), nil
}

func newClientCertConfigFromKubeConfigSpec(spec *kubeConfigSpec) pkiutil.CertConfig {
	return pkiutil.CertConfig{
		Config: certutil.Config{
			CommonName:   spec.ClientName,
			Organization: spec.ClientCertAuth.Organizations,
			Usages:       []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth},
		},
		NotAfter:            spec.ClientCertNotAfter,
		EncryptionAlgorithm: spec.EncryptionAlgorithm,
	}
}

            description = "Organize your build logic into a Gradle plugin written in Java."
            category = "Build organization"
            common {
                from(templates.gradlePluginInJava)
            }
        }

        conventionPlugins {
            sampleDirectory = samplesRoot.dir("build-organization/multi-project-with-convention-plugins")

				}

				// Assert Organizations
				if spec.ClientCertAuth == nil || !reflect.DeepEqual(spec.ClientCertAuth.Organizations, assertion.organizations) {
					t.Errorf("getKubeConfigSpecs for %s Organizations is %v, expected %v", assertion.kubeConfigFile, spec.ClientCertAuth.Organizations, assertion.organizations)
				}

				// Assert EncryptionAlgorithm

                }
            }
            developers {
                developer {
                    name = "The Gradle team"
                    organization = "Gradle Inc."
                    organizationUrl = "https://gradle.org"
                }
            }
            scm {
                connection = "scm:git:git://github.com/gradle/gradle.git"

		if len(hostnames) == 0 && len(ips) == 0 {
			return nil
		}
		return &x509.CertificateRequest{
			Subject: pkix.Name{
				CommonName:   fmt.Sprintf("system:node:%s", nodeName),
				Organization: []string{"system:nodes"},
			},
			DNSNames:    hostnames,
			IPAddresses: ips,
		}
	}

	m, err := certificate.NewManager(&certificate.Config{
		ClientsetFn:             clientsetFn,

    <contributor>
      <name>Mike Mol (MNG-6665)</name>
    </contributor>
    <contributor>
      <name>Martin Kanters</name>
      <organization>JPoint</organization>
    </contributor>
    <contributor>
      <name>Maarten Mulders</name>
      <organization>Info Support</organization>
    </contributor>
    <contributor>
      <name>Luc Klaassen (MNG-6065)</name>
    </contributor>
    <contributor>

    <url>https://github.com/google/guava</url>
  </scm>
  <developers>
    <developer>
      <id>kevinb9n</id>
      <name>Kevin Bourrillion</name>
      <email>******@****.***</email>
      <organization>Google</organization>
      <organizationUrl>http://www.google.com</organizationUrl>
      <roles>
        <role>owner</role>
        <role>developer</role>
      </roles>
      <timezone>-8</timezone>
    </developer>

    <url>https://github.com/google/guava</url>
  </scm>
  <developers>
    <developer>
      <id>kevinb9n</id>
      <name>Kevin Bourrillion</name>
      <email>******@****.***</email>
      <organization>Google</organization>
      <organizationUrl>http://www.google.com</organizationUrl>
      <roles>
        <role>owner</role>
        <role>developer</role>
      </roles>
      <timezone>-8</timezone>
    </developer>

In that case, it might be convenient to ignore some dependencies because you always want to use the latest version for those.
An example is the internal dependencies in an organization which should always use the latest version as opposed to third party dependencies which have a different upgrade cycle.

WARNING: This feature can break reproducibility and should be used with caution.

	parentUser := "tls" + getKeySeparator() + certificate.Subject.CommonName

	claims[expClaim] = UTCNow().Add(expiry).Unix()
	claims[subClaim] = certificate.Subject.CommonName
	claims[audClaim] = certificate.Subject.Organization
	claims[issClaim] = certificate.Issuer.CommonName
	claims[parentClaim] = parentUser
	secretKey, err := getTokenSigningKey()
	if err != nil {
		writeSTSErrorResponse(ctx, w, ErrSTSInternalError, err)
		return