- During device plugin allocation, resources requested by the pod can only be allocated if the device plugin has registered itself to kubelet AND healthy devices are present on the node to be allocated. If these conditions are not satisfied, the pod would fail with `UnexpectedAdmissionError` error. ([#116376](https://github.com/kubernetes/kubernetes/pull/116376), [@swatisehgal](https://github.com/swatisehgal)) [SIG Node and Testing]

* kubeadm: the kubeadm init output now provides join control-plane example only when the preconditions for joining a control plane are satisfied ([#75420](https://github.com/kubernetes/kubernetes/pull/75420), [@fabriziopandini](https://github.com/fabriziopandini))

    * EBS on AWS, and Cinder on OpenStack). In previous versions of Kubernetes
    * a PersistentVolumeClaim without a StorageClass annotation on these cloud
    * platforms would be satisfied by manually-created PersistentVolume objects.
    * Administrators can choose to disable this behavior by deleting the automatically
    * installed StorageClass API object. Alternatively, administrators may choose to

  
  This behavior is limited to Jobs with `.spec.podFailurePolicy` set, and only when those two feature
  gates are both enabled.
  If either of these requirements is not satisfied, the Job controller counts a terminating Pod as an immediate

utility functions. Allowing them to be optional. Also allowing to have multiple alternative security schemes that are then checked in a single dependency instead of each one verifying and returning the error to the client automatically when not satisfied. PR [#134](https://github.com/tiangolo/fastapi/pull/134).

* Update [SQL Tutorial](https://fastapi.tiangolo.com/tutorial/sql-databases/#create-a-middleware-to-handle-sessions) to close database sessions even when there are exceptions....

Exhibit A - Form of Secondary Licenses Notice

"This Source Code may also be made available under the following
Secondary Licenses when the conditions for such availability set forth
in the Eclipse Public License, v. 2.0 are satisfied: {name license(s),
version(s), and exceptions or additional permissions here}."

  Simply including a copy of this Agreement, including this Exhibit A

as // defined in RFC 7627 and allowed by SP 800-135, Revision 1, Section 4.2.2. func MasterSecret[H hash.Hash](hash func() H, preMasterSecret, transcript []byte) []byte { // "The TLS 1.2 KDF is an approved KDF when the following conditions are // satisfied: [...] (3) P_HASH uses either SHA-256, SHA-384 or SHA-512." h := hash() switch any(h).(type) { case *sha256.Digest: if h.Size() != 32 { fips140.RecordNonApproved() } case *sha512.Digest: if h.Size() != 46 && h.Size() != 64 { fips140.RecordNonApproved()...

// defined in RFC 7627 and allowed by SP 800-135, Revision 1, Section 4.2.2. func MasterSecret[H fips140.Hash](hash func() H, preMasterSecret, transcript []byte) []byte { // "The TLS 1.2 KDF is an approved KDF when the following conditions are // satisfied: [...] (3) P_HASH uses either SHA-256, SHA-384 or SHA-512." h := hash() switch any(h).(type) { case *sha256.Digest: if h.Size() != 32 { fips140.RecordNonApproved() } case *sha512.Digest: if h.Size() != 46 && h.Size() != 64 { fips140.RecordNonApproved()...