## 0.117.0 (2025-09-20)

### Features

* ✨  Allow `None` as return type for bodiless responses. PR [#9425](https://github.com/fastapi/fastapi/pull/9425) by [@hofrob](https://github.com/hofrob).
* ✨ Allow array values for OpenAPI schema `type` field. PR [#13639](https://github.com/fastapi/fastapi/pull/13639) by [@sammasak](https://github.com/sammasak).

    * ACTION REQUIRED: The deprecated Kubelet flag `--allow-privileged` has been removed. Remove any use of `--allow-privileged` from your kubelet scripts or manifests.

  /**
   * Returns the escaped form of a given literal string, starting at the given index. This method is
   * called by the {@link #escape(String)} method when it discovers that escaping is required. It is
   * protected to allow subclasses to override the fastpath escaping function to inline their
   * escaping test. See {@link CharEscaperBuilder} for an example usage.
   *

- Update `SmbFile` caching logic to use leases
- Add lease break handling in `SmbTransport`

---

### Phase 2: Persistent Handles
**Priority: HIGH** | **Estimated Effort: 4-5 weeks**

Persistent handles allow connections to survive network interruptions and server failovers.

#### 2.1 Core Persistent Handle Infrastructure
```
Package: jcifs.internal.smb2.persistent

        // is always available in the core and likely always will be, but we may have another ConfigurationProcessor
        // present supplied by the user. The rule is that we only allow the execution of one ConfigurationProcessor.
        // If there is more than one then we execute the one supplied by the user, otherwise we execute the
        // default SettingsXmlConfigurationProcessor.
        //

# specific language governing permissions and limitations
# under the License.

name: Java CI

on:
  push:
    branches: [ master ]
  pull_request:
    branches: [ master ]

# allow single build per branch or PR
concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

# clear all permissions for GITHUB_TOKEN
permissions: {}

env:
  MIMIR_VERSION: 0.11.2

### Replication of DeleteMarker and versioned Delete

   *
   * - Define putIfAbsent and replace as treating zero and absent identically (as currently
   *   implemented below). This is a bit surprising with putIfAbsent, which really becomes
   *   putIfZero.
   *
   * - Allow putIfAbsent and replace to distinguish between zero and absent, but don't implement
   *   remove(K, long). Without any two-phase operations it becomes feasible for all remaining

### CVE-2024-9042: Command Injection affecting Windows nodes via nodes/*/logs/query API

A security vulnerability has been discovered in Kubernetes windows nodes
that could allow a user with the ability to query a node's '/logs' endpoint
to execute arbitrary commands on the host.

**Affected Versions**:
  - kubelet <= v1.29.12
  - kubelet <= v1.30.8
  - kubelet <= v1.31.4

            if (urlElement != null) {
                String url = urlElement.textContent().trim();
                if (url.contains("${")) {
                    // Allow repository URL interpolation; do not disable.
                    // Keep a gentle warning to help users notice unresolved placeholders at build time.
                    String repositoryId = repository.childText("id");