FROM golang:1.24-alpine as build

ARG TARGETARCH
ARG RELEASE

ENV GOPATH=/go
ENV CGO_ENABLED=0

# Install curl and minisign
RUN apk add -U --no-cache ca-certificates && \
    apk add -U --no-cache curl && \
    go install aead.dev/minisign/cmd/minisign@v0.2.1

# Download minio binary and signature files
RUN curl -s -q https://dl.min.io/server/minio/hotfixes/linux-${TARGETARCH}/archive/minio.${RELEASE} -o /go/bin/minio && \

 * the License.
 */

/**
 * Utility methods and classes for I/O; for example input streams, output streams, readers, writers,
 * and files.
 *
 * <p>At the core of this package are the Source/Sink types: {@link ByteSource ByteSource}, {@link
 * CharSource CharSource}, {@link ByteSink ByteSink} and {@link CharSink CharSink}. They are

   * if and only if {@code stream} was efficiently splittable and its underlying spliterator
   * reported {@link Spliterator#SUBSIZED}. This is generally the case if the underlying stream
   * comes from a data structure supporting efficient indexed random access, typically an array or
   * list.
   *
   * <p>The order of the resulting stream is defined if and only if the order of the original stream

     * their caseless domain and username fields are equal and either both hashes are external and they are equal or
     * both internally supplied passwords are equal. If one {@code NtlmPasswordAuthentication} object has external
     * hashes (meaning negotiated via NTLM HTTP Authentication) and the other does not they will not be equal. This is

    <p>A Toolchain is a preconfigured object that Maven plugins can use for tool configuration retrieval (location and other information).
    <p>The <a href="/plugins/maven-toolchains-plugin/">toolchains-plugin</a> can read available toolchains on the user's computer
    and match them against the toolchain requirements of the project (as configured in {@code pom.xml}):

    @Test
    void testAccept_FileHasMoreAttributes_Matching() throws SmbException {
        // Given a filter for READONLY
        dosFileFilter = new DosFileFilter("*", SmbFile.ATTR_READONLY);
        // and a file that is READONLY, HIDDEN, and SYSTEM
        when(mockFile.getAttributes()).thenReturn(SmbFile.ATTR_READONLY | SmbFile.ATTR_HIDDEN | SmbFile.ATTR_SYSTEM);

        // When calling accept

		// local character encoding. Most encoding are compatible with a large
		// subset of CP-437, which itself is ASCII-like.
		//
		// Forbid 0x7e and 0x5c since EUC-KR and Shift-JIS replace those
		// characters with localized currency and overline characters.
		if r < 0x20 || r > 0x7d || r == 0x5c {
			if !utf8.ValidRune(r) || (r == utf8.RuneError && size == 1) {
				return false, false
			}
			require = true

 * primitives. The strategies are all implemented as subtypes of AtomicHelper and the strategy is
 * selected in the static initializer of AbstractFuture. This is convenient and performant but
 * introduces some testing difficulties. This test exercises the fallback strategies.
 *
 * <p>To force selection of our fallback strategies, we load {@link AbstractFuture} (and all of

## Supported Versions

Information about supported Kubernetes versions can be found on the
[Kubernetes version and version skew support policy] page on the Kubernetes website.

## Reporting a Vulnerability

Instructions for reporting a vulnerability can be found on the
[Kubernetes Security and Disclosure Information] page.

[Kubernetes version and version skew support policy]: https://kubernetes.io/docs/setup/release/version-skew-policy/#supported-versions

    /**
     * Indicates that the NTLM2 signing and sealing scheme should be used
     * for protecting authenticated communications. This refers to a
     * particular session security scheme, and is not related to the use
     * of NTLMv2 authentication.
     */
    int NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY = 0x00080000;

    /**
     * ?? According to spec this is a reserved bit and must be set to zero
     */