- SELinuxChangePolicy and SELinuxMount graduated to Beta. SELinuxMount stays off by default. ([#130544](https://github.com/kubernetes/kubernetes/pull/130544), [@jsafrane](https://github.com/jsafrane)) [SIG Auth, Node and Storage]

* Support whitespace in command path for gcp auth plugin ([#41653](https://github.com/kubernetes/kubernetes/pull/41653), [@jlowdermilk](https://github.com/jlowdermilk))
* client-go no longer imports GCP OAuth2 and OpenID Connect packages by default. ([#41532](https://github.com/kubernetes/kubernetes/pull/41532), [@ericchiang](https://github.com/ericchiang))

                auth1.equals(auth3);
                auth2.equals(auth3);
            }
            long totalTime = System.nanoTime() - startTime;

            // Should complete in reasonable time (< 10ms for 3000 operations)
            assertTrue(totalTime < 10_000_000L, "Null/empty password comparisons taking too long: " + totalTime + " ns");
        } finally {
            auth1.close();

    - [API-machinery](#api-machinery)
    - [Auth](#auth)
    - [Azure](#azure)
    - [CLI](#cli)
    - [Network](#network)
  - [Before Upgrading](#before-upgrading)
  - [Known Issues](#known-issues)
  - [Deprecations](#deprecations)
  - [Other Notable Changes](#other-notable-changes-13)
    - [Apps](#apps)
    - [AWS](#aws)
    - [Auth](#auth-1)
    - [CLI](#cli-1)

- go.opentelemetry.io/proto/otlp: v0.19.0 → v1.0.0
- golang.org/x/crypto: v0.11.0 → v0.14.0
- golang.org/x/mod: v0.10.0 → v0.12.0
- golang.org/x/net: v0.13.0 → v0.17.0
- golang.org/x/oauth2: v0.8.0 → v0.10.0
- golang.org/x/sync: v0.2.0 → v0.3.0
- golang.org/x/sys: v0.10.0 → v0.13.0
- golang.org/x/term: v0.10.0 → v0.13.0
- golang.org/x/text: v0.11.0 → v0.13.0
- golang.org/x/tools: v0.8.0 → v0.12.0

The client-go credential plugins can now be passed in the current cluster information via the `KUBERNETES_EXEC_INFO` environment variable. Learn more about this on [client-go credential plugins documentation](https://docs.k8s.io/reference/access-authn-authz/authentication/#client-go-credential-plugins/).

### CronJob controller v2 is available through feature gate

    * ルーターの依存関係が先に実行され、その後に[デコレータ内の `dependencies`](dependencies/dependencies-in-path-operation-decorators.md)、次に通常のパラメータ依存関係が続きます。
    * [`scopes` を伴う `Security` 依存関係](../advanced/security/oauth2-scopes.md) を追加することもできます。

/// tip | 豆知識

`APIRouter` に `dependencies` を置くことで、*path operations* のグループ全体に認証を要求する、といった用途に使えます。個々の *path operation* に依存関係を追加していなくても構いません。

///

/// check | 確認

        assertNotEquals(auth1, auth4);
        assertNotEquals(auth1, new Object());
    }

    // Test hashCode method
    @Test
    void testHashCode() {
        NtlmPasswordAuthentication auth1 = new NtlmPasswordAuthentication("DOMAIN", "user", "password");
        NtlmPasswordAuthentication auth2 = new NtlmPasswordAuthentication("DOMAIN", "user", "password");
        assertEquals(auth1.hashCode(), auth2.hashCode());

- Disallow `k8s.io` and `kubernetes.io` namespaced extra key in structured authentication configuration. ([#126553](https://github.com/kubernetes/kubernetes/pull/126553), [@aramase](https://github.com/aramase)) [SIG Auth]

	quarkus/test-framework/junit5/pom.xml
	quarkus/extensions/elytron-security-properties-file/deployment/pom.xml
quarkus/extensions/elytron-security-oauth2/deployment/pom.xml
	quarkus/core/deployment/pom.xml
	quarkus/extensions/elytron-security-oauth2/runtime/pom.xml
	quarkus/extensions/elytron-security/deployment/pom.xml
	quarkus/extensions/jsonp/deployment/pom.xml
	quarkus/test-framework/junit5-internal/pom.xml