if !opts.NoAuditLog {
		auditObjectErasureSet(ctx, "DeleteObject", object, &er)
	}

	var lc *lifecycle.Lifecycle
	var rcfg lock.Retention
	var replcfg *replication.Config
	if opts.Expiration.Expire {
		// Check if the current bucket has a configured lifecycle policy
		lc, err = globalLifecycleSys.Get(bucket)

			if err == nil || objInfo.IsLatest && objInfo.DeleteMarker {
				if opts.Lifecycle != nil {
					evt := evalActionFromLifecycle(ctx, *opts.Lifecycle, opts.Retention, opts.Replication.Config, objInfo)
					if evt.Action.Delete() {
						globalExpiryState.enqueueByDays(objInfo, evt, lcEventSrc_s3ListObjects)
						if !evt.Action.DeleteRestored() {

		apiErr.Description = err.Error()
		writeErrorResponse(ctx, w, apiErr, r.URL)
		return
	}

	// Audit log tags.
	reqInfo := logger.GetReqInfo(ctx)
	reqInfo.SetTags("retention", config.String())

	configData, err := xml.Marshal(config)
	if err != nil {
		writeErrorResponse(ctx, w, toAPIError(ctx, err), r.URL)
		return
	}

## Changelog since v1.3.0-beta.2

### Action Required

* [kubelet] Allow opting out of automatic cloud provider detection in kubelet. By default kubelet will auto-detect cloud providers ([#28258](https://github.com/kubernetes/kubernetes/pull/28258), [@vishh](https://github.com/vishh))

indexer.data.max.delete.cache.size=100
# Maximum redirect count for data in the indexer.
indexer.data.max.redirect.count=10
# Fields used for language detection in the indexer.
indexer.language.fields=content,important_content,title
# Length of text for language detection in the indexer.
indexer.language.detect.length=1000
# Maximum result window size for the indexer.
indexer.max.result.window.size=10000

            }
        }

        return StringUtil.EMPTY;
    }

    /**
     * Escapes HTML and applies highlighting to text.
     * Handles boundary position detection if enabled.
     *
     * @param text the text to process
     * @return the escaped and highlighted text
     */
    protected String escapeHighlight(final String text) {

 *  Fix: Don't crash if the system default authenticator is null.
 *  Fix: Don't crash generating elliptic curve certificates on Android.
 *  Fix: Don't crash doing platform detection on RoboVM.
 *  Fix: Don't leak socket connections when web socket upgrades fail.


## Version 3.11.0

_2018-07-12_

 *  **OkHttp's new okhttp-tls submodule tames HTTPS and TLS.**

	// sends `null` when no policy is set and the intended behavior is that the
	// service account should inherit parent policy.
	//
	// However, for a policy like `{"Statement":[]}`, the intention is to not
	// provide any permissions via the session policy - i.e. the service account
	// can do nothing (such a JSON could be generated by an external application