*   <li>The {@link Predicate} returned by this method catches {@link ClassCastException} and
   *       {@link NullPointerException}.
   *   <li>Code that chains multiple predicates together (especially negations) may be more readable
   *       using this method. For example, {@code not(in(target))} is generally more readable than
   *       {@code not(target::contains)}.

   *   <li>The {@link Predicate} returned by this method catches {@link ClassCastException} and
   *       {@link NullPointerException}.
   *   <li>Code that chains multiple predicates together (especially negations) may be more readable
   *       using this method. For example, {@code not(in(target))} is generally more readable than
   *       {@code not(target::contains)}.

OkHttp 2.x Change Log
=====================

## Version 2.7.5

_2016-02-25_

 *  Fix: Change the certificate pinner to always build full chains. This
    prevents a potential crash when using certificate pinning with the Google
    Play Services security provider.


## Version 2.7.4

_2016-02-07_

 *  Fix: Don't crash when finding the trust manager if the Play Services (GMS)
    security provider is installed.

    `HandshakeCertificates` holds the TLS certificates required for a TLS handshake. On the server
    it keeps your `HeldCertificate` and its chain. On the client it keeps the root certificates
    that are trusted to sign a server's certificate chain. `HandshakeCertificates` also works with
    mutual TLS where these roles are reversed.

* Upgrade golang version to 1.7.6 ([#46405](https://github.com/kubernetes/kubernetes/pull/46405), [@cblecker](https://github.com/cblecker))
* kube-proxy handling of services with no endpoints now applies to both INPUT and OUTPUT chains, preventing socket leak. ([#43972](https://github.com/kubernetes/kubernetes/pull/43972), [@thockin](https://github.com/thockin))

- Client-go certificate manager rotation gained the ability to preserve optional intermediate chains accompanying issued certificates ([#88744](https://github.com/kubernetes/kubernetes/pull/88744), [@jackkleeman](https://github.com/jackkleeman)) [SIG API Machinery and Auth]

- Updated `kube-proxy` with `nftables` to reject or drop traffic to services with no endpoints from filter chains at priority 0 (`NF_IP_PRI_FILTER`). ([#132456](https://github.com/kubernetes/kubernetes/pull/132456), [@aroradaman](https://github.com/aroradaman))

    - [Deprecation of FlexVolume](#deprecation-of-flexvolume)
    - [Deprecation of klog specific flags](#deprecation-of-klog-specific-flags)
    - [Software Supply Chain SLSA Level 1 Compliance in the Kubernetes Release Process](#software-supply-chain-slsa-level-1-compliance-in-the-kubernetes-release-process)
    - [IPv4/IPv6 Dual-stack Networking graduates to GA](#ipv4ipv6-dual-stack-networking-graduates-to-ga)

they arrived, with a great crowd assembled about them--all sorts
of little birds and beasts, as well as the whole pack of cards:
the Knave was standing before them, in chains, with a soldier on
each side to guard him; and near the King was the White Rabbit,
with a trumpet in one hand, and a scroll of parchment in the
other.  In the very middle of the court was a table, with a large

      endpoints, rather than waiting until all of the terminating
      endpoints have terminated even when those terminating endpoints
      were not being used.
  
    - Chains for endpoints that won't be used are no longer output to
      iptables, saving a bit of memory/time/cpu. (#106373, @aojea) [SIG Network]