// Verify getPath was called three times (once for each accept call)
        verify(mockDir, times(3)).getPath();
        verifyNoMoreInteractions(mockDir);
    }

    /**
     * Defensive behavior: implementation throws NPE on null inputs by design.
     */
    @Test
    @DisplayName("implementation explicitly rejects nulls with NPE")
    void implementationRejectsNulls() {

        verifyNoMoreInteractions(smbFile);
    }

    @Test
    @DisplayName("accept: rejects null input with meaningful NullPointerException")
    void accept_rejectsNullInput() {
        // Arrange: defensive filter that validates input
        SmbFileFilter filter = f -> {
            if (f == null) {
                throw new NullPointerException("file must not be null");
            }

      }

      @Override
      public <T> T[] toArray(T[] a) {
        toArrayCalled = true;
        return super.toArray(a);
      }
    }

    // Test that toArray() is used to make a defensive copy in copyOf(), so concurrently modified
    // synchronized collections can be safely copied.
    TestArrayList<String> toCopy = new TestArrayList<>();
    ImmutableSortedMultiset<String> unused =

    }

  fun getBody(): Buffer? = body?.clone()

  fun setBody(body: Buffer) =
    apply {
      setHeader("Content-Length", body.size)
      this.body = body.clone() // Defensive copy.
    }

  fun setBody(body: String): MockResponse = setBody(Buffer().writeUtf8(body))

  fun setChunkedBody(
    body: Buffer,
    maxChunkSize: Int,
  ) = apply {

            assertArrayEquals(hashAlgos, context.getHashAlgos());
            // The implementation returns the same reference, not a defensive copy
            assertSame(hashAlgos, context.getHashAlgos());
        }

        @Test
        @DisplayName("Should return salt correctly")
        void testGetSalt() {

      heldCertificate: HeldCertificate,
      vararg intermediates: X509Certificate,
    ) = apply {
      this.heldCertificate = heldCertificate
      this.intermediates = arrayOf(*intermediates) // Defensive copy.
    }

    /**
     * Add a trusted root certificate to use when authenticating a peer. Peers must provide
     * a chain of certificates whose root is one of these.
     */

     * @return an optional containing the authenticated user if successful, empty otherwise
     */
    public OptionalEntity<FessUser> login(final String username, final String password) {
        // Add defensive null/blank checks
        if (StringUtil.isBlank(username) || StringUtil.isBlank(password)) {
            if (logger.isDebugEnabled()) {
                logger.debug("Login failed: username or password is blank");

    }
    assertThat(actual.getBounds())
        .asList()
        .containsExactlyElementsIn(asList(expected.getBounds()))
        .inOrder();
  }

  /**
   * Working with arrays requires defensive code. Verify that we clone the type array for both input
   * and output.
   */
  public void testNewParameterizedTypeImmutability() {
    Type[] typesIn = {String.class, Integer.class};

        if (pendingOps.isEmpty()) {
            return;
        }

        log.info("Redistributing {} pending operations from failed channel", pendingOps.size());

        // Create a defensive copy to avoid ConcurrentModificationException
        List<CommonServerMessageBlock> operationsCopy = List.copyOf(pendingOps);

        // Clear the failed channel's pending operations first

        }

        byte[] key = null;
        byte[] keyCopy = null;

        try {
            // Get the key and create a defensive copy for SecretKeySpec
            key = encrypt ? getEncryptionKey() : getDecryptionKey();
            keyCopy = Arrays.copyOf(key, key.length);

            // Validate key length matches expected cipher requirements