- Kube-apiserver: Fixed OIDC discovery document publishing when external service account token signing was enabled. ([#131493](https://github.com/kubernetes/kubernetes/pull/131493), [@hoskeri](https://github.com/hoskeri)) [SIG API Machinery, Auth and Testing]

- Resolves an issue with the "ServiceAccountIssuerDiscovery should support OIDC discovery" conformance test failing on clusters which are configured with issuers outside the cluster ([#101589](https://github.com/kubernetes/kubernetes/pull/101589), [@mtaufen](https://github.com/mtaufen)) [SIG Auth and Testing]

	s.base = base
}

func (s *Slice) Line() int {
	return s.line
}

func (s *Slice) Col() int {
	// TODO: Col is only called when defining a macro and all it cares about is increasing
	// position to discover whether there is a blank before the parenthesis.
	// We only get here if defining a macro inside a macro.
	// This imperfect implementation means we cannot tell the difference between
	//	#define A #define B(x) x
	// and

======================

Square recognizes the important contributions the security research community
can make. We therefore encourage reporting security issues with the code
contained in this repository.

If you believe you have discovered a security vulnerability, please follow the

Square recognizes the important contributions the security research community
can make. We therefore encourage reporting security issues with the code
contained in this repository.

If you believe you have discovered a security vulnerability, please follow the
guidelines at https://bugcrowd.com/squareopensource


## Verifying Artifacts

We sign our artifacts using this [key][signing_key]:

```

    }

    /**
     * Gets the parent URL from which this resource was discovered.
     *
     * @return the parent URL, or null if this is a root URL
     */
    public String getParentUrl() {
        return parentUrl;
    }

    /**
     * Sets the parent URL from which this resource was discovered.
     *
     * @param parentUrl the parent URL to set
     */

- Increase default value of discovery cache TTL for kubectl to 6 hours. ([#107141](https://github.com/kubernetes/kubernetes/pull/107141), [@mk46](https://github.com/mk46))

  protected abstract char @Nullable [] escape(char c);

  /**
   * Returns the escaped form of a given literal string, starting at the given index. This method is
   * called by the {@link #escape(String)} method when it discovers that escaping is required. It is
   * protected to allow subclasses to override the fastpath escaping function to inline their
   * escaping test. See {@link CharEscaperBuilder} for an example usage.
   *

 * to various categories like languages, scopes, and packaging types. This interface is the
 * base for all providers that register such extensions.
 * <p>
 * Implementations of this interface are discovered through the Java ServiceLoader mechanism.
 * Each implementation must be registered in a {@code META-INF/services/} file corresponding
 * to the specific provider interface being implemented.
 * <p>

 * <p>
 * This interface allows plugins and extensions to define and register additional packaging types
 * beyond the standard ones provided by Maven (like jar, war, ear, etc.). Implementations of this
 * interface will be discovered through the Java ServiceLoader mechanism and their provided
 * packaging types will be available throughout the Maven build process.
 * <p>
 * Example usage:
 * <pre>