* stores information-per-URL will need to either canonicalize manually, or suffer unnecessary
 * redundancy for such URLs.
 *
 * Because they don't attempt canonical form, these classes are surprisingly difficult to use
 * securely. Suppose you're building a webservice that checks that incoming paths are prefixed
 * "/static/images/" before serving the corresponding assets from the filesystem.
 *
 * ```java

      "Resource":    "arn:aws:s3:::%s/*",
      "Condition": {  "StringEquals": {"s3:ExistingObjectTag/security": "public" } }
    },
    {
      "Effect":     "Allow",
      "Action":     "s3:DeleteObjectTagging",
      "Resource":    "arn:aws:s3:::%s/*",
      "Condition": {  "StringEquals": {"s3:ExistingObjectTag/security": "public" } }
    },
    {
      "Effect":     "Allow",
      "Action":     "s3:DeleteObject",

	public final fun check (Ljava/lang/String;[Ljava/security/cert/Certificate;)V
	public fun equals (Ljava/lang/Object;)Z
	public final fun findMatchingPins (Ljava/lang/String;)Ljava/util/List;
	public final fun getPins ()Ljava/util/Set;
	public fun hashCode ()I
	public static final fun pin (Ljava/security/cert/Certificate;)Ljava/lang/String;
	public static final fun sha1Hash (Ljava/security/cert/X509Certificate;)Lokio/ByteString;

    [FastAPI docs for Security](https://fastapi.tiangolo.com/tutorial/security/) and
    in the
    [FastAPI docs for OAuth2 scopes](https://fastapi.tiangolo.com/advanced/security/oauth2-scopes/).

    **Example**

    ```python
    from typing import Annotated

    from fastapi import Security, FastAPI

    from .db import User
    from .security import get_current_active_user

 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */

package jcifs.smb;


import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Collections;
import java.util.EnumSet;
import java.util.List;
import java.util.Objects;

    Alternatively, OkHttp will also use Conscrypt if you install it as your
    preferred security provider. To do so, add the following code to execute
    before you create your `OkHttpClient`.

    ```
    Security.insertProviderAt(
        new org.conscrypt.OpenSSLProvider(), 1);
    ```

    Conscrypt is the bundled security provider on Android so it is not necessary
    to configure it on that platform.

					"internal-instrumentation-processor"
				]
			},
			{
				"parallelizationMethod":{
					"name":"TestDistribution"
				},
				"subprojects":[
					"testing-jvm",
					"security",
					"input-tracking",
					"service-registry-impl",
					"configuration-cache-base",
					"base-ide-plugins",
					"files",
					"stdlib-java-extensions",
					"gradle-cli",
					"build-cache-packaging",

    @Execute
    @Secured({ ROLE, ROLE + VIEW })
    public HtmlResponse index() {
        saveToken();
        return asIndexHtml();
    }

    private HtmlResponse asIndexHtml() {
        return asHtml(path_AdminUpgrade_AdminUpgradeJsp).useForm(UpgradeForm.class);
    }

    @Execute
    @Secured({ ROLE })
    public HtmlResponse upgradeFrom(final UpgradeForm form) {

	if err != nil {
		return err
	}

	cred := r.Source.Creds

	c, err := miniogo.New(u.Host, &miniogo.Options{
		Creds:        credentials.NewStaticV4(cred.AccessKey, cred.SecretKey, cred.SessionToken),
		Secure:       u.Scheme == "https",
		Transport:    getRemoteInstanceTransport(),
		BucketLookup: lookupStyle(r.Source.Path),
	})
	if err != nil {
		return err
	}

  * Add `kubectl rollout status`
* Security/Auth
  * L7 LB controller and disk attach controllers run on master, so nodes do not need those privileges.
  * Setting TLS1.2 minimum
  * `kubectl create secret tls` command
  * Webhook Token Authenticator
  * **beta** PodSecurityPolicy objects limits use of security-sensitive features by pods.
* Kubectl
  * Display line number on JSON errors