// Null username should be handled gracefully
        assertTrue(rateLimiter.checkAttempt(null, "192.168.1.8"), "Null username should be allowed");

        // Should not affect IP limiting
        rateLimiter.recordFailure(null, "192.168.1.8");
        assertTrue(rateLimiter.checkAttempt("realuser", "192.168.1.8"), "Should still track IP");
    }

    @Test

Date:   Wed Nov 17 15:49:12 2021 -0800

    heal legacy objects when versioning is enabled after upgrade (#13671)
```

- A security fix must be backported if a customer is affected by it, we have a mechanism in SUBNET to send out notifications to affected customers in such situations, this is a mandatory requirement.

```
commit 99bf4d0c429f04dbd013ba98840d07b759ae1702 (tag: RELEASE.2019-06-15T23-07-18Z)

var errNoSuchGroup = errors.New("Specified group does not exist")

// error returned in IAM subsystem when a policy attach/detach request has no
// net effect, i.e. it is already applied.
var errNoPolicyToAttachOrDetach = errors.New("Specified policy update has no net effect")

// error returned in IAM subsystem when a non-empty group needs to be
// deleted.
var errGroupNotEmpty = errors.New("Specified group is not empty - cannot remove it")

{
  "Version": "2012-10-17",
  "Statement": [
   {
    "Effect": "Allow",
    "Action": [
     "s3:*"
    ],
    "Resource": [
     "arn:aws:s3:::*"
    ]
   }
  ]

    validations:
      required: false
  - type: textarea
    id: context
    attributes:
      label: Context
      description: |
        How has this issue affected you? What are you trying to accomplish? What other alternatives have you considered?
        Providing context helps us come up with a solution that is most useful in the real world
    validations:

    validations:
      required: true
  - type: textarea
    id: context
    attributes:
      label: Context (optional)
      description: |
        How has this issue affected you? What are you trying to accomplish?
        Providing context helps us come up with a solution that is most useful in the real world
    validations:
      required: false
  - type: input
    id: page
    attributes:

import org.jspecify.annotations.NullUnmarked;

/**
 * Simple benchmark: create, start, read. This does not currently report the most useful result
 * because it's ambiguous to what extent the stopwatch benchmark is being affected by GC.
 *
 * @author Kevin Bourrillion
 */
@NullUnmarked
public class StopwatchBenchmark {
  @Benchmark
  long stopwatch(int reps) {
    long total = 0;
    for (int i = 0; i < reps; i++) {

        // Ensure arrays are independent: mutate clone's buffer via getter
        copy.get()[1] = 77;
        assertNotEquals(original.toString(), copy.toString(), "Mutating clone should not affect original");
    }

    // Uses reflection to set internal array to null to exercise defensive branch in length()
    @Test
    @DisplayName("length(): handles internal null defensively")

{
   "Version":"2012-10-17",
   "Id":"PutObjectPolicy1",
   "Statement":[{
         "Sid":"DenyObjectsWithInvalidSSEKMS",
         "Effect":"Deny",
         "Principal":"*",
         "Action":"s3:PutObject",
         "Resource":"arn:aws:s3:::multi-key-poc/*",
         "Condition":{
            "StringNotEquals":{
               "s3:x-amz-server-side-encryption-aws-kms-key-id":"minio-default-key"
            }
         }
      }
   ]

        this.flags = WITNESS_RESOURCE_STATE_UNKNOWN;
    }

    /**
     * Creates a new witness notification.
     *
     * @param eventType the type of event
     * @param resourceName the name of the affected resource
     */
    public WitnessNotification(WitnessEventType eventType, String resourceName) {
        this.eventType = eventType;
        this.resourceName = resourceName;