// but may cause additional latency to some calls.
	metacacheSharePrefix = false
)

//go:generate msgp -file $GOFILE -unexported

// metacache contains a tracked cache entry.
type metacache struct {
	// do not re-arrange the struct this struct has been ordered to use less
	// space - if you do so please run https://github.com/orijtech/structslop
	// and verify if your changes are optimal.

 * handshakes.
 */
class Handshake internal constructor(
  /**
   * Returns the TLS version used for this connection. This value wasn't tracked prior to OkHttp
   * 3.0. For responses cached by preceding versions this returns [TlsVersion.SSL_3_0].
   */
  @get:JvmName("tlsVersion") val tlsVersion: TlsVersion,
  /** Returns the cipher suite used for the connection. */

    automatically retry on an unshared connection.
 *  Fix: Don't crash if a TLS tunnel's response body is truncated.
 *  Fix: Don't track unusable routes beyond their usefulness. We had a bug where we could track
    certain bad routes indefinitely; now we only track the ones that could be necessary.
 *  Fix: Defer proxy selection until a proxy is required. This saves calls to `ProxySelector` on

    at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
```

You can check a web server's configuration using [Qualys SSL Labs][qualys]. OkHttp's TLS
configuration history is [tracked here](../security/tls_configuration_history.md).

Applications expected to be installed on older Android devices should consider adopting the

   * to produce warnings in that case, and we may change this method to do so in the future. Support
   * for raw {@code Comparable} types in Guava in general is tracked as <a
   * href="https://github.com/google/guava/issues/989">#989</a>.)
   *
   * @throws ClassCastException if the parameters are not mutually comparable
   */

  // the Job becomes eligible to be deleted immediately after it finishes.
  // +optional
  optional int32 ttlSecondsAfterFinished = 8;

  // completionMode specifies how Pod completions are tracked. It can be
  // `NonIndexed` (default) or `Indexed`.
  //
  // `NonIndexed` means that the Job is considered complete when there have
  // been .spec.completions successfully completed Pods. Each Pod completion is

   * to produce warnings in that case, and we may change this method to do so in the future. Support
   * for raw {@code Comparable} types in Guava in general is tracked as <a
   * href="https://github.com/google/guava/issues/989">#989</a>.)
   *
   * @throws ClassCastException if the parameters are not mutually comparable
   */

            !typeProjection.isStarProjection &&
                    typeProjection.type.hasReferenceOtherThan(allowedTypeParameterDescriptors)
        }
    }
}

/**
 * Use-site substitution override are tracked through [CallableDescriptor.getOriginal]. Note that overridden symbols are accessed through
 * [CallableDescriptor.getOverriddenDescriptors] instead, which is separate from [CallableDescriptor.getOriginal].
 */

Other then that, this release contains no other changes from 1.5.4.

The vulnerability is tracked in http://issue.k8s.io/43459.

**Who is affected?**

Only Kubernetes 1.5.0-1.5.4 installations that do all of the following:
* Enable the PodSecurityPolicy API (which is not enabled by default):

## **Notable Features**

Features for this release were tracked via the use of the [kubernetes/features](https://github.com/kubernetes/features) issues repo. Each Feature issue is owned by a Special Interest Group from [kubernetes/community](https://github.com/kubernetes/community)

## Kubefed