with:
        enable-cache: true
        cache-dependency-glob: |
            pyproject.toml
            uv.lock
    - name: Install GitHub Actions dependencies
      run: uv sync --locked --no-dev --group github-actions
    - name: Label Approved
      run: uv run ./scripts/label_approved.py
      env:
        TOKEN: ${{ secrets.GITHUB_TOKEN }}
        CONFIG: >
          {
            "approved-1":

        // javascript: protocol should be blocked
        assertFalse(result.contains("javascript:"));
    }

    @Test
    public void test_render_xss_dataProtocol() {
        String malicious = "[Click me](data:text/html,<script>alert('XSS')</script>)";
        String result = markdownRenderer.render(malicious);
        // data: protocol should be blocked
        assertFalse(result.contains("data:text/html"));

        uses: astral-sh/setup-uv@v7
        with:
          enable-cache: true
          cache-dependency-glob: |
            pyproject.toml
            uv.lock
      - name: Install Dependencies
        run: uv sync --locked --no-dev --group github-actions
      # Allow debugging with tmate
      - name: Setup tmate session
        uses: mxschmitt/action-tmate@v3

        uses: astral-sh/setup-uv@v7
        with:
          enable-cache: true
          cache-dependency-glob: |
            pyproject.toml
            uv.lock
      - name: Install Dependencies
        run: uv sync --locked --no-dev --group github-actions
      # Allow debugging with tmate
      - name: Setup tmate session
        uses: mxschmitt/action-tmate@v3

 * This form extends CreateForm to include fields necessary for updating existing bad word entries,
 * including tracking information for optimistic locking and audit trails.
 * Bad words are terms that should be filtered or blocked in search results.
 *
 */
public class EditForm extends CreateForm {

    /**
     * Creates a new EditForm instance.
     */
    public EditForm() {
        super();
    }

    /**

      - name: Setup uv
        uses: astral-sh/setup-uv@v7
        with:
          cache-dependency-glob: |
            pyproject.toml
            uv.lock
      - name: Install Dependencies
        run: uv sync --locked --extra all
      - name: Run prek - pre-commit
        id: precommit
        run: uvx prek run --from-ref origin/${GITHUB_BASE_REF} --to-ref HEAD --show-diff-on-failure
        continue-on-error: true

    void testEncode() throws NdrException {
        // Test the encode method
        long testValue = 987654321098765L;
        NdrHyper ndrHyper = new NdrHyper(testValue);

        // Call the encode method with the mocked NdrBuffer
        ndrHyper.encode(mockNdrBuffer);

        // Verify that enc_ndr_hyper was called exactly once with the correct value
        verify(mockNdrBuffer, times(1)).enc_ndr_hyper(testValue);

  private OverflowAvoidingLockSupport() {}

  static void parkNanos(@Nullable Object blocker, long nanos) {
    // Even in the extremely unlikely event that a thread unblocks itself early after only 68 years,
    // this is indistinguishable from a spurious wakeup, which LockSupport allows.
    LockSupport.parkNanos(blocker, min(nanos, MAX_NANOSECONDS_THRESHOLD));
  }

		ACB_SVRTRUST               = 0x00000100, /* 1 = Server trust account */
		ACB_PWNOEXP                = 0x00000200, /* 1 = User password does not expire */
		ACB_AUTOLOCK               = 0x00000400, /* 1 = Account auto locked */
		ACB_ENC_TXT_PWD_ALLOWED    = 0x00000800, /* 1 = Encryped text password is allowed */
		ACB_SMARTCARD_REQUIRED     = 0x00001000, /* 1 = Smart Card required */

func (r *RingBuffer) WithCancel(ctx context.Context) *RingBuffer {
	go func() {
		<-ctx.Done()
		r.CloseWithError(ctx.Err())
	}()
	return r
}

func (r *RingBuffer) setErr(err error, locked bool) error {
	if !locked {
		r.mu.Lock()
		defer r.mu.Unlock()
	}
	if r.err != nil && r.err != io.EOF {
		return r.err
	}

	switch err {
	// Internal errors are transient