pkg syscall (netbsd-arm64-cgo), type BpfStat struct, Capt uint64
pkg syscall (netbsd-arm64-cgo), type BpfStat struct, Drop uint64
pkg syscall (netbsd-arm64-cgo), type BpfStat struct, Padding [13]uint64
pkg syscall (netbsd-arm64-cgo), type BpfStat struct, Recv uint64
pkg syscall (netbsd-arm64-cgo), type BpfTimeval struct
pkg syscall (netbsd-arm64-cgo), type BpfTimeval struct, Sec int64

* Action required: validation rule on metadata.initializers.pending[x].name is tightened. The initializer name needs to contain at least three segments separated by dots. If you create objects with pending initializers, (i.e., not relying on apiserver adding pending initializers according to initializerconfiguration), you need to update the initializer name in existing objects and in configuration files to comply...

  - [Changelog since v1.33.3](#changelog-since-v1333)
  - [Important Security Information](#important-security-information)
    - [CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference](#cve-2025-5187-nodes-can-delete-themselves-by-adding-an-ownerreference)
  - [Changes by Kind](#changes-by-kind-3)
    - [API Change](#api-change)
    - [Feature](#feature-3)
    - [Bug or Regression](#bug-or-regression-3)

Tag           = string_lit .
</pre>

<pre>
// An empty struct.
struct {}

// A struct with 6 fields.
struct {
	x, y int
	u float32
	_ float32  // padding
	A *[]int
	F func()
}
</pre>

<p>
A field declared with a type but no explicit field name is called an <i>embedded field</i>.
An embedded field must be specified as

  
  Portworx CSI driver is required to enable migration.
  This PR adds support of the `CSIMigrationPortworx` feature gate, which can be enabled by:
  
  1. Adding the feature flag to the kube-controller-manager `--feature-gates=CSIMigrationPortworx=true` 
  2. Adding the feature flag to the kubelet config:
  
  featureGates:

* Action required: validation rule on metadata.initializers.pending[x].name is tightened. The initializer name needs to contain at least three segments separated by dots. If you create objects with pending initializers, (i.e., not relying on apiserver adding pending initializers according to initializerconfiguration), you need to update the initializer name in existing objects and in configuration files to comply...

use the new API.  Clients may request alternate representations of normal Kubernetes objects by passing an `Accept` header like `application/json;as=Table;g=meta.k8s.io;v=v1beta1` or `application/json;as=PartialObjectMetadata;g=meta.k8s.io;v1=v1beta1`.  Older servers will ignore this representation or return an error if it is not available.  Clients may request fallback to the normal object by adding a non-qualified mime-type to their `Accept` header like `application/json` - the server will then...

- `kube-apiserver` added:

- Parsing of cpuset information now properly detects more invalid input such as `1--3` or `10-6`. ([#100565](https://github.com/kubernetes/kubernetes/pull/100565), [@lack](https://github.com/lack))

  - [Changelog since v1.31.11](#changelog-since-v13111)
  - [Important Security Information](#important-security-information)
    - [CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference](#cve-2025-5187-nodes-can-delete-themselves-by-adding-an-ownerreference)
  - [Changes by Kind](#changes-by-kind-2)
    - [Feature](#feature-2)
    - [Bug or Regression](#bug-or-regression-2)
  - [Dependencies](#dependencies-2)