You have *path operations* for:

* `/items/`
* `/items/{item_id}`

It's all the same structure as with `app/routers/users.py`.

But we want to be smarter and simplify the code a bit.

We know all the *path operations* in this module have the same:

* Path `prefix`: `/items`.
* `tags`: (just one tag: `items`).
* Extra `responses`.

At previous versions (`winsymlink=0`), mount points are treated as symlinks,
and other reparse points with non-default [`os.ModeType`](/pkg/os#ModeType) bits
(such as [`os.ModeDir`](/pkg/os#ModeDir)) do not have the `ModeIrregular` bit set.

Go 1.23 changed [`os.Readlink`](/pkg/os#Readlink) and [`filepath.EvalSymlinks`](/pkg/path/filepath#EvalSymlinks)
to avoid trying to normalize volumes to drive letters, which was not always even possible.

// preferredKexAlgos specifies the default preference for key-exchange
// algorithms in preference order. The diffie-hellman-group16-sha512 algorithm
// is disabled by default because it is a bit slower than the others.
var preferredKexAlgos = []string{
	kexAlgoCurve25519SHA256, kexAlgoCurve25519SHA256LibSSH,
	kexAlgoECDH256, kexAlgoECDH384, kexAlgoECDH521,
	kexAlgoDH14SHA256, kexAlgoDH14SHA1,
}

first (rounds + 1) × (128 ÷ 32) words are used. enc [60]uint32 dec [60]uint32 } const ( // AES-128 has 128-bit keys, 10 rounds, and uses 11 128-bit round keys // (11×128÷32 = 44 32-bit words). // AES-192 has 192-bit keys, 12 rounds, and uses 13 128-bit round keys // (13×128÷32 = 52 32-bit words). // AES-256 has 256-bit keys, 14 rounds, and uses 15 128-bit round keys // (15×128÷32 = 60 32-bit words). aes128KeySize = 16 aes192KeySize = 24 aes256KeySize = 32 aes128Rounds = 10 aes192Rounds = 12 aes256Rounds...

first (rounds + 1) × (128 ÷ 32) words are used. enc [60]uint32 dec [60]uint32 } const ( // AES-128 has 128-bit keys, 10 rounds, and uses 11 128-bit round keys // (11×128÷32 = 44 32-bit words). // AES-192 has 192-bit keys, 12 rounds, and uses 13 128-bit round keys // (13×128÷32 = 52 32-bit words). // AES-256 has 256-bit keys, 14 rounds, and uses 15 128-bit round keys // (15×128÷32 = 60 32-bit words). aes128KeySize = 16 aes192KeySize = 24 aes256KeySize = 32 aes128Rounds = 10 aes192Rounds = 12 aes256Rounds...

	},
	{
		api:     "analytics",
		methods: []string{http.MethodDelete, http.MethodPut, http.MethodGet},
		queries: []string{"analytics", ""},
	},
}

// Set of s3 handler options as bit flags.
type s3HFlag uint8

const (
	// when provided, disables Gzip compression.
	noGZS3HFlag = 1 << iota

	// when provided, enables only tracing of headers. Otherwise, both headers
	// and body are traced.

        || (stimuli.length >= 5 && removes > 2)) {
      // removes are the most expensive thing to test, since they often throw exceptions with stack
      // traces, so we test them a bit less aggressively
      return;
    }

    MultiExceptionListIterator reference = new MultiExceptionListIterator(expectedElements);
    I target = newTargetIterator();
    for (int i = 0; i < stimuli.length; i++) {

          assertThat(expected.message!!).startsWith("Certificate pinning failure!")
        }
        else -> throw expected
      }
    }
  }

  /**
   * Not checking the CA bit created a vulnerability in old OkHttp releases. It is exploited by
   * triggering different chains to be discovered by the TLS engine and our chain cleaner. In this
   * attack there's several different chains.
   *
   *

      ____              __
     / __/__  ___ _____/ /__
    _\ \/ _ \/ _ `/ __/  '_/
   /___/ .__/\_,_/_/ /_/\_\   version 2.1.0.2.6.0.0-598
      /_/

Using Scala version 2.11.8 (Java HotSpot(TM) 64-Bit Server VM, Java 1.8.0_112)
Type in expressions to have them evaluated.
Type :help for more information.

scala>
```

// DecryptETag decrypts the ETag that is part of given object
// with the given object encryption key.
//
// However, DecryptETag does not try to decrypt the ETag if
// it consists of a 128 bit hex value (32 hex chars) and exactly
// one '-' followed by a 32-bit number.
// This special case addresses randomly-generated ETags generated
// by the MinIO server when running in non-compat mode. These
// random ETags are not encrypt.
//