}
		if !isTokenSelfRevoke && user != parentUser {
			writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrAccessDenied), r.URL)
			return
		}
		user = parentUser
	}

	// Infer token revoke type from the request if requestor is STS.
	if isTokenSelfRevoke && tokenRevokeType == "" && !fullRevoke {
		if cred.IsTemp() {
			tokenRevokeType, _ = cred.Claims[tokenRevokeTypeClaim].(string)
		}

","matcherFromTokens","checkContext","leadingRelative","implicitRelative","matchContext","matchAnyContext","elementMatchers","setMatchers","bySet","byElement","superMatcher","outermost","matchedCount","setMatched","contextBackup","dirrunsUnique","token","compiled","filters","unique","getText","isXML","selectors","until","truncate","is","siblings","n","rneedsContext","rsingleTag","winnow","qualifier","self","rootjQuery","parseHTML","ready","rparentsprev","guaranteedUnique","children","contents","...

			"#endif",
			"C",
		),
		"1234.\n",
	},
	{
		"nested taken/not-taken #ifdef",
		lines(
			"#define A",
			"#ifdef A",
			"#ifdef B",
			"#define C 1234",
			"#else",
			"#define C 5678",
			"#endif",
			"#endif",
			"C",
		),
		"5678.\n",
	},
	{
		"nested not-taken/would-be-taken #ifdef",
		lines(
			"#define B",
			"#ifdef A",
			"#ifdef B",

pkg errors, func Unwrap(error) error
pkg go/constant, func Make(interface{}) Value
pkg go/constant, func Val(Value) interface{}
pkg go/token, func IsExported(string) bool
pkg go/token, func IsIdentifier(string) bool
pkg go/token, func IsKeyword(string) bool
pkg go/types, func CheckExpr(*token.FileSet, *Package, token.Pos, ast.Expr, *Info) error
pkg log, func Writer() io.Writer
pkg log/syslog (netbsd-arm64-cgo), const LOG_ALERT = 1

- When the alpha `LegacyServiceAccountTokenTracking` feature gate is enabled, secret-based service account tokens will have a `kubernetes.io/legacy-token-last-used` applied to them containing the date they were last used. ([#108858](https://github.com/kubernetes/kubernetes/pull/108858), [@zshihang](https://github.com/zshihang)) [SIG API Machinery, Auth and Testing]

### Auth

- Service account tokens now include the JWT Key ID field in their header. ([#78502](https://github.com/kubernetes/kubernetes/pull/78502), [@ahmedtd](https://github.com/ahmedtd))
- The nbf (not before) claim, if present in ID token, is now enforced. ([#81413](https://github.com/kubernetes/kubernetes/pull/81413), [@anderseknert](https://github.com/anderseknert))

","matcherFromTokens","checkContext","leadingRelative","implicitRelative","matchContext","matchAnyContext","elementMatchers","setMatchers","bySet","byElement","superMatcher","outermost","matchedCount","setMatched","contextBackup","dirrunsUnique","token","compiled","filters","unique","getText","isXML","selectors","until","truncate","is","siblings","n","rneedsContext","rsingleTag","winnow","qualifier","self","rootjQuery","parseHTML","ready","rparentsprev","guaranteedUnique","children","contents","...

    }

    @Override
    public NavigableMap<K, Collection<V>> headMap(@ParametricNullness K toKey) {
      return headMap(toKey, false);
    }

    @Override
    public NavigableMap<K, Collection<V>> headMap(@ParametricNullness K toKey, boolean inclusive) {
      return new NavigableAsMap(sortedMap().headMap(toKey, inclusive));
    }

    @Override

ueue_limit","value":"0"},{"key":"max_open_connections","value":"2"}]},"notify_nats":{"_":[{"key":"enable","value":"off"},{"key":"address","value":""},{"key":"subject","value":""},{"key":"username","value":""},{"key":"password","value":""},{"key":"token","value":""},{"key":"tls","value":"off"},{"key":"tls_skip_verify","value":"off"},{"key":"cert_authority","value":""},{"key":"client_cert","value":""},{"key":"client_key","value":""},{"key":"ping_interval","value":"0"},{"key":"jetstream","value":"o...

    }

    /**
     * Sets the time taken for the search in milliseconds.
     * @param tookInMillis The time taken in milliseconds.
     */
    public void setTookInMillis(final long tookInMillis) {
        this.tookInMillis = tookInMillis;
    }

    /**
     * Returns the time taken for the search in milliseconds.
     * @return The time taken in milliseconds.
     */
    public long getTookInMillis() {