* make using service account credentials from controllers optional ([#35970](https://github.com/kubernetes/kubernetes/pull/35970), [@deads2k](https://github.com/deads2k))
* AWS: strong-typing for k8s vs aws volume ids ([#35883](https://github.com/kubernetes/kubernetes/pull/35883), [@justinsb](https://github.com/justinsb))

    # Return some error
    ...
```

But by using the `secrets.compare_digest()` it will be secure against a type of attacks called "timing attacks".

### Timing Attacks { #timing-attacks }

But what's a "timing attack"?

Let's imagine some attackers are trying to guess the username and password.

And they send a request with a username `johndoe` and a password `love123`.

				// Next loop will catch it.
			case <-pingTimer:
				if !m.doPing(respHandler) {
					return
				}
				goto sendResp
			}
		case <-pingTimer:
			if !m.doPing(respHandler) {
				return
			}
		}
	}
}

// doPing checks last ping time and sends another ping.
func (m *muxClient) doPing(respHandler chan<- Response) (ok bool) {
	m.respMu.Lock()
	if m.closed {

	success := lm.unlock(isWriteLock)
	if !success {
		panic("Trying to Unlock() while no Lock() is active")
	}
}

// RUnlock releases a read lock held on lm.
//
// It is a run-time error if lm is not locked on entry to RUnlock.
func (lm *LRWMutex) RUnlock() {
	isWriteLock := false
	success := lm.unlock(isWriteLock)
	if !success {
		panic("Trying to RUnlock() while no RLock() is active")
	}
}

        the time to discuss them in detail will make it much clearer why this feature should be
        added to Guava.


        Please fill out the following fields to give us a better understanding of your proposed
        feature and its potential value for other Guava users.

  - type: textarea
    attributes:
      label: 1. What are you trying to do?
    validations:

        MaskedTensor(tf.experimental.ExtensionType): values: tf.Tensor mask:
        tf.Tensor` The `tf.ExtensionType` base class works similarly to
        [`typing.NamedTuple`](https://docs.python.org/3/library/typing.html#typing.NamedTuple)
        and
        [`@dataclasses.dataclass`](https://docs.python.org/3/library/dataclasses.html#dataclasses.dataclass)
        from the standard Python library.

The word **process** is normally used in a more specific way, only referring to the thing that is running in the operating system (like in the last point above):

* A particular program while it is **running** on the operating system.
    * This doesn't refer to the file, nor to the code, it refers **specifically** to the thing that is being **executed** and managed by the operating system.

    # Devuelve algún error
    ...
```

Pero al usar `secrets.compare_digest()` será seguro contra un tipo de ataques llamados "timing attacks".

### Timing attacks { #timing-attacks }

¿Pero qué es un "timing attack"?

Imaginemos que algunos atacantes están tratando de adivinar el nombre de usuario y la contraseña.

        new Dependency().equals(new Dependency());
    }

    @Test
    void testEqualsIdentity() {
        Dependency thing = new Dependency();
        assertTrue(thing.equals(thing), "Expected " + thing + " to equal " + thing);
    }

    @Test
    void testToStringNullSafe() {
        assertNotNull(new Dependency().toString());
    }

        new DistributionManagement().equals(new DistributionManagement());
    }

    @Test
    void testEqualsIdentity() {
        DistributionManagement thing = new DistributionManagement();
        assertTrue(thing.equals(thing), "Expected " + thing + " to equal " + thing);
    }

    @Test
    void testToStringNullSafe() {
        assertNotNull(new DistributionManagement().toString());
    }