name: Smokeshow

on:
  workflow_run:
    workflows: [Test]
    types: [completed]

permissions:
  statuses: write

env:
  UV_SYSTEM_PYTHON: 1

jobs:
  smokeshow:
    runs-on: ubuntu-latest

    steps:
      - name: Dump GitHub context
        env:
          GITHUB_CONTEXT: ${{ toJson(github) }}
        run: echo "$GITHUB_CONTEXT"
      - uses: actions/checkout@v6
      - uses: actions/setup-python@v6

name: Deploy Docs
on:
  workflow_run:
    workflows:
      - Build Docs
    types:
      - completed

permissions:
  deployments: write
  issues: write
  pull-requests: write
  statuses: write

env:
  UV_SYSTEM_PYTHON: 1

jobs:
  deploy-docs:
    runs-on: ubuntu-latest
    steps:
      - name: Dump GitHub context
        env:
          GITHUB_CONTEXT: ${{ toJson(github) }}

`@ExperimentalOkHttpApi`. You can safely use this release in production.

 *  Fix: Attempt to read the response even if sending the request failed. This makes it possible
    to handle response statuses like `HTTP/1.1 431 "Request Header Fields Too Large`.

 *  Fix: Handle multiple 1xx responses.

 *  Fix: Address a performance bug in our internal task runner. We had a race condition that could

- `kube-scheduler`: Pod statuses no longer include specific taint keys or values when scheduling fails due to untolerated taints. ([#134740](https://github.com/kubernetes/kubernetes/pull/134740), [@hoskeri](https://github.com/hoskeri))

vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to perform equivalent validation during pod creation. This allows a compromised node to create mirror pods that access unauthorized dynamic resources, potentially leading to privilege escalation.


**Affected...

- Kube-scheduler: Pod statuses no longer include specific taint keys or values when scheduling fails because of untolerated taints ([#135023](https://github.com/kubernetes/kubernetes/pull/135023), [@hoskeri](https://github.com/hoskeri)) [SIG Scheduling]

vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to perform equivalent validation during pod creation. This allows a compromised node to create mirror pods that access unauthorized dynamic resources, potentially leading to privilege escalation.


**Affected...