data["client_secret"] = form_data.client_secret
        return data
    ```

    Note that for OAuth2 the scope `items:read` is a single scope in an opaque string.
    You could have custom internal logic to separate it by colon characters (`:`) or
    similar, and get the two parts `items` and `read`. Many applications do that to
    group and organize permissions, you could do it as well in your application, just

## KIND, either express or implied.  See the License for the
## specific language governing permissions and limitations
## under the License.
##


Apache Maven includes a number of components and libraries with separate
copyright notices and license terms. Your use of those components are
subject to the terms and conditions of the following licenses:
##

    Contains
    com.google.common.util.concurrent.internal.InternalFutureFailureAccess and
    InternalFutures. Most users will never need to use this artifact. Its
    classes are conceptually a part of Guava, but they're in this separate
    artifact so that Android libraries can use them without pulling in all of
    Guava (just as they can use ListenableFuture by depending on the
    listenablefuture artifact).
  </description>
  <build>
    <plugins>

# This workflow uses actions that are not certified by GitHub. They are provided
# by a third-party and are governed by separate terms of service, privacy
# policy, and support documentation.

name: Scorecard supply-chain security
on:
  # For Branch-Protection check. Only the default branch is supported. See
  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection
  branch_protection_rule:

Instead, we use custom serialization where we explicitly describe how data objects should be serialized and deserialized.

For internal purposes, we use binary formats for their brevity.
We use the `Serializer` abstraction to separate the actual implementation of serialization from its uses.

When sharing data with external tools, we use JSON.

## Status

ACCEPTED

## Consequences

    assertEquals(1, listenerLatch.getCount());
    assertFalse(task.isDone());
    assertFalse(task.isCancelled());

    // Start the task to put it in the RUNNING state.  Have to use a separate
    // thread because the task will block on the task latch after unblocking
    // the run latch.
    exec.execute(task);
    runLatch.await();
    assertEquals(1, listenerLatch.getCount());

    WeakReference<?> classUsedByGetChecked = doTestClassUnloading();
    GcFinalization.awaitClear(classUsedByGetChecked);
  }

  /**
   * Loads {@link WillBeUnloadedException} in a separate {@code ClassLoader}, calls {@code
   * getChecked(future, WillBeUnloadedException.class)}, and returns the loader. The caller can then
   * test that the {@code ClassLoader} can still be GCed. The test amounts to a test that {@code

   */
  // TODO(user): Evaluate whether it makes sense to always piggyback the computation of a
  // HashCode on an existing OutputStream, compared to creating a separate OutputStream that could
  // be (optionally) be combined with another if needed (with something like
  // MultiplexingOutputStream).
  public HashingOutputStream(HashFunction hashFunction, OutputStream out) {

  responseTypes: [ "code", "token", "id_token" ] # also allowed are "token" and "id_token"
  # By default, Dex will ask for approval to share data with application
  # (approval for sharing data from connected IdP to Dex is separate process on IdP)
  skipApprovalScreen: false
  # If only one authentication method is enabled, the default behavior is to
  # go directly to it. For connected IdPs, this redirects the browser away

   * compressed stream that is terminated in a web socket frame even though the DEFLATE stream is
   * not terminated.
   *
   * Use this method to create a degenerate Okio Buffer where each byte is in a separate segment of
   * the internal list.
   */
  @JvmStatic
  fun fragmentBuffer(buffer: Buffer): Buffer {
    // Write each byte into a new buffer, then clone it so that the segments are shared.