* ...及其他.

所有的校验都由完善且强大的 **Pydantic** 处理。

### 安全性及身份验证

集成了安全性和身份认证。杜绝数据库或者数据模型的渗透风险。

OpenAPI 中定义的安全模式，包括：

* HTTP 基本认证。
* **OAuth2** (也使用 **JWT tokens**)。在 [OAuth2 with JWT](tutorial/security/oauth2-jwt.md){.internal-link target=_blank}查看教程。
* API 密钥，在:
    * 请求头。
    * 查询参数。
    * Cookies, 等等。

加上来自 Starlette（包括 **session cookie**）的所有安全特性。

所有的这些都是可复用的工具和组件，可以轻松与你的系统，数据仓库，关系型以及 NoSQL 数据库等等集成。

  * Add `kubectl rollout status`
* Security/Auth
  * L7 LB controller and disk attach controllers run on master, so nodes do not need those privileges.
  * Setting TLS1.2 minimum
  * `kubectl create secret tls` command
  * Webhook Token Authenticator
  * **beta** PodSecurityPolicy objects limits use of security-sensitive features by pods.
* Kubectl
  * Display line number on JSON errors

    private int signSeq;
    private boolean verifyFailed;
    /**
     * Path associated with this SMB message.
     */
    protected String path;
    /**
     * Message signing digest for SMB1 security.
     */
    protected SMB1SigningDigest digest = null;
    private ServerMessageBlock response;

    private final Configuration config;

    private Long expiration;

import java.lang.reflect.ParameterizedType;
import java.lang.reflect.Proxy;
import java.lang.reflect.Type;
import java.lang.reflect.TypeVariable;
import java.lang.reflect.WildcardType;
import java.security.AccessControlException;
import java.util.Arrays;
import java.util.Collection;
import java.util.Map.Entry;
import java.util.Objects;
import java.util.concurrent.atomic.AtomicReference;

    * It will also be used by automatic client code generation tools.

But most importantly:

* It will **limit and filter** the output data to what is defined in the return type.
    * This is particularly important for **security**, we'll see more of that below.

## `response_model` Parameter { #response-model-parameter }

There are some cases where you need or want to return some data that is not exactly what the type declares.

* [fluentd-gcp-scaler addon] Bump fluentd-gcp-scaler to 0.4 to pick up security fixes. ([#67691](https://github.com/kubernetes/kubernetes/pull/67691), [@loburm](https://github.com/loburm))
    * [prometheus-to-sd addon] Bump prometheus-to-sd to 0.3.1 to pick up security fixes, bug fixes and new features.
    * [event-exporter addon] Bump event-exporter to 0.2.3 to pick up security fixes.

    - [Server Binaries](#server-binaries-3)
    - [Node Binaries](#node-binaries-3)
    - [Container Images](#container-images-3)
  - [Changelog since v1.32.7](#changelog-since-v1327)
  - [Important Security Information](#important-security-information)
    - [CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference](#cve-2025-5187-nodes-can-delete-themselves-by-adding-an-ownerreference)
  - [Changes by Kind](#changes-by-kind-3)

.Values.etcd.clientCertKey | toString | b64enc | quote }} {{- end }} {{- end }} minio/templates/securitycontextconst.yaml {{- if and .Values.securityContext.enabled .Values.persistence.enabled (.Capabilities.APIVersions.Has "security.openshift.io/v1") }} apiVersion: security.openshift.io/v1 kind: SecurityContextConst metadata: name: {{ template "minio.fullname" . }} labels: app: {{ template "minio.name" . }} chart: {{ template "minio.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service...

    val httpmime = "org.apache.httpcomponents:httpmime"
    val jacksonKotlin = "com.fasterxml.jackson.module:jackson-module-kotlin"
    val jetty = "org.eclipse.jetty:jetty-http"
    val jettySecurity = "org.eclipse.jetty:jetty-security"
    val jettyServer = "org.eclipse.jetty:jetty-server"
    val jettyServlet = "org.eclipse.jetty:jetty-servlet"
    val jettyUtil = "org.eclipse.jetty:jetty-util"
    val jettyWebApp = "org.eclipse.jetty:jetty-webapp"

    - [Server Binaries](#server-binaries)
    - [Node Binaries](#node-binaries)
    - [Container Images](#container-images)
  - [Changelog since v1.24.16](#changelog-since-v12416)
  - [Important Security Information](#important-security-information)
    - [CVE-2023-3676: Insufficient input sanitization on Windows nodes leads to privilege escalation](#cve-2023-3676-insufficient-input-sanitization-on-windows-nodes-leads-to-privilege-escalation)