assertEquals(Long.valueOf(2), stats.get(EventType.AUTHENTICATION_SUCCESS), "Should have 2 authentication success events");
    }

    @Test
    @DisplayName("Test sensitive data masking")
    void testSensitiveDataMasking() {
        logger.setSensitiveDataMaskingEnabled(true);

        Map<String, Object> context = new HashMap<>();
        context.put("password", "secretpassword123");

* «`foo` as a `type`»: «`foo` vom Typ `type`»
* «`foo` as a `type`»: «`foo`, ein `type`»
* «FastAPI's X»: «FastAPIs X»
* «Starlette's Y»: «Starlettes Y»
* «X is case-sensitive»: «Groß-/Klein­schrei­bung ist relevant in X»
* «X is case-insensitive»: «Groß-/Klein­schrei­bung ist nicht relevant in X»
* «standard Python»: «Standard-Python»
* «deprecated»: «deprecatet»


### Other rules

● Config ... ✔ 
● Drive ... ✔ 
● Net ... ✔ 
*********************************************************************************
                                   WARNING!!
     ** THIS FILE MAY CONTAIN SENSITIVE INFORMATION ABOUT YOUR ENVIRONMENT ** 
     ** PLEASE INSPECT CONTENTS BEFORE SHARING IT ON ANY PUBLIC FORUM **
*********************************************************************************

  /**
   * Returns header names and values. The names and values are separated by `: ` and each pair is
   * followed by a newline character `\n`.
   *
   * Since OkHttp 5 this redacts these sensitive headers:
   *
   *  * `Authorization`
   *  * `Cookie`
   *  * `Proxy-Authorization`
   *  * `Set-Cookie`
   */
  override fun toString(): String = commonToString()

            }
        }

        public boolean isValid() {
            return isValid;
        }

        public void invalidate() {
            this.isValid = false;
            // Clear sensitive data
            synchronized (hashLock) {
                Arrays.fill(currentHash, (byte) 0);
            }
        }
    }

    /**

	// by default minio uses an empty region.
	if region := globalSite.Region(); region != "" {
		w.Header().Set(xhttp.AmzBucketRegion, region)
	}
	w.Header().Set(xhttp.AcceptRanges, "bytes")

	// Remove sensitive information
	crypto.RemoveSensitiveHeaders(w.Header())
}

// Encodes the response headers into XML format.
func encodeResponse(response any) []byte {
	var buf bytes.Buffer
	buf.WriteString(xml.Header)

      <description><![CDATA[
        This is the property specification used to activate a profile. If the value field is empty,
        then the existence of the named property will activate the profile, otherwise it does a case-sensitive
        match against the property value as well.
      ]]></description>
      <fields>
        <field>
          <name>name</name>
          <version>1.0.0</version>
          <type>String</type>

        assertNotNull(decrypted, "Decrypted data should not be null");
        assertArrayEquals(plaintext, decrypted, "Decrypted should match original");

        // Clean up sensitive data
        Arrays.fill(plaintext, '\0');
        Arrays.fill(decrypted, '\0');
    }

    @Test
    public void testEncryptDecryptEmpty() throws Exception {
        char[] plaintext = new char[0];

	ctx       context.Context      `msg:"-"`
}

// RedactSensitive will redact any sensitive information in b.
func (j *BatchJobRequest) RedactSensitive() {
	j.Replicate.RedactSensitive()
	j.Expire.RedactSensitive()
	j.KeyRotate.RedactSensitive()
}

// RedactSensitive will redact any sensitive information in b.
func (r *BatchJobReplicateV1) RedactSensitive() {
	if r == nil {
		return
	}

 *  Breaking: Move `gzip` from `RequestBody` to `Request.Builder`. This new API handles both
    compressing the request body and also adding the corresponding `Content-Encoding` header. Note
    that this function is sensitive to when it is called: the response body must be supplied before
    it can be compressed.

 *  Breaking: Remove `AddressPolicy`, `AsyncDns`, and `ConnectionListener` from the public API. We