// preferredKexAlgos specifies the default preference for key-exchange
// algorithms in preference order. The diffie-hellman-group16-sha512 algorithm
// is disabled by default because it is a bit slower than the others.
var preferredKexAlgos = []string{
	kexAlgoCurve25519SHA256, kexAlgoCurve25519SHA256LibSSH,
	kexAlgoECDH256, kexAlgoECDH384, kexAlgoECDH521,
	kexAlgoDH14SHA256, kexAlgoDH14SHA1,
}

   * than the straightforward ternary expression.
   */
  @VisibleForTesting
  static int lessThanBranchFree(long x, long y) {
    // Returns the sign bit of x - y.
    return (int) (~~(x - y) >>> (Long.SIZE - 1));
  }

  /**
   * Returns the base-2 logarithm of {@code x}, rounded according to the specified rounding mode.
   *

        || (stimuli.length >= 5 && removes > 2)) {
      // removes are the most expensive thing to test, since they often throw exceptions with stack
      // traces, so we test them a bit less aggressively
      return;
    }

    MultiExceptionListIterator reference = new MultiExceptionListIterator(expectedElements);
    I target = newTargetIterator();
    for (int i = 0; i < stimuli.length; i++) {

          assertThat(expected.message!!).startsWith("Certificate pinning failure!")
        }
        else -> throw expected
      }
    }
  }

  /**
   * Not checking the CA bit created a vulnerability in old OkHttp releases. It is exploited by
   * triggering different chains to be discovered by the TLS engine and our chain cleaner. In this
   * attack there's several different chains.
   *
   *

      ____              __
     / __/__  ___ _____/ /__
    _\ \/ _ \/ _ `/ __/  '_/
   /___/ .__/\_,_/_/ /_/\_\   version 2.1.0.2.6.0.0-598
      /_/

Using Scala version 2.11.8 (Java HotSpot(TM) 64-Bit Server VM, Java 1.8.0_112)
Type in expressions to have them evaluated.
Type :help for more information.

scala>
```

import (
	"errors"
	"fmt"
	"internal/godebug"
	"io/fs"
	"maps"
	"math"
	"path"
	"reflect"
	"strconv"
	"strings"
	"time"
)

// BUG: Use of the Uid and Gid fields in Header could overflow on 32-bit
// architectures. If a large value is encountered when decoding, the result
// stored in Header will be the truncated version.

var tarinsecurepath = godebug.New("tarinsecurepath")

var (

first (rounds + 1) × (128 ÷ 32) words are used. enc [60]uint32 dec [60]uint32 } const ( // AES-128 has 128-bit keys, 10 rounds, and uses 11 128-bit round keys // (11×128÷32 = 44 32-bit words). // AES-192 has 192-bit keys, 12 rounds, and uses 13 128-bit round keys // (13×128÷32 = 52 32-bit words). // AES-256 has 256-bit keys, 14 rounds, and uses 15 128-bit round keys // (15×128÷32 = 60 32-bit words). aes128KeySize = 16 aes192KeySize = 24 aes256KeySize = 32 aes128Rounds = 10 aes192Rounds = 12 aes256Rounds...

        BigIntegerMath.SQRT2_PRECOMPUTED_BITS);
  }

  public void testIsPowerOfTwo() {
    for (BigInteger x : ALL_BIGINTEGER_CANDIDATES) {
      // Checks for a single bit set.
      boolean expected = x.signum() > 0 & x.and(x.subtract(ONE)).equals(ZERO);
      assertEquals(expected, BigIntegerMath.isPowerOfTwo(x));
    }
  }

  public void testLog2ZeroAlwaysThrows() {

## Merge Translation PRs

For Spanish, as I'm a native speaker and it's a language close to me, I will give it a final review myself and in most cases tweak the PR a bit before merging it.

For the other languages, confirm that:

* The title is correct following the instructions above.
* It has the labels `lang-all` and `lang-{lang code}`.

first (rounds + 1) × (128 ÷ 32) words are used. enc [60]uint32 dec [60]uint32 } const ( // AES-128 has 128-bit keys, 10 rounds, and uses 11 128-bit round keys // (11×128÷32 = 44 32-bit words). // AES-192 has 192-bit keys, 12 rounds, and uses 13 128-bit round keys // (13×128÷32 = 52 32-bit words). // AES-256 has 256-bit keys, 14 rounds, and uses 15 128-bit round keys // (15×128÷32 = 60 32-bit words). aes128KeySize = 16 aes192KeySize = 24 aes256KeySize = 32 aes128Rounds = 10 aes192Rounds = 12 aes256Rounds...