*/
  static final LazyLogger log = new LazyLogger(AbstractFuture.class);

  static final boolean GENERATE_CANCELLATION_CAUSES;

  static {
    // System.getProperty may throw if the security policy does not permit access.
    boolean generateCancellationCauses;
    try {
      generateCancellationCauses =
          parseBoolean(System.getProperty("guava.concurrent.generate_cancellation_cause", "false"));

- Windows CSI Support: Enabling containerized CSI node plugins in Windows via new [CSIProxy](https://github.com/kubernetes-csi/csi-proxy)
- Recursive Volume Ownership OnRootMismatch Option: Add a new “OnRootMismatch” policy that can help shorten the mount time for volumes that require ownership change and have many directories and files.

### Other notable announcements

    // Test annotation presence and structure
    public void test_annotationPresence() {
        assertTrue("UriType should be an annotation", UriType.class.isAnnotation());
    }

    // Test annotation retention policy
    public void test_retentionPolicy() {
        final Retention retention = UriType.class.getAnnotation(Retention.class);
        assertNotNull("Retention annotation should be present", retention);

   */
  static final LazyLogger log = new LazyLogger(AbstractFuture.class);

  static final boolean GENERATE_CANCELLATION_CAUSES;

  static {
    // System.getProperty may throw if the security policy does not permit access.
    boolean generateCancellationCauses;
    try {
      generateCancellationCauses =
          parseBoolean(System.getProperty("guava.concurrent.generate_cancellation_cause", "false"));

- Reverted the `DisableNodeKubeProxyVersion` feature gate to default-off to give a full year from deprecation announcement in 1.29 to clearing the field by default, per the [Kubernetes deprecation policy](https://kubernetes.io/docs/reference/using-api/deprecation-policy/). ([#126721](https://github.com/kubernetes/kubernetes/pull/126721), [@liggitt](https://github.com/liggitt)) [SIG Architecture and Node]

### API Change

The following minimal permission policy is needed by admin user setting up replication on the `source`:

```
{
 "Version": "2012-10-17",
 "Statement": [
  {
    "Action": [
        "admin:SetBucketTarget",
        "admin:GetBucketTarget"
    ],

  - [Changelog since v1.29.3](#changelog-since-v1293)
  - [Important Security Information](#important-security-information-2)
    - [CVE-2024-3177: Bypassing mountable secrets policy imposed by the ServiceAccount admission plugin](#cve-2024-3177-bypassing-mountable-secrets-policy-imposed-by-the-serviceaccount-admission-plugin)
  - [Changes by Kind](#changes-by-kind-11)
    - [Feature](#feature-7)
    - [Bug or Regression](#bug-or-regression-8)

- Upgrade Stackdriver Logging Agent addon image to 0.6-1.6.0-1...

### CVE-2023-2728: Bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin

	var rcfg *replication.Config
	if bi.Name != minioMetaBucket {
		vc, err = globalBucketVersioningSys.Get(bi.Name)
		if err != nil {
			return err
		}

		// Check if the current bucket has a configured lifecycle policy
		lc, err = globalLifecycleSys.Get(bi.Name)
		if err != nil && !errors.Is(err, BucketLifecycleNotFound{Bucket: bi.Name}) {
			return err
		}

		// Check if bucket is object locked.