name: containers

on:
  push:
    branches:
      - master
  pull_request:
    types: [opened, labeled, unlabeled, synchronize]

permissions:
  contents: read

env:
  GRADLE_OPTS: "-Dorg.gradle.jvmargs=-Xmx4g -Dorg.gradle.daemon=false -Dkotlin.incremental=false"

jobs:
  test_containers:
    permissions:
      checks: write # for actions/upload-artifact
    runs-on: ubuntu-latest

    protected static final String OIC_REDIRECT_URL = "oic.redirect.url";

    /** Configuration key for OpenID Connect token server URL. */
    protected static final String OIC_TOKEN_SERVER_URL = "oic.token.server.url";

    /** Configuration key for OpenID Connect client secret. */
    protected static final String OIC_CLIENT_SECRET = "oic.client.secret";

# @format

name: Issue Workflow

on:
  issues:
    types:
      - opened

jobs:
  add-to-project:
    name: Add issue to project
    runs-on: ubuntu-latest
    steps:
      - uses: actions/add-to-project@v0.5.0
        with:
          project-url: https://github.com/orgs/miniohq/projects/2

    /**
     * The file is being opened and an oplock is being requested as an atomic operation
     */
    public static final int FILE_OPEN_REQUIRING_OPLOCK = 0x10000;
    /**
     * Any open of this file cannot be exclusive
     */
    public static final int FILE_DISALLOW_EXCLUSIVE = 0x20000;
    /**
     * Reserve an opportunistic lock filter on the open
     */

      TestByteSink okSink = new TestByteSink();
      assertThrows(IOException.class, () -> failSource.copyTo(okSink));
      // ensure stream was closed IF it was opened (depends on implementation whether or not it's
      // opened at all if source.newInputStream() throws).
      assertTrue(
          "stream not closed when copying from source with option: " + option,

      TestByteSink okSink = new TestByteSink();
      assertThrows(IOException.class, () -> failSource.copyTo(okSink));
      // ensure stream was closed IF it was opened (depends on implementation whether or not it's
      // opened at all if source.newInputStream() throws).
      assertTrue(
          "stream not closed when copying from source with option: " + option,

of the code base.

## Scope

The vulnerability management policy described in this document covers the
process of investigating, assessing and resolving a vulnerability report
opened by a MinIO employee or an external third party.

Therefore, it lists pre-conditions and actions that should be performed to
resolve and fix a reported vulnerability.

## Vulnerability Management Process

///

## OpenID Connect

OpenID Connect es otra especificación, basada en **OAuth2**.

Solo extiende OAuth2 especificando algunas cosas que son relativamente ambiguas en OAuth2, para intentar hacerla más interoperable.

Por ejemplo, el login de Google usa OpenID Connect (que internamente usa OAuth2).

Pero el login de Facebook no soporta OpenID Connect. Tiene su propia versión de OAuth2.

///

## OpenID Connect

OpenID Connect - это еще один протокол, основанный на **OAuth2**.

Он просто расширяет OAuth2, уточняя некоторые вещи, не имеющие однозначного определения в OAuth2, в попытке сделать его более совместимым.

Например, для входа в Google используется OpenID Connect (который под собой использует OAuth2).

Но вход в Facebook не поддерживает OpenID Connect. У него есть собственная вариация OAuth2.

StandardError=journal

# When a JVM receives a SIGTERM signal it exits with code 143
SuccessExitStatus=143

# Specifies the maximum file descriptor number that can be opened by this process
LimitNOFILE=${packaging.os.max.open.files}

# Specifies the maximum number of bytes of memory that may be locked into RAM
# Set to "infinity" if you use the 'bootstrap.mlockall: true' option