// Some ZIP writers use UTF-8 encoding without setting the UTF-8 flag.
		// Since it is impossible to always distinguish valid UTF-8 from some
		// other encoding (e.g., GBK or Shift-JIS), we trust the flag.
		f.NonUTF8 = f.Flags&0x800 == 0
	}

	needUSize := f.UncompressedSize == ^uint32(0)
	needCSize := f.CompressedSize == ^uint32(0)
	needHeaderOffset := f.headerOffset == int64(^uint32(0))

#     rbe_linux_cuda:                 RBE options to build with GPU support using clang.
#     rbe_linux_cuda_nvcc:            RBE options to build with GPU support using nvcc.
#
# Embedded Linux options (experimental and only tested with TFLite build yet)
#     elinux:          General Embedded Linux options shared by all flavors.
#     elinux_aarch64:  Embedded Linux options for aarch64 (ARM64) CPU support.

  }

  /**
   * Removes, from an iterable, every element that satisfies the provided predicate.
   *
   * <p>Removals may or may not happen immediately as each element is tested against the predicate.
   * The behavior of this method is not specified if {@code predicate} is dependent on {@code
   * removeFrom}.
   *

 * <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.1">defined by HTTP/1.1</a>.
 * As such, the {@code *} character is treated as a wildcard and is used to represent any acceptable
 * type or subtype value. A media type may not have wildcard type with a declared subtype. The

                return new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE);
            } catch (final Exception e) {
                logger.warn("Failed to create SSL context with trust-all strategy: property={}", IGNORE_SSL_CERTIFICATE_PROPERTY, e);
            }
        }
        return SSLConnectionSocketFactory.getSocketFactory();
    }

    /**

     * input before using it in LDAP search filters to prevent LDAP injection vulnerabilities.
     *
     * @param filter the LDAP search filter to escape (null is treated as empty string)
     * @return the escaped filter string safe for use in LDAP queries (empty string if filter is null)

- Kube-controller-manager: the `horizontal-pod-autoscaler-upscale-delay`...

  - Health check (liveness & readiness) probes using an HTTPGetAction will no longer follow redirects to different hostnames from the original probe request. Instead, these non-local redirects will be treated as a Success (the documented behavior). In this case an event with reason "ProbeWarning" will be generated, indicating that the redirect was ignored. If you were previously relying on the redirect to run health checks against different endpoints,...

          .build(),
      )
    }
  }

  private fun testServerClosesOutput(mockResponse: MockResponse) {
    server.enqueue(mockResponse)
    val responseAfter = MockResponse(body = "This comes after a busted connection")
    server.enqueue(responseAfter)
    server.enqueue(responseAfter) // Enqueue 2x because the broken connection may be reused.
    val response1 = getResponse(newRequest("/a"))
    response1.body

### CVE-2022-3294: Node address isn't always verified when proxying

A security issue was discovered in Kubernetes where users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can to modify Node objects and send requests proxying through them.