}
	tw.Close()

	tr := NewReader(&buffer)

	for {
		header, err := tr.Next()
		if err == io.EOF {
			break
		}
		if err != nil {
			t.Fatalf("Failed to read header: %s", err)
		}
		if header.Typeflag != TypeReg {
			t.Fatalf("Typeflag should've been %d, found %d", TypeReg, header.Typeflag)
		}
	}
}

 * Manually using `StringBuilder` to assemble these components is cumbersome: do '+' characters get
 * silently replaced with spaces? If a query parameter contains a '&', does that get escaped?
 * By offering methods to read and write individual query parameters directly, application
 * developers are saved from the hassles of encoding and decoding.
 *
 * ### Plus a modern API
 *

    - [CVE-2023-3955: Insufficient input sanitization on Windows nodes leads to privilege escalation](#cve-2023-3955-insufficient-input-sanitization-on-windows-nodes-leads-to-privilege-escalation)
    - [CVE-2023-3676: Insufficient input sanitization on Windows nodes leads to privilege escalation](#cve-2023-3676-insufficient-input-sanitization-on-windows-nodes-leads-to-privilege-escalation)
  - [Changes by Kind](#changes-by-kind-14)

    }

    @Test
    @DisplayName("Buffer sizes and signing flags from negotiate response")
    void bufferSizesAndSigning() throws Exception {
        // Validate buffer sizes and signing flag are read from negotiate response
        SmbNegotiationResponse nego = mock(SmbNegotiationResponse.class);
        when(transport.getNegotiateResponse()).thenReturn(nego);
        when(nego.getSendBufferSize()).thenReturn(1111);

    - [Container Images](#container-images-4)
  - [Changelog since v1.32.0](#changelog-since-v1320)
  - [Urgent Upgrade Notes](#urgent-upgrade-notes)
    - [(No, really, you MUST read this before you upgrade)](#no-really-you-must-read-this-before-you-upgrade)
  - [Changes by Kind](#changes-by-kind-4)
    - [Deprecation](#deprecation)
    - [API Change](#api-change-1)
    - [Feature](#feature-2)
    - [Documentation](#documentation)

        // -1 in 16-bit is 0xFFFF
        assertEquals((byte) 0xFF, buffer[2]);
        assertEquals((byte) 0xFF, buffer[3]);
    }

    @Test
    @DisplayName("Should verify all read methods return 0 with various parameters")
    void testAllReadMethodsReturnZero() {
        // Arrange
        transPeekNamedPipe = new TransPeekNamedPipe(mockConfig, TEST_PIPE_NAME, TEST_FID);

> NOTE: Server side replication is supported for idempotent versions on delete marked objects.

### Motivation

 * [static certificates][static_certificates].
 *
 * ## Setting up Certificate Pinning
 *
 * The easiest way to pin a host is turn on pinning with a broken configuration and read the
 * expected configuration when the connection fails. Be sure to do this on a trusted network, and
 * without man-in-the-middle tools like [Charles][charles] or [Fiddler][fiddler].
 *

  private final ListenerCallQueue<Listener> listeners = new ListenerCallQueue<>();

  /**
   * The current state of the service. This should be written with the lock held but can be read
   * without it because it is an immutable object in a volatile field. This is desirable so that
   * methods like {@link #state}, {@link #failureCause} and notably {@link #toString} can be run
   * without grabbing the lock.

- Add a `serving` and `terminating` condition to the EndpointSlice API.
  `serving` tracks the readiness of endpoints regardless of their terminating state. This is distinct from `ready` since `ready` is only true when pods are not terminating.