocked", result);
    }

    @Test

  /**
   * Returns an unmodifiable iterable over the nodes in a tree structure, using pre-order traversal.
   * That is, each node's subtrees are traversed after the node itself is returned.
   *
   * <p>No guarantees are made about the behavior of the traversal when nodes change while iteration
   * is in progress or when the iterators generated by {@link #children} are advanced.
   *

            }
            expectedBaseDir = null; // Skip path traversal check for resource files
        } else {
            throwValidationError(messages -> messages.addErrorsDesignFileIsUnsupportedType("designFileName"), this::asListHtml);
            return null;
        }

        // Validate path to prevent path traversal attacks

    /**
     * Validates that a given path is safe and does not attempt path traversal attacks.
     * <p>
     * This method checks if the resolved absolute path starts with the allowed base directory,
     * preventing access to files outside the intended directory through path traversal
     * techniques like "../../../etc/passwd".
     * </p>
     * <p>
     * Example usage:
     * </p>

   * list the nodes reachable from a given node or nodes. See the <a
   * href="https://github.com/google/guava/wiki/GraphsExplained#Graph-traversal">"Graph traversal"
   * section of the Guava User's Guide</a> for more information.
   *
   * <p>The {@link Set} returned is a "snapshot" based on the current topology of {@code graph},

        return redirect(getClass()); // no-op
    }

    /**
     * Sanitizes a filename by removing path traversal sequences and whitespace.
     *
     * @param filename the filename to sanitize
     * @return the sanitized filename
     */
    public static String sanitizeFilename(final String filename) {

- **I/O Operations** (`org.codelibs.core.io`) - File handling, resource management, stream utilities, and traversal utilities for efficient resource processing
- **Reflection** (`org.codelibs.core.lang`) - Class loading, method/field access, type introspection utilities, and generics support

            Files.createDirectories(filePath.getParent());
            final Path realParent = filePath.getParent().toRealPath();
            if (!realParent.startsWith(realBase)) {
                logger.warn("Symlink traversal detected: url={}, realParent={}, realBase={}", url, realParent, realBase);
                return;
            }
            final byte[] bytes = content.getBytes(StandardCharsets.UTF_8);

    }

    /**
     * Test isPathSafe with path traversal attempt
     *
     * @throws Exception
     */
    @Test
    public void testIsPathSafe_PathTraversalAttempt() throws Exception {
        final Path baseDir = tempFolder.getRoot().toPath();
        final Path traversalPath = baseDir.resolve("../../../etc/passwd");

        assertFalse("Path traversal should be blocked", FileUtil.isPathSafe(traversalPath, baseDir));