- The name port of the sidecar will also be allowed to be used ([#127976](https://github.com/kubernetes/kubernetes/pull/127976), [@chengjoey](https://github.com/chengjoey)) [SIG Network]

# Headers for API dashboard response.
api.dashboard.response.headers=Referrer-Policy:strict-origin-when-cross-origin
# Allowed origins for CORS.
api.cors.allow.origin=*
# Allowed HTTP methods for CORS.
api.cors.allow.methods=GET, POST, OPTIONS, DELETE, PUT
# Max age for CORS preflight requests.
api.cors.max.age=3600
# Allowed headers for CORS.
api.cors.allow.headers=Origin, Content-Type, Accept, Authorization, X-Requested-With

   * an application-specified ordering of lock acquisitions. The application defines the allowed
   * ordering with an {@code Enum} whose values each correspond to a lock type. The order in which
   * the values are declared dictates the allowed order of lock acquisition. In other words, locks
   * corresponding to smaller values of {@link Enum#ordinal()} should only be acquired before locks

  }

  private static final Object NOT_FOUND = new Object();

  /**
   * Maximum allowed false positive probability of detecting a hash flooding attack given random
   * input.
   */
  @VisibleForTesting(
      )
  static final double HASH_FLOODING_FPP = 0.001;

  /**
   * Maximum allowed length of a hash table bucket before falling back to a j.u.LinkedHashMap-based

            }
        }
    }

    /**
     * Builds role-based query filters using the provided role set.
     * This method adds should clauses for allowed roles and must-not clauses for denied roles.
     *
     * @param roleSet the set of roles to use for filtering
     * @param boolQuery the boolean query builder to add role filters to
     */

    assertThat(read.expectedFpp()).isGreaterThan(0);
  }

  /**
   * This test will fail whenever someone updates/reorders the BloomFilterStrategies constants. Only
   * appending a new constant is allowed.
   */
  // This test ensures that our reliance on the ordering elsewhere is safe.
  @SuppressWarnings("EnumOrdinal")
  public void testBloomFilterStrategies() {

- Allowed `pvc.spec.VolumeAttributesClassName` to change from non-nil to nil. ([#132106](https://github.com/kubernetes/kubernetes/pull/132106), [@AndrewSirenko](https://github.com/AndrewSirenko))

    assertThat(read.expectedFpp()).isGreaterThan(0);
  }

  /**
   * This test will fail whenever someone updates/reorders the BloomFilterStrategies constants. Only
   * appending a new constant is allowed.
   */
  // This test ensures that our reliance on the ordering elsewhere is safe.
  @SuppressWarnings("EnumOrdinal")
  public void testBloomFilterStrategies() {

     * https://groups.google.com/d/topic/google-web-toolkit-contributors/1UEzsryq1XI
     *
     * <p>ASCII characters in the part are expected to be valid per RFC 1035, with underscore also
     * being allowed due to widespread practice.
     */

    String asciiChars = CharMatcher.ascii().retainFrom(part);

    if (!PART_CHAR_MATCHER.matchesAllOf(asciiChars)) {
      return false;
    }

  * PodSecurityPolicy admission sets `podsecuritypolicy.admission.k8s.io/admit-policy` and `podsecuritypolicy.admission.k8s.io/validate-policy` annotations containing the name of the policy that allowed a pod to be admitted. (PodSecurityPolicy also gained the ability to [limit hostPath volume mounts to be read-only](https://kubernetes.i...